--------------- QuickDiag | g3n-h@ckm@n | 2_24.07.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 27/07/2016 23:02:58 Updated 24/07/2016 | 08.15 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Nour (Administrator)] - [NOUR] (S-1-5-21-115953588-1755372066-384823517) System: Microsoft Windows 10 Famille - - (10.0.10586) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\Windows|\Device\Harddisk0\Partition4 Boot : Normal boot PC: MS-7817 - MSI - IdNumber: To be filled by O.E.M. - UUID: 00000000-0000-0000-0000-D8CB8AE8F260 Processor : X64 - 3200 Mhz - Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz V17.5 - en|US|iso8859-1 - American Megatrends Inc. - S/N: To be filled by O.E.M. - V17.5 - ALASKA - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_1462D817&REV_1003\4&2F4D5061&0&0001 AMD High Definition Audio Device - Status: OK - Manufacturer: Advanced Micro Devices - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1005\5&1C3C3B2A&2&0001 Logitech G430 Gaming Headset - Status: OK - Manufacturer: Logitech Headset G series - PNPDeviceID: USB\VID_046D&PID_0A4D&MI_00\6&1EE67042&0&0000 ---------- | Video AMD Radeon (TM) R9 390 Series - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,amdxc64.dll,aticfx32,aticfx32,aticfx32,amdxc32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_67B1&SUBSYS_E324174B&REV_80\4&1610F4F8&0&0008 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: -1048576 Inegrated Video Chipset DeviceName: AMD Radeon (TM) R9 390 Series - DriverVersion: 8.14.01.6512 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\frapsv64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 105984 - Manufacturer: Beepa P/L - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34632 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25344 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27136 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:3 % CPU #2 value:0 % CPU #3 value:3 % CPU #4 value:0 % Total Overall CPU Usage value:0 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:3,079,042 bytes/sec / RECVD:3,079,042 bytes/sec Connexion au réseau local* 2 : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.Belkin : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:3,079,042 bytes/sec, / RECEIVE Maximum:3,079,042 bytes/sec Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_78171462&REV_0C\4&2BCECA6C&0&00E2 Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Microsoft ISATAP Adapter - - - Status: - PnPID : Microsoft Teredo Tunneling Adapter - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE Microsoft 6to4 Adapter - - - Status: - PnPID : Microsoft ISATAP Adapter - - - Status: - PnPID : Microsoft ISATAP Adapter #2 - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\ISATAP_1 ---------- | Memory RAM = Total (MB) : 8330 | Free (MB) : 5078 Pagefile = Total (MB) : 15146 | Free (MB) : 11217 Virtual = Total (MB) : 4194 | Free (MB) : 3948 Physical Memory 0 : Capacity: 4294967296 - ChannelA-DIMM0 - Posit.: - Manufacturer: 1315 - PartNumber: BLS4G3D1609DS1S00. - S/N: 40490632 Physical Memory 2 : Capacity: 4294967296 - ChannelB-DIMM0 - Posit.: - Manufacturer: 1315 - PartNumber: BLS4G3D1609DS1S00. - S/N: 40490D6F ---------- | SID Users Administrateur : [S-1-5-21-115953588-1755372066-384823517-500] DefaultAccount : [S-1-5-21-115953588-1755372066-384823517-503] Invité : [S-1-5-21-115953588-1755372066-384823517-501] Nour : [S-1-5-21-115953588-1755372066-384823517] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | Drives C:\ -> [Fixed] | [] | Total : 930.96 Go | Free : 207.92 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZRZ-00Z5HB0\4&34849723&0&000000 ---------- | Windows updates No detected update !!! Windows Is Activated ---------- | Browsers IE : 11.0.10586.494 (© Microsoft Corporation. Tous droits réservés.) FF : 47.0.1.6018 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 51.0.2704.103 (Copyright 2015 Google Inc.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" %1 ---------- | FlashPlayer FlashPlayer ActiveX : 22.0.0.209 ---------- | Security AV : Windows Defender Disabled AS : Windows Defender Disabled AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 18/05/2016 23:37:52] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 340 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.10586.0) = C:\Windows\System32\smss.exe [30/10/2015 09:18:03] CPU Usage:0 % 596 | [Owner : | Parent : 472() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.10586.306) = C:\Windows\System32\wininit.exe [11/05/2016 11:39:18] CPU Usage:0 % 672 | [Owner : | Parent : 596(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.10586.71) = C:\Windows\System32\services.exe [13/02/2016 14:52:08] CPU Usage:0 % 680 | [Owner : | Parent : 596(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.10586.0) = C:\Windows\System32\lsass.exe [30/10/2015 09:18:03] CPU Usage:0 % 792 | [Owner : | Parent : 588() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.10586.306) = C:\Windows\System32\winlogon.exe [11/05/2016 11:39:27] CPU Usage:0 % 836 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 896 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 88 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 308 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 476 | [Owner : | Parent : 672(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (6.14.11.1226) = C:\Windows\System32\atiesrxx.exe [15/07/2016 21:25:50] CPU Usage:0 % 1068 | [Owner : | Parent : 476(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (6.14.11.1226) = C:\Windows\System32\atieclxx.exe [15/07/2016 21:25:48] CPU Usage:0 % 1152 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1160 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1168 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1272 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1500 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1740 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.10586.122) = C:\Windows\System32\spoolsv.exe [08/04/2016 21:58:57] CPU Usage:0 % 1824 | [Owner : | Parent : 672(services.exe) | ?????] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - (15.0.17.264) = C:\Program Files (x86)\Avira\Antivirus\sched.exe [08/04/2016 22:53:51] CPU Usage:0 % 1220 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2124 | [Owner : | Parent : 672(services.exe) | ?????] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - (15.0.17.264) = C:\Program Files (x86)\Avira\Antivirus\avguard.exe [08/04/2016 22:53:50] CPU Usage:0 % 2252 | [Owner : | Parent : 672(services.exe) | ?????] - (.Logitech Inc. - Logitech Surround Sound Service.) - (8.81.15.0) = C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [18/02/2016 01:10:50] CPU Usage:0 % 2304 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2316 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2380 | [Owner : | Parent : 672(services.exe) | ?????] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) - (1.1.67.18988) = C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [11/07/2016 11:01:40] CPU Usage:0 % 2388 | [Owner : | Parent : 672(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Windows\SysWOW64\PnkBstrA.exe [17/06/2016 02:58:24] CPU Usage:0 % 2416 | [Owner : | Parent : 672(services.exe) | ?????] - (.TeamViewer GmbH - TeamViewer 11.) - (11.0.59131.0) = C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11/05/2016 23:58:10] CPU Usage:0 % 2424 | [Owner : | Parent : 672(services.exe) | ?????] - (.Advanced Micro Devices - AMD ACP Binaries.) - (2016.708.1501.43) = C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [08/07/2016 15:03:00] CPU Usage:0 % 3504 | [Owner : Nour | Parent : 88(svchost.exe) | 17.87 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10586.0) = C:\Windows\System32\sihost.exe [30/10/2015 09:18:01] CPU Usage:0 % 3916 | [Owner : Nour | Parent : 3784() | 99.18 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe [13/07/2016 18:09:02] CPU Usage:0 % 3132 | [Owner : Nour | Parent : 836(svchost.exe) | 63.37 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.10586.494) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [13/07/2016 18:09:11] CPU Usage:0 % 3540 | [Owner : Nour | Parent : 836(svchost.exe) | 38.56 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe [30/10/2015 09:17:51] CPU Usage:0 % 3676 | [Owner : Nour | Parent : 836(svchost.exe) | 98.28 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.10586.494) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [13/07/2016 18:07:21] CPU Usage:0 % 4204 | [Owner : Nour | Parent : 836(svchost.exe) | 12.62 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.10586.0) = C:\Windows\System32\dllhost.exe [30/10/2015 09:17:51] CPU Usage:0 % 4344 | [Owner : | Parent : 672(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.10586.494) = C:\Windows\System32\SearchIndexer.exe [13/07/2016 18:08:33] CPU Usage:0 % 876 | [Owner : Nour | Parent : 836(svchost.exe) | 2.64 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.10586.494) = C:\Windows\System32\SettingSyncHost.exe [13/07/2016 18:08:34] CPU Usage:0 % 2752 | [Owner : Nour | Parent : 3916(explorer.exe) | 32.28 Mo] - (.Logitech Inc. - Logitech Gaming Framework.) - (8.81.15.0) = C:\Program Files\Logitech Gaming Software\LCore.exe [18/02/2016 01:04:08] CPU Usage:0 % 2120 | [Owner : Nour | Parent : 3916(explorer.exe) | 11.84 Mo] - (.Advanced Micro Devices, Inc. - Radeon Settings: Host Application.) - (10.1.1.1633) = C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [08/07/2016 15:31:58] CPU Usage:0 % 1092 | [Owner : Nour | Parent : 3916(explorer.exe) | 25.1 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6390.509) = C:\Users\Nour\AppData\Local\Microsoft\OneDrive\OneDrive.exe [08/04/2016 23:51:00] CPU Usage:0 % 3576 | [Owner : Nour | Parent : 3916(explorer.exe) | 2.35 Mo] - (.- puush.) - (1.0.0.0) = C:\Program Files (x86)\puush\puush.exe [10/01/2012 14:41:46] CPU Usage:0 % 5152 | [Owner : Nour | Parent : 3916(explorer.exe) | 6.81 Mo] - (.Spotify Ltd - SpotifyWebHelper.) - (1.0.32.96) = C:\Users\Nour\AppData\Roaming\Spotify\SpotifyWebHelper.exe [09/07/2016 04:53:08] CPU Usage:0 % 5304 | [Owner : | Parent : 2124(avguard.exe) | ?????] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) - (15.0.17.273) = C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [08/04/2016 22:53:50] CPU Usage:0 % 5332 | [Owner : | Parent : 5184() | 5.6 Mo] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) - (15.0.17.264) = C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [08/04/2016 22:53:50] CPU Usage:0 % 5388 | [Owner : Nour | Parent : 5184() | 66.53 Mo] - (.Dropbox, Inc. - Dropbox.) - (6.4.14.0) = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11/07/2016 19:57:52] CPU Usage:0 % 5456 | [Owner : Nour | Parent : 2380(Avira.ServiceHost.exe) | 4.03 Mo] - (.Avira Operations GmbH & Co. KG - Avira Launcher.) - (1.1.67.18988) = C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [11/07/2016 11:03:10] CPU Usage:0 % 5468 | [Owner : Nour | Parent : 5184() | 31.63 Mo] - (.- ProductUpdater.) - (1.0.3.0) = C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [03/06/2016 08:55:17] CPU Usage:0 % 5480 | [Owner : Nour | Parent : 5184() | 6.45 Mo] - (.- Monitor.) - (1.0.0.1) = C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE [05/07/2016 13:17:12] CPU Usage:0 % 6000 | [Owner : | Parent : 1168(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.10586.218) = C:\Windows\System32\audiodg.exe [14/04/2016 01:31:38] CPU Usage:2 % 5136 | [Owner : Nour | Parent : 88(svchost.exe) | 10.6 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe [30/10/2015 09:17:43] CPU Usage:0 % 5912 | [Owner : Nour | Parent : 672(services.exe) | 27.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2104 | [Owner : Nour | Parent : 836(svchost.exe) | 8.98 Mo] - (.-.) - (10.1.2123.36) = C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe [19/04/2016 19:42:39] CPU Usage:0 % 2400 | [Owner : Nour | Parent : 3916(explorer.exe) | 73.28 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (3.53.1.42) = C:\Program Files (x86)\Steam\Steam.exe [04/06/2015 23:11:32] CPU Usage:0 % 6596 | [Owner : Nour | Parent : 2400(Steam.exe) | 56.99 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (3.53.1.42) = C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [09/04/2016 01:02:31] CPU Usage:0 % 6656 | [Owner : | Parent : 672(services.exe) | ?????] - (.Valve Corporation - Steam Client Service.) - (3.53.1.42) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe [09/04/2016 01:00:56] CPU Usage:0 % 7232 | [Owner : Nour | Parent : 6596(steamwebhelper.exe) | 100.46 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (3.53.1.42) = C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [09/04/2016 01:02:31] CPU Usage:0 % 7748 | [Owner : Nour | Parent : 6596(steamwebhelper.exe) | 25.2 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (3.53.1.42) = C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [09/04/2016 01:02:31] CPU Usage:0 % 6840 | [Owner : Nour | Parent : 3916(explorer.exe) | 69.31 Mo] - (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) - (3.0.19.4) = C:\Program Files (x86)\TeamSpeak 3\ts3client_win64.exe [01/04/2016 12:13:42] CPU Usage:0 % 6472 | [Owner : Nour | Parent : 1140() | 86.04 Mo] - (.WhatsApp - WhatsApp.) - (1.2.3.0) = C:\Users\Nour\AppData\Local\WhatsApp\app-0.2.1061\WhatsApp.exe [11/07/2016 00:22:09] CPU Usage:0 % 7048 | [Owner : Nour | Parent : 6472(WhatsApp.exe) | 10.21 Mo] - (.WhatsApp - WhatsApp.) - (1.2.3.0) = C:\Users\Nour\AppData\Local\WhatsApp\app-0.2.1061\WhatsApp.exe [11/07/2016 00:22:09] CPU Usage:0 % 4132 | [Owner : Nour | Parent : 6472(WhatsApp.exe) | 74.66 Mo] - (.WhatsApp - WhatsApp.) - (1.2.3.0) = C:\Users\Nour\AppData\Local\WhatsApp\app-0.2.1061\WhatsApp.exe [11/07/2016 00:22:09] CPU Usage:0 % 8096 | [Owner : Nour | Parent : 6472(WhatsApp.exe) | 143.23 Mo] - (.WhatsApp - WhatsApp.) - (1.2.3.0) = C:\Users\Nour\AppData\Local\WhatsApp\app-0.2.1061\WhatsApp.exe [11/07/2016 00:22:09] CPU Usage:0 % 2888 | [Owner : Nour | Parent : 3916(explorer.exe) | 171.49 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 7724 | [Owner : Nour | Parent : 2888(chrome.exe) | 6.18 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 852 | [Owner : Nour | Parent : 2888(chrome.exe) | 57.1 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 6088 | [Owner : Nour | Parent : 2888(chrome.exe) | 47.5 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 7908 | [Owner : Nour | Parent : 2888(chrome.exe) | 89.83 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 7064 | [Owner : Nour | Parent : 2888(chrome.exe) | 139.99 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 4304 | [Owner : Nour | Parent : 2888(chrome.exe) | 228.2 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 1732 | [Owner : Nour | Parent : 2888(chrome.exe) | 53.8 Mo] - (.-.) - (3.2.4.0) = C:\Program Files (x86)\qBittorrent\qbittorrent.exe [10/10/2015 14:15:42] CPU Usage:2 % 808 | [Owner : Nour | Parent : 2888(chrome.exe) | 74.76 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 6740 | [Owner : Nour | Parent : 2888(chrome.exe) | 113.9 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 7100 | [Owner : | Parent : 4344(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.10586.494) = C:\Windows\System32\SearchProtocolHost.exe [13/07/2016 18:08:28] CPU Usage:0 % 2908 | [Owner : Système | Parent : 4344(SearchIndexer.exe) | 5.39 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.10586.494) = C:\Windows\System32\SearchFilterHost.exe [13/07/2016 18:08:23] CPU Usage:0 % 7988 | [Owner : Nour | Parent : 3916(explorer.exe) | 32.46 Mo] - (.Microsoft Corporation - Gestionnaire des tâches.) - (10.0.10586.494) = C:\Windows\System32\Taskmgr.exe [13/07/2016 18:08:31] CPU Usage:0 % 1996 | [Owner : Nour | Parent : 2888(chrome.exe) | 43.98 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.103) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [09/04/2016 00:18:49] CPU Usage:0 % 4700 | [Owner : Nour | Parent : 3916(explorer.exe) | 27.32 Mo] - (.SosVirus - QuickDiag.) - (24.7.2016.1) = C:\Users\Nour\Desktop\QuickDiag.exe [27/07/2016 23:02:48] CPU Usage:0 % ---------- | MD5 [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [13/07/2016 18:09:02] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4409.43 Ko] - (10.0.10586.494) : C:\Windows\Explorer.exe [MD5.41E25E514D90E9C8BC570484DBAFF62B] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [228.5 Ko] - (10.0.10586.0) : C:\Windows\System32\cmd.exe [MD5.3E7CCD0F507877C50078205667CE8133] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.10586.0) : C:\Windows\System32\csrss.exe [MD5.9513834DAC717444F04169EA5D120885] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - COM Surrogate.) - [18.34 Ko] - (10.0.10586.0) : C:\Windows\System32\dllhost.exe [MD5.1C9C6933A94C594DE7366124B4DD6075] - [30/10/2015 09:17:46] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [689.05 Ko] - (10.0.10586.0) : C:\Windows\System32\Kernel32.dll [MD5.889459F1FDDC5EC58B437AA6C436F33F] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.55 Ko] - (10.0.10586.0) : C:\Windows\System32\lsass.exe [MD5.B339861C6A2A86FBCA67C2006B461473] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [883.5 Ko] - (10.0.10586.0) : C:\Windows\System32\rpcss.dll [MD5.0DCB89B1F3689BC6262FF30BBD603171] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [58 Ko] - (10.0.10586.0) : C:\Windows\System32\rundll32.exe [MD5.6FF8248F3A9D69A095C7F3F42BC29CB2] - [13/02/2016 14:52:08] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [429.84 Ko] - (10.0.10586.71) : C:\Windows\System32\services.exe [MD5.8497852ED44AFF902D502015792D315D] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [42.91 Ko] - (10.0.10586.0) : C:\Windows\System32\svchost.exe [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [11/05/2016 11:39:23] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1366.43 Ko] - (10.0.10586.306) : C:\Windows\System32\user32.dll [MD5.8F3ECCB5DC878FA14887B43CD148CBA9] - [30/10/2015 09:17:53] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (10.0.10586.0) : C:\Windows\System32\userinit.exe [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [11/05/2016 11:39:18] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [284.53 Ko] - (10.0.10586.306) : C:\Windows\System32\Wininit.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [11/05/2016 11:39:27] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [572 Ko] - (10.0.10586.306) : C:\Windows\System32\Winlogon.exe [MD5.70148EFA9A562E7185B75BBE7D376BF7] - [13/02/2016 14:52:13] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [565.34 Ko] - (10.0.10586.3) : C:\Windows\System32\Drivers\afd.sys [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\atapi.sys [MD5.B6664965BF346322BBDF286174851476] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [188.34 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\ataport.sys [MD5.7F9C7226D743B232907ED2537B8A574F] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90.5 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\cdfs.sys [MD5.82D97776BF982AA143BDC7DFB5054EA8] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169.5 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\cdrom.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [14/04/2016 01:31:24] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145 Ko] - (10.0.10586.212) : C:\Windows\System32\Drivers\dfsc.sys [MD5.84BC034B6BB763733C1949B7B9BAF976] - [30/10/2015 09:17:18] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [78 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [112 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - [30/10/2015 09:17:43] - (.© Microsoft Corporation. - IP Network Address Translator.) - [140 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\ipnat.sys [MD5.0B3B0C1D86050355676640488FA897D3] - [08/04/2016 21:58:50] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [420.84 Ko] - (10.0.10586.122) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.E582DA849A58524E645545FB68B6625D] - [14/04/2016 01:31:26] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1125.84 Ko] - (10.0.10586.212) : C:\Windows\System32\Drivers\ndis.sys [MD5.C03E926B0E7D66D68994067231DC3246] - [15/06/2016 13:15:20] - (.© Microsoft Corporation. - MBT Transport driver.) - [272 Ko] - (10.0.10586.420) : C:\Windows\System32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [14/04/2016 01:31:46] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2101.84 Ko] - (10.0.10586.212) : C:\Windows\System32\Drivers\ntfs.sys [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\parport.sys [MD5.E3C82823B22463BC38AA4F8ADA852624] - [08/04/2016 21:58:32] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.10586.122) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - [30/10/2015 09:19:42] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [169 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\rdpdr.sys [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [13/07/2016 18:07:17] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2346.84 Ko] - (10.0.10586.494) : C:\Windows\System32\Drivers\tcpip.sys [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - [13/02/2016 14:52:13] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.10586.3) : C:\Windows\System32\Drivers\tdx.sys [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [404.84 Ko] - (10.0.10586.0) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\CoreUIComponents.dll (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (8.17.10.1460) -- C:\Windows\SYSTEM32\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (8.14.1.6512) -- C:\Windows\SYSTEM32\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (8.17.10.671) -- C:\Windows\SYSTEM32\atidxx64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.0.34) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll (..-..) - (1.2.502.0) -- C:\Users\Nour\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.31.0.0) -- C:\Program Files\WinRAR\rarext.dll (.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll (.Avira Operations GmbH & Co. KG.-.AntiVirus context menu.) - (15.0.17.264) -- C:\Program Files (x86)\Avira\Antivirus\shlext64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Logitech Inc..-.Logitech RenderAPO.) - (8.81.12.0) -- C:\Windows\system32\RenderAPO.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\Nour\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour Steam - ("C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour puush - (C:\Program Files (x86)\puush\puush.exe [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour DAEMON Tools Lite Automount - ("C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour DS3 Tool - (C:\Program Files (x86)\MotionInJoy\DS3_Tool.exe -mini [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour Skype - ("C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour EADM - ("C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour Discord - (C:\Users\Nour\AppData\Local\Discord\app-0.0.291\Discord.exe [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour Spotify Web Helper - ("C:\Users\Nour\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour Spotify - ("C:\Users\Nour\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour BlueStacks Agent - (C:\Program Files (x86)\Bluestacks\HD-Agent.exe [HKU\S-1-5-21-115953588-1755372066-384823517-1001\...\Run]) - User: NOUR\Nour Launch LCore - (C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [HKLM\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\...\Run]) - User: Public StartCN - ("C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon [HKLM\...\Run]) - User: Public [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe /minimized "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "StartCN"="C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Launch LCore"=0x020000000000000000000000 "StartCN"=0x020000000000000000000000 "RTHDVCPL"=0x030000006D10FE2CF4D3D101 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min "Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [11/07/2016 10:58:56] "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup "ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [03/06/2016 08:55:17] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Gaming Keyboard"="C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=0065e464-7f74-4a6d-ad01-cc2a293 "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "PendingFileRenameOperations"=\??\C:\Program Files (x86)\Avira\Antivirus\aeoffice.dll.tmp \??\C:\Program Files (x86)\Avira\Antivirus\aescript.dll.tmp [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=0 "DirtyShutdownCount"=22 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x40 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [08/04/2016 23:48:51] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=680 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 ---------- | .LNK C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Administrateur\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk (/SendTo) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Nour\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70f62c6a7f1739bd\pinned.lnk (%systemRoot%\system32\shell32.dll,Options_RunDLL 1) C:\Users\Nour\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c723bb07b37c8bfc\battlestick.lnk (--user-data-dir="C:\Users\Nour\AppData\Local\battlestick\User Data" --profile-directory=Default --app-id=fdodfmklpdoehloepcbbmoopdmoblpnd) C:\Users\Nour\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Nour\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) C:\Users\Nour\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk (--sendto) C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk (--processStart Discord.exe) C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk (--processStart WhatsApp.exe) C:\Users\Nour\Desktop\WhatsApp.lnk (--processStart WhatsApp.exe) C:\Users\Nour\Desktop\Logiciel\Avira Launcher.lnk (/showMiniGui) C:\Users\Nour\Desktop\Logiciel\Discord.lnk (--processStart Discord.exe) C:\Users\Nour\Desktop\Logiciel\Dropbox.lnk (/home) C:\Users\Nour\Desktop\Logiciel\WhatsApp.lnk (--processStart WhatsApp.exe) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk (-sta {C90FB8CA-3295-4462-A721-2935E83694BA}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk (/showMiniGui) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\Desinstaller.lnk (/x {77EEC345-B758-45DF-94C2-25D91D520650}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk (/home) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Keyboard\Gaming Keyboard Driver.lnk (1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager\Nexus Mod Manager (Trace Mode).lnk (-trace) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V\GTA Online.lnk (-StraightIntoFreemode) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Désinstaller GTA San Andreas.lnk (C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk (/7) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk (-Iskins) ---------- | AppCertDlls | AppInit_DLLs ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=14 "SmartScreenEnabled"=RequireAdmin [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=35 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\Windows\System32\Userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "DisableCAD"=1 "ShutdownStartTime"=131140652396516031 "UserSessionShutdownStopTime"=131138388090819525 "ShutdownFlags"=39 "AutoAdminLogon"=1 "DefaultUserName"=Nour [09/04/2016 01:19:35] "IsConnectedAutoLogon"=0 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-115953588-1755372066-384823517-1001 "LastUsedUsername"=Nour [09/04/2016 01:19:35] "DefaultDomainName"=NOUR [09/04/2016 01:19:35] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [13/07/2016 18:08:37] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [13/07/2016 18:08:37] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=130998430142318711 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0x59015394DF91D101 "OOBEInstallTime"=0x73C9FEAEE091D101 "OneTimeSqmDataSent"=1 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | @ [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "ProxyEnable"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "ProxyEnable"=0 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [16/06/2016 13:51:28] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [16/06/2016 13:51:28] ---------- | Chrome C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo = : The world's most popular userscript manager - short_name: Tampermonkey - permissions:[notificationsunlimitedStoragetabsidlemanagementwebNavigationwebRequestwebRequestBlockingstoragecontextMenuschrome://favicon/clipboardWritecookies\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Nour\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"=C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] - (ESN Sonar browser plugin) : C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll C:\Users\Nour\AppData\Roaming\Mozilla\Firefox\Profiles\lbm80v6z.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160623154057"); user_pref("browser.startup.homepage_override.mstone", "47.0.1"); user_pref("extensions.blocklist.pingCountTotal", 2); user_pref("extensions.blocklist.pingCountVersion", 2); user_pref("extensions.bootstrappedAddons", "{\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Nour\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\lbm80v6z.default\\\\features\\\\{f228235d-f72c-4d82-9f05-60b1e5ddc92d}\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Nour\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\lbm80v6z.default\\\\features\\\\{f228235d-f72c-4d82-9f05-60b1e5ddc92d}\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"loop@mozilla.org\":{\"version\":\"1.4.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Nour\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\lbm80v6z.default\\\\features\\\\{f228235d-f72c-4d82-9f05-60b1e5ddc92d}\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0.1"); user_pref("extensions.getAddons.cache.lastUpdate", 1468327763); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "47.0.1"); user_pref("extensions.lastPlatformVersion", "47.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{f228235d-f72c-4d82-9f05-60b1e5ddc92d}\",\"addons\":{\"e10srollout@mozilla.org\":{\"version\":\"1.0\"},\"firefox@getpocket.com\":{\"version\":\"1.0.2\"},\"loop@mozilla.org\":{\"version\":\"1.4.2\"}}}"); user_pref("extensions.xpiState", "{\"app-profile\":{\"belgiumeid@eid.belgium.be\":{\"d\":\"C:\\\\Users\\\\Nour\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\lbm80v6z.default\\\\extensions\\\\belgiumeid@eid.belgium.be.xpi\",\"e\":false,\"v\":\"1.0.21\",\"st\":1468087625988}},\"app-system-addons\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Nour\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\lbm80v6z.default\\\\features\\\\{f228235d-f72c-4d82-9f05-60b1e5ddc92d}\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1468327765208},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Users\\\\Nour\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\lbm80v6z.default\\\\features\\\\{f228235d-f72c-4d82-9f05-60b1e5ddc92d}\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1468327765588},\"loop@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Nour\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\lbm80v6z.default\\\\features\\\\{f228235d-f72c-4d82-9f05-60b1e5ddc92d}\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.4.2\",\"st\":1468327765790}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":false,\"v\":\"1.0\",\"st\":1467051355734},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":false,\"v\":\"1.0.2\",\"st\":1467051355783},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":false,\"v\":\"1.3.2\",\"st\":1467051355941}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0.1\",\"st\":1467051355733}},\"winreg-app-global\":{\"belgiumeid@eid.belgium.be\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\belgiumeid@eid.belgium.be\",\"e\":false,\"v\":\"1.0.18.1-signed.1-signed\",\"st\":1466077806153,\"mt\":1346762158000}}}"); ---------- | Active Connections TCP 127.0.0.1:49745 Nour:49746 ESTABLISHED 5388 TCP 127.0.0.1:49746 Nour:49745 ESTABLISHED 5388 TCP 127.0.0.1:49747 Nour:49748 ESTABLISHED 5388 TCP 127.0.0.1:49748 Nour:49747 ESTABLISHED 5388 TCP 127.0.0.1:51044 Nour:51045 ESTABLISHED 1732 TCP 127.0.0.1:51045 Nour:51044 ESTABLISHED 1732 TCP 192.168.2.21:49709 msnbot-191-232-139-116.search.msn.com:https ESTABLISHED 3916 TCP 192.168.2.21:49733 msnbot-191-232-139-107.search.msn.com:https ESTABLISHED 1092 TCP 192.168.2.21:50095 162.125.17.131:https ESTABLISHED 5388 TCP 192.168.2.21:50116 server-54-192-1-198.lhr5.r.cloudfront.net:https CLOSE_WAIT 5388 TCP 192.168.2.21:50119 24.4a.37a9.ip4.static.sl-reverse.com:https ESTABLISHED 6472 TCP 192.168.2.21:50143 wb-in-f188.1e100.net:5228 ESTABLISHED 2888 TCP 192.168.2.21:50407 msnbot-191-232-139-23.search.msn.com:https ESTABLISHED 2888 TCP 192.168.2.21:50441 52.169.24.76:https ESTABLISHED 2888 TCP 192.168.2.21:50450 msnbot-191-232-139-19.search.msn.com:https ESTABLISHED 2888 TCP 192.168.2.21:50562 ec2-52-7-106-188.compute-1.amazonaws.com:https CLOSE_WAIT 5388 TCP 192.168.2.21:51149 LReunion-656-1-8-125.w193-253.abo.wanadoo.fr:50500 ESTABLISHED 1732 TCP 192.168.2.21:51256 gra86-h03-128-78-167-199.dsl.sta.abo.bbox.fr:23712 ESTABLISHED 1732 TCP 192.168.2.21:51260 249.189.95.79.rev.sfr.net:51413 ESTABLISHED 1732 TCP 192.168.2.21:51287 kbs68-1-88-121-13-194.fbx.proxad.net:33826 ESTABLISHED 1732 TCP 192.168.2.21:51301 static-176-185-45-102.axione.abo.bbox.fr:29814 ESTABLISHED 1732 TCP 192.168.2.21:51304 nod28.ma-seedbox.me:5876 ESTABLISHED 1732 TCP 192.168.2.21:51307 75.152.35.193:25487 ESTABLISHED 1732 TCP 192.168.2.21:51309 89-158-251-1.rev.numericable.fr:49628 ESTABLISHED 1732 TCP 192.168.2.21:51317 bon91-1-88-167-248-113.fbx.proxad.net:26084 ESTABLISHED 1732 TCP 192.168.2.21:51319 pool226.seedbox.fr:50781 ESTABLISHED 1732 TCP 192.168.2.21:51321 ip200.ip-91-134-196.eu:55996 ESTABLISHED 1732 TCP 192.168.2.21:51324 ril69-4-78-241-33-106.fbx.proxad.net:58191 ESTABLISHED 1732 TCP 192.168.2.21:51327 nqhf135.dediseedbox.com:59800 ESTABLISHED 1732 TCP 192.168.2.21:51328 modemcable066.250-163-184.mc.videotron.ca:51413 ESTABLISHED 1732 TCP 192.168.2.21:51330 as1281.seedbox.org.ua:18570 ESTABLISHED 1732 TCP 192.168.2.21:51334 host-85-26-37-31.dynamic.voo.be:18102 ESTABLISHED 1732 TCP 192.168.2.21:51336 lry45-1-88-122-76-57.fbx.proxad.net:32054 ESTABLISHED 1732 TCP 192.168.2.21:51340 62-210-193-109.rev.poneytelecom.eu:45000 ESTABLISHED 1732 TCP 192.168.2.21:51341 163-172-214-61.rev.poneytelecom.eu:45000 ESTABLISHED 1732 TCP 192.168.2.21:51344 77-57-145-182.dclient.hispeed.ch:51413 ESTABLISHED 1732 TCP 192.168.2.21:51349 77-57-144-25.dclient.hispeed.ch:29784 ESTABLISHED 1732 TCP 192.168.2.21:51418 adsl-84-227-189-250.adslplus.ch:51413 ESTABLISHED 1732 TCP 192.168.2.21:51424 84-75-118-191.dclient.hispeed.ch:50500 ESTABLISHED 1732 TCP 192.168.2.21:51427 ns507739.ip-142-4-208.net:45000 ESTABLISHED 1732 TCP 192.168.2.21:51539 151.101.36.175:http TIME_WAIT 0 TCP 192.168.2.21:51540 151.101.36.68:http TIME_WAIT 0 TCP 192.168.2.21:51566 151.101.36.175:http TIME_WAIT 0 TCP 192.168.2.21:51693 109.211.112.247:21066 ESTABLISHED 1732 TCP 192.168.2.21:51737 ARennes-553-1-20-189.w2-2.abo.wanadoo.fr:60470 LAST_ACK 1732 TCP 192.168.2.21:51792 7e.7e.37a9.ip4.static.sl-reverse.com:https ESTABLISHED 6472 TCP 192.168.2.21:51799 ARennes-553-1-20-189.w2-2.abo.wanadoo.fr:60470 LAST_ACK 1732 TCP 192.168.2.21:51824 pur31-3-82-240-190-112.fbx.proxad.net:31374 ESTABLISHED 1732 TCP 192.168.2.21:51827 188.208.198.252:63954 ESTABLISHED 1732 TCP 192.168.2.21:51828 105.100.27.100:40460 ESTABLISHED 1732 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.2.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{b58cf1bc-273b-4460-aa81-f5a9153dd1a1}] "DhcpNameServer"=192.168.2.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b58cf1bc-273b-4460-aa81-f5a9153dd1a1}] "DhcpNameServer"=192.168.2.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | Svchost - Netsvcs (Whitelisted) NetSetupSvc - %SystemRoot%\System32\NetSetupSvc.dll : %SystemRoot%\System32\svchost.exe -k netsvcs UserManager - %SystemRoot%\System32\usermgr.dll : %SystemRoot%\system32\svchost.exe -k netsvcs ---------- | Software [HKLM\Software\Alienware] [HKLM\Software\AMD] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Canon] [HKLM\Software\Clients] [HKLM\Software\CPUID] [HKLM\Software\cybelsoft] [HKLM\Software\Disc Soft] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\EA Games] [HKLM\Software\EpicGames] [HKLM\Software\Futuremark] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\Nahimic] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SonicFocus] [HKLM\Software\Sony Creative Software] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wswpnservice] [HKLM\Software\WOW6432Node\AB Software] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Avira] [HKLM\Software\WOW6432Node\BEID] [HKLM\Software\WOW6432Node\BioWare] [HKLM\Software\WOW6432Node\bohemia interactive] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\CDDB] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\EA Games] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\ESN Launcher] [HKLM\Software\WOW6432Node\ESN Sonar-0.70.4] [HKLM\Software\WOW6432Node\Fraps] [HKLM\Software\WOW6432Node\Freemake] [HKLM\Software\WOW6432Node\futuremark] [HKLM\Software\WOW6432Node\Gaming Keyboard] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\LibreOffice] [HKLM\Software\WOW6432Node\LXD] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\MSI] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Open Broadcaster Software] [HKLM\Software\WOW6432Node\Origin] [HKLM\Software\WOW6432Node\Origin Games] [HKLM\Software\WOW6432Node\Overwolf] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\qBittorrent] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Rockstar Games] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Sony Creative Software] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\techland] [HKLM\Software\WOW6432Node\The Document Foundation] [HKLM\Software\WOW6432Node\The FlightSim Store] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\X-AVCSD] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Even Balance] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives ---------- | C: [30/10/2015 09:24:24] - |SHD| - [23765185347] - C:\$Recycle.Bin [18/05/2016 23:39:29] - |D| - [927638] - C:\AdwCleaner [17/05/2016 17:25:36] - |D| - [1320501913] - C:\AMD [MD5.0DBACCF6F62484244F6A48B7584019A8] - [30/10/2015 10:13:43] - |RASH| - (.-.) - [400228] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [30/10/2015 10:13:44] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [25/04/2016 19:33:01] - |SHD| - [116341248] - C:\Config.Msi [08/04/2016 23:45:36] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/06/2016 17:20:58] - |A| - (.-.) - [0] - (0.0.0.0) - C:\end [24/04/2016 19:07:17] - |D| - [85343522596] - C:\Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [08/04/2016 23:45:18] - |ASH| - (.-.) - [3411865600] - (0.0.0.0) - C:\hiberfil.sys [13/02/2016 15:18:25] - |D| - [16355471] - C:\Logs [09/04/2016 15:41:39] - |D| - [3169847] - C:\Microsoft C++ [14/04/2016 23:43:45] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [08/04/2016 23:42:17] - |ASH| - (.-.) - [6979321856] - (0.0.0.0) - C:\pagefile.sys [30/10/2015 09:24:24] - |D| - [0] - C:\PerfLogs [30/10/2015 08:28:30] - |RD| - [72881999442] - C:\Program Files [30/10/2015 08:28:30] - |D| - [412903944474] - C:\Program Files (x86) [30/10/2015 09:24:24] - |HD| - [1506581815] - C:\ProgramData [27/07/2016 23:01:31] - |D| - [262073] - C:\QuickDiag [MD5.D7560E9AFA099F5F1630544262981E9D] - [27/07/2016 23:02:58] - |A| - (.-.) - [113319] - (0.0.0.0) - C:\QuickDiag.txt [08/04/2016 23:45:33] - |SHD| - [0] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [08/04/2016 23:42:17] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [08/04/2016 23:42:16] - |SHD| - [0] - C:\System Volume Information [30/10/2015 08:28:30] - |RD| - [154958726887] - C:\Users [30/10/2015 08:28:30] - |D| - [20494378888] - C:\Windows ---------- | C:\Windows [30/10/2015 09:24:24] - |D| - [802] - C:\Windows\addins [30/10/2015 09:24:24] - |D| - [12366553] - C:\Windows\appcompat [30/10/2015 09:24:24] - |D| - [12360910] - C:\Windows\AppPatch [30/10/2015 09:24:24] - |D| - [0] - C:\Windows\AppReadiness [30/10/2015 09:24:24] - |RSD| - [997368105] - C:\Windows\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [09/07/2016 02:46:11] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [30/10/2015 09:24:24] - |D| - [241412] - C:\Windows\bcastdvr [MD5.DE3C720C11A91557E1DFDFF0DB2AA3C2] - [30/10/2015 09:17:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61952] - (10.0.10586.0) - C:\Windows\bfsvc.exe [30/10/2015 09:24:24] - |D| - [32716961] - C:\Windows\Boot [MD5.762938BE69E46F5F2AEF90D49CE3B9E5] - [13/02/2016 15:11:32] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [30/10/2015 09:24:24] - |D| - [2380376] - C:\Windows\Branding [30/10/2015 09:11:39] - |D| - [0] - C:\Windows\CbsTemp [MD5.F59060E298148DE24DEBB3E8321C4407] - [13/02/2016 15:02:35] - |A| - (.-.) - [31816] - (0.0.0.0) - C:\Windows\Core.xml [30/10/2015 09:24:24] - |D| - [8970858] - C:\Windows\Cursors [30/10/2015 09:24:24] - |D| - [3250050] - C:\Windows\debug [30/10/2015 09:24:24] - |RD| - [20934] - C:\Windows\DesktopTileResources [30/10/2015 09:24:24] - |RD| - [3032320] - C:\Windows\DevicesFlow [30/10/2015 09:24:24] - |D| - [4217368] - C:\Windows\diagnostics [13/02/2016 14:49:21] - |D| - [0] - C:\Windows\DigitalLocker [MD5.2055EC83612EB7139D31B8C6B960D388] - [19/07/2016 23:24:42] - |A| - (.-.) - [724] - (0.0.0.0) - C:\Windows\DirectX.log [30/10/2015 09:24:24] - |SD| - [65] - C:\Windows\Downloaded Program Files [30/10/2015 09:24:24] - |HD| - [44568] - C:\Windows\ELAMBKUP [13/02/2016 14:49:21] - |D| - [0] - C:\Windows\en-US [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [13/07/2016 18:09:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4515256] - (10.0.10586.494) - C:\Windows\explorer.exe [30/10/2015 09:24:24] - |RSD| - [398058870] - C:\Windows\Fonts [13/02/2016 14:49:21] - |D| - [134144] - C:\Windows\fr-FR [30/10/2015 09:24:24] - |D| - [20838848] - C:\Windows\Globalization [MD5.027FD87605A59E4B46B90288D3D501BF] - [07/07/2016 19:19:11] - |A| - (.-.) - [22] - (0.0.0.0) - C:\Windows\GPU-Z.INI [30/10/2015 09:24:24] - |D| - [1589372] - C:\Windows\Help [MD5.430DE1635CE173440D34ABA1676113D7] - [13/07/2016 18:08:26] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [994816] - (10.0.10586.494) - C:\Windows\HelpPane.exe [MD5.C7228F24B9130C64DCF4C390A04A775C] - [30/10/2015 09:17:54] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.10586.0) - C:\Windows\hh.exe [30/10/2015 09:24:24] - |D| - [173194846] - C:\Windows\IME [30/10/2015 09:24:24] - |RD| - [6840341] - C:\Windows\ImmersiveControlPanel [30/10/2015 09:21:47] - |D| - [50538995] - C:\Windows\INF [30/10/2015 09:24:24] - |D| - [931024796] - C:\Windows\InfusedApps [30/10/2015 09:24:24] - |D| - [36258450] - C:\Windows\InputMethod [30/10/2015 09:24:24] - |SHD| - [567357114] - C:\Windows\Installer [30/10/2015 09:24:24] - |D| - [89407] - C:\Windows\L2Schemas [24/07/2016 14:56:46] - |D| - [371858832] - C:\Windows\LastGood.Tmp [30/10/2015 09:24:24] - |D| - [60023587] - C:\Windows\LiveKernelReports [30/10/2015 08:31:03] - |D| - [39516446] - C:\Windows\Logs [30/10/2015 09:24:24] - |RSD| - [20145669] - C:\Windows\Media [MD5.76CF0DE2CDF3E348CED03A142C6FED76] - [09/07/2016 01:11:19] - |A| - (.-.) - [320324206] - (0.0.0.0) - C:\Windows\MEMORY.DMP [MD5.23AF90D2355D8C83AA4567EF1763B467] - [30/10/2015 09:17:40] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [30/10/2015 09:24:24] - |D| - [807970325] - C:\Windows\Microsoft.NET [30/10/2015 09:24:24] - |D| - [2371] - C:\Windows\Migration [09/07/2016 01:11:22] - |D| - [0] - C:\Windows\Minidump [30/10/2015 09:24:24] - |RD| - [470257] - C:\Windows\MiracastView [30/10/2015 09:24:24] - |D| - [0] - C:\Windows\ModemLogs [MD5.60336413E419C2EA5E215F1A32061E40] - [30/10/2015 09:19:28] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [244736] - (10.0.10586.0) - C:\Windows\notepad.exe [13/02/2016 14:53:04] - |D| - [199124] - C:\Windows\OCR [30/10/2015 09:24:24] - |RD| - [65] - C:\Windows\Offline Web Pages [MD5.22E9853298C96B1AB89D8F71C4E82302] - [17/05/2016 17:42:57] - |A| - (.Copyright (c) 2012-2015 Power Admin LLC - PAExec Application.) - [189112] - (1.26.0.0) - C:\Windows\PAExec.exe [09/04/2016 00:41:54] - |D| - [716623] - C:\Windows\Panther [30/10/2015 09:24:24] - |D| - [29327263] - C:\Windows\Performance [MD5.0D3FBFD89E8036189EB3BD184C51AF2C] - [08/07/2016 16:49:31] - |A| - (.-.) - [61608] - (0.0.0.0) - C:\Windows\PFRO.log [30/10/2015 09:24:24] - |D| - [1136442] - C:\Windows\PLA [30/10/2015 09:24:24] - |D| - [2566565] - C:\Windows\PolicyDefinitions [08/04/2016 23:42:40] - |D| - [19048880] - C:\Windows\Prefetch [30/10/2015 09:24:24] - |RD| - [1963312] - C:\Windows\PrintDialog [30/10/2015 09:24:24] - |D| - [1297393] - C:\Windows\Provisioning [30/10/2015 09:24:24] - |RD| - [770223] - C:\Windows\PurchaseDialog [MD5.D9D56AFAA121BD6B4206F7FF3DA84BBA] - [30/10/2015 09:17:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.10586.0) - C:\Windows\regedit.exe [30/10/2015 09:24:24] - |D| - [22588] - C:\Windows\registration [30/10/2015 09:24:24] - |D| - [6696766] - C:\Windows\rescache [30/10/2015 09:24:24] - |D| - [3947183] - C:\Windows\Resources [MD5.A444609BA3B1DD9C1E9C7934BBB40350] - [01/07/2016 20:24:05] - |A| - (.Copyright (C) 2015 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2825944] - (1.0.6.4) - C:\Windows\RtlExUpd.dll [30/10/2015 09:24:24] - |D| - [0] - C:\Windows\SchCache [30/10/2015 09:24:24] - |D| - [121229] - C:\Windows\schemas [30/10/2015 09:24:24] - |D| - [1097728] - C:\Windows\security [13/02/2016 15:09:40] - |D| - [48597074] - C:\Windows\ServiceProfiles [30/10/2015 08:28:30] - |D| - [113123526] - C:\Windows\servicing [30/10/2015 09:26:37] - |D| - [42] - C:\Windows\Setup [MD5.8440806A8095688DC0140F7D4F51B688] - [08/07/2016 16:53:28] - |A| - (.-.) - [1552] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [08/07/2016 16:53:28] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [13/02/2016 15:01:38] - |D| - [4544] - C:\Windows\ShellNew [13/02/2016 14:52:41] - |D| - [3070736] - C:\Windows\SKB [13/02/2016 15:20:16] - |D| - [374147520] - C:\Windows\SoftwareDistribution [30/10/2015 09:24:24] - |D| - [103543755] - C:\Windows\Speech [30/10/2015 09:24:24] - |D| - [50814701] - C:\Windows\Speech_OneCore [MD5.3BB80AF91D069F97006DCCC031164903] - [30/10/2015 09:18:09] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [128000] - (10.0.10586.0) - C:\Windows\splwow64.exe [30/10/2015 09:24:24] - |D| - [31039] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [30/10/2015 09:24:29] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [30/10/2015 08:28:30] - |D| - [6472352868] - C:\Windows\System32 [30/10/2015 09:24:25] - |D| - [158572489] - C:\Windows\SystemApps [30/10/2015 09:24:25] - |D| - [18175861] - C:\Windows\SystemResources [30/10/2015 08:28:37] - |D| - [1665059974] - C:\Windows\SysWOW64 [30/10/2015 09:24:25] - |D| - [0] - C:\Windows\TAPI [30/10/2015 09:24:25] - |D| - [4768] - C:\Windows\Tasks [30/10/2015 09:24:25] - |D| - [1319847] - C:\Windows\Temp [30/10/2015 09:24:25] - |D| - [0] - C:\Windows\tracing [30/10/2015 09:24:25] - |D| - [7680] - C:\Windows\twain_32 [MD5.669A44C0BCA67D8CDE111F7FBA91EE86] - [30/10/2015 09:19:30] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [60416] - (1.7.1.3) - C:\Windows\twain_32.dll [30/10/2015 09:24:25] - |D| - [12420] - C:\Windows\Vss [30/10/2015 09:24:25] - |D| - [15729830] - C:\Windows\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [30/10/2015 09:24:29] - |A| - (.-.) - [92] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [30/10/2015 09:18:16] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [08/07/2016 16:52:44] - |A| - (.-.) - [275] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.8C459D003560EA9817F7CDB29AA55382] - [30/10/2015 09:18:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.10586.0) - C:\Windows\winhlp32.exe [30/10/2015 08:28:30] - |D| - [6507785659] - C:\Windows\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [30/10/2015 09:18:41] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.E9C22DCE95A6E5B6C37FED42B3749E32] - [30/10/2015 09:18:14] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.10586.0) - C:\Windows\write.exe ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [21/11/2013 00:45:13] - C:\Windows\Installer\14d5562.msi : (MSVCRT Redists - Sony Creative Software Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/02/2016 09:39:18] - C:\Windows\Installer\15069a9b.msi : (swMSM - Adobe Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2014 17:27:19] - C:\Windows\Installer\151823cd.msi : (MSVCRT Redists - Sony Creative Software Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2016 21:19:51] - C:\Windows\Installer\15b82bf.msi : (Vegas Pro 13.0 (64-bit) - Sony) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/07/2016 23:12:28] - C:\Windows\Installer\194b9a0.msi : (Epic Games Launcher - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 01:36:54] - C:\Windows\Installer\197c50.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/01/2016 17:51:46] - C:\Windows\Installer\1bb356d.msi : (UE4 Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/04/2016 19:00:19] - C:\Windows\Installer\22f65b07.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:34:34] - C:\Windows\Installer\2b3a20.msi : (AMD Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:26:48] - C:\Windows\Installer\2b3a6b.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:27:02] - C:\Windows\Installer\2b3a6f.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:27:16] - C:\Windows\Installer\2b3a73.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:27:30] - C:\Windows\Installer\2b3a77.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:27:44] - C:\Windows\Installer\2b3a7b.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:27:58] - C:\Windows\Installer\2b3a7f.msi : (Catalyst Control Center next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:28:12] - C:\Windows\Installer\2b3a83.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:28:26] - C:\Windows\Installer\2b3a87.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:28:40] - C:\Windows\Installer\2b3a8b.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:28:54] - C:\Windows\Installer\2b3a8f.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:29:08] - C:\Windows\Installer\2b3a93.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:29:22] - C:\Windows\Installer\2b3a97.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:29:36] - C:\Windows\Installer\2b3a9b.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:29:50] - C:\Windows\Installer\2b3a9f.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:30:04] - C:\Windows\Installer\2b3aa3.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:30:18] - C:\Windows\Installer\2b3aa7.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:30:38] - C:\Windows\Installer\2b3aab.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:30:52] - C:\Windows\Installer\2b3aaf.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:31:06] - C:\Windows\Installer\2b3ab3.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:31:20] - C:\Windows\Installer\2b3ab7.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:31:34] - C:\Windows\Installer\2b3abb.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:33:24] - C:\Windows\Installer\2b3abf.msi : (AMD Settings - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:26:32] - C:\Windows\Installer\2b3ac3.msi : (AMD Settings - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2016 00:22:30] - C:\Windows\Installer\2b3ac7.msi : (ACP Application - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/05/2016 10:35:22] - C:\Windows\Installer\3c700e.msi : (Belgium e-ID middleware 4.1.18 (build 1730) - Belgian Government) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/06/2016 13:51:17] - C:\Windows\Installer\3c7012.msi : (Java SE Runtime Environment 8 Update 91 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/06/2016 13:51:11] - C:\Windows\Installer\3c7016.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/05/2016 11:23:32] - C:\Windows\Installer\5d36300.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/05/2016 23:40:58] - C:\Windows\Installer\65ecad5.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/04/2016 19:42:05] - C:\Windows\Installer\7c65f.msi : (Logitech Gaming Software - Logitech Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/05/2016 14:06:25] - C:\Windows\Installer\a323360.msi : (Dropbox Update Helper - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/04/2016 23:00:06] - C:\Windows\Installer\b0d869.msi : (puush installer - Dean Herbert) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2016 15:47:08] - C:\Windows\Installer\b1a0e.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/07/2016 16:20:25] - C:\Windows\Installer\b8c8e1d.msi : (Futuremark SystemInfo - Futuremark) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/07/2016 11:07:32] - C:\Windows\Installer\ecdee1e.msi : (Avira Launcher - Avira Operations GmbH & Co. KG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [30/10/2015 09:18:41] - [3458] - C:\Windows\System32\ieuinit.inf [08/04/2016 23:52:24] - [1848398] - C:\Windows\System32\PerfStringBackup.INI [30/10/2015 09:18:09] - [60124] - C:\Windows\System32\tcpmon.ini [30/10/2015 09:17:49] - [2269] - C:\Windows\System32\WimBootCompress.ini [30/10/2015 09:19:39] - [3458] - C:\Windows\Syswow64\ieuinit.inf [30/10/2015 09:18:25] - [2269] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | [Administrateur] [13/02/2016 15:14:31] - |HD| - [127473093] - C:\Users\Administrateur\AppData [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Application Data [13/02/2016 15:18:35] - |RD| - [412] - C:\Users\Administrateur\Contacts [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Cookies [13/02/2016 15:14:31] - |RD| - [282] - C:\Users\Administrateur\Desktop [13/02/2016 15:14:31] - |RD| - [402] - C:\Users\Administrateur\Documents [13/02/2016 15:14:31] - |RD| - [282] - C:\Users\Administrateur\Downloads [13/02/2016 15:14:31] - |RD| - [690] - C:\Users\Administrateur\Favorites [13/02/2016 15:14:31] - |RD| - [2015] - C:\Users\Administrateur\Links [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Local Settings [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Menu Démarrer [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Mes documents [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Modèles [13/02/2016 15:14:31] - |RD| - [504] - C:\Users\Administrateur\Music [13/02/2016 15:14:31] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT [13/02/2016 15:14:32] - |ASH| - [32768] - C:\Users\Administrateur\ntuser.dat.LOG1 [13/02/2016 15:14:32] - |ASH| - [0] - C:\Users\Administrateur\ntuser.dat.LOG2 [13/02/2016 15:14:32] - |ASH| - [65536] - C:\Users\Administrateur\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TM.blf [13/02/2016 15:14:32] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TMContainer00000000000000000001.regtrans-ms [13/02/2016 15:14:32] - |ASH| - [524288] - C:\Users\Administrateur\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TMContainer00000000000000000002.regtrans-ms [13/02/2016 15:14:32] - |ASH| - [20] - C:\Users\Administrateur\ntuser.ini [13/02/2016 15:19:52] - |RD| - [105] - C:\Users\Administrateur\OneDrive [13/02/2016 15:14:31] - |RD| - [504] - C:\Users\Administrateur\Pictures [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Recent [13/02/2016 15:14:31] - |RD| - [282] - C:\Users\Administrateur\Saved Games [13/02/2016 15:18:35] - |RD| - [1875] - C:\Users\Administrateur\Searches [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\SendTo [13/02/2016 15:14:31] - |RD| - [504] - C:\Users\Administrateur\Videos [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Voisinage d'impression [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\Voisinage réseau [13/02/2016 15:18:33] - |D| - [0] - C:\Users\Administrateur\AppData\Roaming\Adobe [13/02/2016 15:14:31] - |SD| - [136447] - C:\Users\Administrateur\AppData\Roaming\Microsoft [13/02/2016 15:16:50] - |D| - [0] - C:\Users\Administrateur\AppData\Local\ActiveSync [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Application Data [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Historique [13/02/2016 15:21:05] - |AH| - [3368] - C:\Users\Administrateur\AppData\Local\IconCache.db [13/02/2016 15:14:31] - |D| - [112978172] - C:\Users\Administrateur\AppData\Local\Microsoft [13/02/2016 15:14:37] - |D| - [3271330] - C:\Users\Administrateur\AppData\Local\Packages [13/02/2016 15:14:31] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Temp [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files [13/02/2016 15:14:36] - |D| - [11083776] - C:\Users\Administrateur\AppData\Local\TileDataLayer [13/02/2016 15:18:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [13/02/2016 15:14:32] - |SHD| - [0] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [13/02/2016 15:14:31] - |RD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [13/02/2016 15:14:31] - |RD| - [3888] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [13/02/2016 15:14:31] - |RD| - [2925] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [13/02/2016 15:18:35] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/02/2016 15:18:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [13/02/2016 15:14:31] - |D| - [170] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [13/02/2016 15:19:52] - |A| - [2405] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [13/02/2016 15:18:35] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [13/02/2016 15:14:31] - |RD| - [5318] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [13/02/2016 15:14:31] - |RSD| - [7238] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [13/02/2016 15:18:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Nour] [21/04/2016 19:00:16] - |D| - [0] - C:\Users\Nour\.Glyph [16/06/2016 13:51:33] - |D| - [56] - C:\Users\Nour\.oracle_jre_usage [21/04/2016 19:00:16] - |D| - [0] - C:\Users\Nour\.QtWebEngineProcess [14/05/2016 13:07:36] - |RD| - [3875642] - C:\Users\Nour\3D Objects [08/04/2016 23:48:51] - |HD| - [7347554976] - C:\Users\Nour\AppData [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Application Data [23/05/2016 22:15:59] - |D| - [1751090] - C:\Users\Nour\BrawlhallaReplays [08/04/2016 23:49:03] - |RD| - [412] - C:\Users\Nour\Contacts [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Cookies [08/04/2016 23:48:51] - |RD| - [124680935459] - C:\Users\Nour\Desktop [08/04/2016 23:48:51] - |RD| - [1629266864] - C:\Users\Nour\Documents [08/04/2016 23:48:51] - |RD| - [5453939799] - C:\Users\Nour\Downloads [13/05/2016 14:09:47] - |RD| - [14058712304] - C:\Users\Nour\Dropbox [08/04/2016 23:48:51] - |RD| - [690] - C:\Users\Nour\Favorites [08/07/2016 23:55:45] - |D| - [781204] - C:\Users\Nour\Heaven [08/04/2016 23:48:51] - |RD| - [3637] - C:\Users\Nour\Links [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Local Settings [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Menu Démarrer [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Mes documents [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Modèles [08/04/2016 23:48:51] - |RD| - [504] - C:\Users\Nour\Music [08/04/2016 23:48:51] - |ASH| - [2359296] - C:\Users\Nour\ntuser.dat [08/04/2016 23:48:51] - |ASH| - [620544] - C:\Users\Nour\ntuser.dat.log1 [08/04/2016 23:48:51] - |ASH| - [663552] - C:\Users\Nour\ntuser.dat.log2 [27/07/2016 19:37:32] - |ASH| - [1048576] - C:\Users\Nour\ntuser.dat{41bc5cc7-3e06-11e6-8761-d8cb8ae8f260}.TxR.0.regtrans-ms [27/07/2016 19:37:32] - |ASH| - [1048576] - C:\Users\Nour\ntuser.dat{41bc5cc7-3e06-11e6-8761-d8cb8ae8f260}.TxR.1.regtrans-ms [27/07/2016 19:37:32] - |ASH| - [1048576] - C:\Users\Nour\ntuser.dat{41bc5cc7-3e06-11e6-8761-d8cb8ae8f260}.TxR.2.regtrans-ms [27/07/2016 19:37:32] - |ASH| - [65536] - C:\Users\Nour\ntuser.dat{41bc5cc7-3e06-11e6-8761-d8cb8ae8f260}.TxR.blf [29/06/2016 17:09:51] - |ASH| - [65536] - C:\Users\Nour\ntuser.dat{41bc5cc8-3e06-11e6-8761-d8cb8ae8f260}.TM.blf [29/06/2016 17:09:51] - |ASH| - [524288] - C:\Users\Nour\ntuser.dat{41bc5cc8-3e06-11e6-8761-d8cb8ae8f260}.TMContainer00000000000000000001.regtrans-ms [29/06/2016 17:09:51] - |ASH| - [524288] - C:\Users\Nour\ntuser.dat{41bc5cc8-3e06-11e6-8761-d8cb8ae8f260}.TMContainer00000000000000000002.regtrans-ms [08/04/2016 23:48:51] - |ASH| - [65536] - C:\Users\Nour\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TM.blf [08/04/2016 23:48:51] - |ASH| - [524288] - C:\Users\Nour\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TMContainer00000000000000000001.regtrans-ms [08/04/2016 23:48:51] - |ASH| - [524288] - C:\Users\Nour\NTUSER.DAT{a97de0a2-d207-11e5-8729-a48cb7566772}.TMContainer00000000000000000002.regtrans-ms [08/04/2016 23:48:51] - |SH| - [20] - C:\Users\Nour\ntuser.ini [08/04/2016 23:51:01] - |RD| - [98106928] - C:\Users\Nour\OneDrive [08/04/2016 23:48:51] - |RD| - [884] - C:\Users\Nour\Pictures [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Recent [08/04/2016 23:48:51] - |RD| - [282] - C:\Users\Nour\Saved Games [08/04/2016 23:49:03] - |RD| - [1872] - C:\Users\Nour\Searches [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\SendTo [21/04/2016 19:01:00] - |D| - [229376] - C:\Users\Nour\Tracing [08/04/2016 23:48:51] - |RD| - [36740822] - C:\Users\Nour\Videos [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Voisinage d'impression [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\Voisinage réseau [08/04/2016 23:49:02] - |D| - [854] - C:\Users\Nour\AppData\Roaming\Adobe [08/04/2016 22:12:06] - |D| - [1301118] - C:\Users\Nour\AppData\Roaming\AltisLifeFr [11/05/2016 00:35:54] - |D| - [0] - C:\Users\Nour\AppData\Roaming\AnkamaCertificates [11/05/2016 00:35:20] - |D| - [4812] - C:\Users\Nour\AppData\Roaming\app [11/05/2016 00:35:20] - |D| - [24610] - C:\Users\Nour\AppData\Roaming\ArkalysGame [24/07/2016 14:56:12] - |D| - [0] - C:\Users\Nour\AppData\Roaming\ATI [08/04/2016 22:55:40] - |D| - [0] - C:\Users\Nour\AppData\Roaming\Avira [23/05/2016 22:13:03] - |D| - [1805] - C:\Users\Nour\AppData\Roaming\BrawlhallaAir [11/05/2016 00:35:20] - |A| - [121] - C:\Users\Nour\AppData\Roaming\D2Info0 [10/04/2016 04:38:21] - |D| - [0] - C:\Users\Nour\AppData\Roaming\DAEMON Tools Lite [24/06/2016 18:54:08] - |D| - [44737405] - C:\Users\Nour\AppData\Roaming\discord [11/05/2016 01:01:34] - |A| - [8] - C:\Users\Nour\AppData\Roaming\DofusAppId0_1 [11/05/2016 00:35:20] - |A| - [8] - C:\Users\Nour\AppData\Roaming\DofusAppId0_2 [19/05/2016 16:15:34] - |A| - [8] - C:\Users\Nour\AppData\Roaming\DofusAppId0_3 [11/05/2016 00:35:20] - |D| - [0] - C:\Users\Nour\AppData\Roaming\DofusTesting-2 [13/05/2016 14:06:53] - |D| - [308700] - C:\Users\Nour\AppData\Roaming\Dropbox [20/06/2016 23:44:46] - |D| - [7147065] - C:\Users\Nour\AppData\Roaming\GoldMiner [14/05/2016 16:31:28] - |D| - [1718] - C:\Users\Nour\AppData\Roaming\HeroesAndGeneralsDesktop [05/07/2016 13:16:56] - |D| - [0] - C:\Users\Nour\AppData\Roaming\InstallShield [09/04/2016 00:09:26] - |D| - [0] - C:\Users\Nour\AppData\Roaming\library_dir [15/04/2016 22:06:45] - |D| - [1845289] - C:\Users\Nour\AppData\Roaming\LibreOffice [09/04/2016 00:46:28] - |D| - [28261] - C:\Users\Nour\AppData\Roaming\Logishrd [09/04/2016 00:46:28] - |D| - [0] - C:\Users\Nour\AppData\Roaming\Logitech [09/04/2016 00:01:29] - |D| - [314368] - C:\Users\Nour\AppData\Roaming\Macromedia [08/04/2016 23:48:51] - |SD| - [3350206] - C:\Users\Nour\AppData\Roaming\Microsoft [14/04/2016 23:28:36] - |D| - [3962] - C:\Users\Nour\AppData\Roaming\MotioninJoy [09/07/2016 20:05:28] - |D| - [30488878] - C:\Users\Nour\AppData\Roaming\Mozilla [11/05/2016 01:01:34] - |D| - [10090184] - C:\Users\Nour\AppData\Roaming\Nephya [11/05/2016 01:01:34] - |D| - [0] - C:\Users\Nour\AppData\Roaming\NephyaDofus [11/05/2016 14:56:19] - |D| - [0] - C:\Users\Nour\AppData\Roaming\NephyaDofus-2 [19/05/2016 16:15:34] - |D| - [0] - C:\Users\Nour\AppData\Roaming\NephyaDofus-3 [16/04/2016 02:25:57] - |D| - [2635652] - C:\Users\Nour\AppData\Roaming\OBS [16/05/2016 00:46:12] - |D| - [153704] - C:\Users\Nour\AppData\Roaming\obs-studio [17/06/2016 00:05:17] - |D| - [15516] - C:\Users\Nour\AppData\Roaming\Origin [19/04/2016 02:27:28] - |D| - [0] - C:\Users\Nour\AppData\Roaming\Publish Providers [08/04/2016 23:00:13] - |D| - [728] - C:\Users\Nour\AppData\Roaming\puush [08/04/2016 23:38:38] - |D| - [20059] - C:\Users\Nour\AppData\Roaming\qBittorrent [11/05/2016 14:49:57] - |D| - [0] - C:\Users\Nour\AppData\Roaming\Reg [11/05/2016 00:35:20] - |D| - [0] - C:\Users\Nour\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [21/04/2016 19:00:28] - |D| - [24862293] - C:\Users\Nour\AppData\Roaming\Skype [19/04/2016 02:22:21] - |D| - [1269860] - C:\Users\Nour\AppData\Roaming\Sony [09/07/2016 04:52:53] - |D| - [113646834] - C:\Users\Nour\AppData\Roaming\Spotify [16/06/2016 13:51:33] - |D| - [0] - C:\Users\Nour\AppData\Roaming\Sun [18/04/2016 23:30:21] - |D| - [132722] - C:\Users\Nour\AppData\Roaming\TeamViewer [24/06/2016 19:44:19] - |D| - [10283] - C:\Users\Nour\AppData\Roaming\Trine2 [08/04/2016 19:30:02] - |D| - [332399694] - C:\Users\Nour\AppData\Roaming\TS3Client [19/07/2016 23:55:39] - |D| - [173] - C:\Users\Nour\AppData\Roaming\Unreal Engine [09/04/2016 00:08:19] - |D| - [86391] - C:\Users\Nour\AppData\Roaming\vlc [20/05/2016 22:24:25] - |D| - [14309598] - C:\Users\Nour\AppData\Roaming\WhatsApp [10/04/2016 05:01:55] - |D| - [12] - C:\Users\Nour\AppData\Roaming\WinRAR [20/07/2016 00:13:14] - |D| - [192085] - C:\Users\Nour\AppData\Roaming\Wireshark [08/04/2016 23:50:59] - |D| - [0] - C:\Users\Nour\AppData\Local\ActiveSync [11/05/2016 00:33:50] - |D| - [0] - C:\Users\Nour\AppData\Local\Adobe [09/04/2016 00:08:51] - |D| - [193584] - C:\Users\Nour\AppData\Local\AMD [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\AppData\Local\Application Data [08/04/2016 21:32:25] - |D| - [257470931] - C:\Users\Nour\AppData\Local\Arma 3 [08/04/2016 21:31:12] - |D| - [5801254] - C:\Users\Nour\AppData\Local\Arma 3 Launcher [16/04/2016 02:25:57] - |D| - [1494556] - C:\Users\Nour\AppData\Local\assembly [24/07/2016 14:56:12] - |D| - [0] - C:\Users\Nour\AppData\Local\ATI [23/05/2016 22:02:55] - |D| - [78628490] - C:\Users\Nour\AppData\Local\battlestick [24/04/2016 19:05:23] - |D| - [14430] - C:\Users\Nour\AppData\Local\Black_Tree_Gaming [11/07/2016 00:19:31] - |D| - [1129914] - C:\Users\Nour\AppData\Local\Bluestacks [08/04/2016 21:31:17] - |D| - [80626] - C:\Users\Nour\AppData\Local\Bohemia_Interactive [09/04/2016 01:03:24] - |D| - [5984542] - C:\Users\Nour\AppData\Local\CEF [25/05/2016 19:10:34] - |D| - [0] - C:\Users\Nour\AppData\Local\Chromium [09/04/2016 00:08:35] - |D| - [34440328] - C:\Users\Nour\AppData\Local\Comms [23/05/2016 22:02:55] - |D| - [710186] - C:\Users\Nour\AppData\Local\Crashpad [12/04/2016 20:01:41] - |D| - [0] - C:\Users\Nour\AppData\Local\CrashRpt [04/05/2016 18:27:39] - |D| - [0] - C:\Users\Nour\AppData\Local\Diagnostics [24/06/2016 18:54:02] - |D| - [167257036] - C:\Users\Nour\AppData\Local\Discord [13/05/2016 14:06:25] - |D| - [68551716] - C:\Users\Nour\AppData\Local\Dropbox [09/04/2016 00:00:38] - |D| - [146636] - C:\Users\Nour\AppData\Local\ElevatedDiagnostics [19/07/2016 23:13:27] - |D| - [7813016] - C:\Users\Nour\AppData\Local\EpicGamesLauncher [20/06/2016 23:45:51] - |D| - [3128947728] - C:\Users\Nour\AppData\Local\Ethash [08/07/2016 23:55:27] - |A| - [1065984] - C:\Users\Nour\AppData\Local\file__0.localstorage [27/06/2016 17:44:03] - |D| - [6124] - C:\Users\Nour\AppData\Local\Futuremark [20/06/2016 23:44:32] - |D| - [1677825] - C:\Users\Nour\AppData\Local\GoldMiner [09/04/2016 00:17:55] - |D| - [1030741989] - C:\Users\Nour\AppData\Local\Google [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\AppData\Local\Historique [09/07/2016 02:50:42] - |AH| - [6291456] - C:\Users\Nour\AppData\Local\IconCache.db [27/06/2016 17:44:04] - |D| - [2092] - C:\Users\Nour\AppData\Local\IsolatedStorage [09/04/2016 00:49:50] - |D| - [807049] - C:\Users\Nour\AppData\Local\Logitech [04/06/2016 10:52:46] - |D| - [0] - C:\Users\Nour\AppData\Local\LogMeIn [04/06/2016 10:52:46] - |D| - [6328] - C:\Users\Nour\AppData\Local\LogMeIn Hamachi [11/07/2016 00:20:34] - |D| - [0] - C:\Users\Nour\AppData\Local\Macromedia [08/04/2016 23:48:51] - |D| - [322127149] - C:\Users\Nour\AppData\Local\Microsoft [09/04/2016 00:00:43] - |D| - [87548] - C:\Users\Nour\AppData\Local\MicrosoftEdge [09/07/2016 20:05:28] - |D| - [20453527] - C:\Users\Nour\AppData\Local\Mozilla [08/04/2016 23:39:14] - |D| - [974] - C:\Users\Nour\AppData\Local\MSfree Inc [17/06/2016 00:05:14] - |D| - [51599494] - C:\Users\Nour\AppData\Local\Origin [08/04/2016 23:49:00] - |D| - [161020935] - C:\Users\Nour\AppData\Local\Packages [24/04/2016 05:11:06] - |D| - [464] - C:\Users\Nour\AppData\Local\plansq [09/04/2016 17:45:24] - |D| - [0] - C:\Users\Nour\AppData\Local\Programs [08/04/2016 23:49:18] - |D| - [0] - C:\Users\Nour\AppData\Local\Publishers [17/06/2016 03:10:05] - |D| - [8975377] - C:\Users\Nour\AppData\Local\PunkBuster [08/04/2016 23:38:29] - |D| - [4104409] - C:\Users\Nour\AppData\Local\qBittorrent [08/04/2016 23:59:48] - |D| - [160] - C:\Users\Nour\AppData\Local\Rockstar Games [19/04/2016 02:22:59] - |D| - [7015551] - C:\Users\Nour\AppData\Local\Sony [09/07/2016 04:53:09] - |D| - [117367459] - C:\Users\Nour\AppData\Local\Spotify [20/05/2016 22:24:18] - |D| - [25168] - C:\Users\Nour\AppData\Local\SquirrelTemp [21/04/2016 22:14:07] - |D| - [17802540] - C:\Users\Nour\AppData\Local\Star Citizen [09/04/2016 01:03:24] - |D| - [123525973] - C:\Users\Nour\AppData\Local\Steam [07/06/2016 17:23:10] - |D| - [65] - C:\Users\Nour\AppData\Local\SWTORPerf [08/04/2016 23:48:51] - |D| - [715261762] - C:\Users\Nour\AppData\Local\Temp [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\AppData\Local\Temporary Internet Files [08/04/2016 23:49:00] - |D| - [11739136] - C:\Users\Nour\AppData\Local\TileDataLayer [27/05/2016 02:22:19] - |D| - [159] - C:\Users\Nour\AppData\Local\Ubisoft Game Launcher [19/07/2016 23:13:27] - |D| - [160919411] - C:\Users\Nour\AppData\Local\UnrealEngine [19/07/2016 23:24:54] - |D| - [0] - C:\Users\Nour\AppData\Local\UnrealEngineLauncher [08/04/2016 23:49:03] - |D| - [15877] - C:\Users\Nour\AppData\Local\VirtualStore [03/06/2016 13:05:10] - |D| - [3897530] - C:\Users\Nour\AppData\Local\Warframe [11/07/2016 00:22:08] - |D| - [235066876] - C:\Users\Nour\AppData\Local\WhatsApp [08/04/2016 23:49:03] - |ASH| - [174] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [08/04/2016 23:48:51] - |SHD| - [0] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [08/04/2016 23:48:51] - |RD| - [54097] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [08/04/2016 23:48:51] - |RD| - [3888] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [08/04/2016 23:48:51] - |RD| - [2925] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [08/04/2016 23:49:03] - |RD| - [174] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [09/04/2016 00:21:12] - |A| - [1292] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings.lnk [08/04/2016 23:49:03] - |ASH| - [174] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [03/06/2016 08:55:17] - |D| - [1512] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [20/06/2016 23:44:46] - |D| - [0] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoldMiner.io [24/06/2016 18:54:11] - |D| - [2242] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc [08/04/2016 23:48:51] - |D| - [170] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [24/07/2016 14:47:34] - |D| - [7452] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner [08/04/2016 23:51:01] - |A| - [2404] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [16/05/2016 00:51:04] - |D| - [2898] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software [01/05/2016 20:34:44] - |D| - [2597] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [09/07/2016 04:53:09] - |A| - [1831] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [20/04/2016 23:18:56] - |D| - [1171] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher [08/04/2016 23:49:03] - |RD| - [174] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [08/04/2016 23:48:51] - |RD| - [5318] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [19/04/2016 02:30:57] - |D| - [4077] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [20/05/2016 22:24:26] - |D| - [2247] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp [08/04/2016 23:48:51] - |RSD| - [7238] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [10/04/2016 05:01:47] - |D| - [4313] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [08/04/2016 23:49:03] - |ASH| - [174] - C:\Users\Nour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [13/02/2016 15:18:35] - |RHD| - [53234] - C:\Users\Public\AccountPictures [30/10/2015 09:24:24] - |RHD| - [6750] - C:\Users\Public\Desktop [30/10/2015 09:24:29] - |ASH| - [174] - C:\Users\Public\desktop.ini [30/10/2015 09:24:24] - |RD| - [278] - C:\Users\Public\Documents [30/10/2015 09:24:24] - |RD| - [174] - C:\Users\Public\Downloads [30/10/2015 09:24:24] - |RHD| - [1174] - C:\Users\Public\Libraries [30/10/2015 09:24:24] - |RD| - [380] - C:\Users\Public\Music [30/10/2015 09:24:24] - |RD| - [380] - C:\Users\Public\Pictures [30/10/2015 09:24:24] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [11/05/2016 00:35:14] - |D| - [0] - C:\ProgramData\Adobe [01/07/2016 01:19:51] - |D| - [0] - C:\ProgramData\Age of Empires 3 [08/04/2016 23:45:37] - |SHD| - [16759627020] - C:\ProgramData\Application Data [24/07/2016 14:56:12] - |D| - [0] - C:\ProgramData\ATI [08/04/2016 22:53:47] - |D| - [206418880] - C:\ProgramData\Avira [07/06/2016 17:23:24] - |D| - [11232335] - C:\ProgramData\BitRaider [11/07/2016 00:19:51] - |D| - [0] - C:\ProgramData\BlueStacksSetup [08/04/2016 21:32:25] - |D| - [0] - C:\ProgramData\Bohemia Interactive [05/05/2016 21:01:42] - |D| - [128] - C:\ProgramData\boost_interprocess [08/04/2016 23:45:37] - |SHD| - [6750] - C:\ProgramData\Bureau [15/04/2016 22:06:18] - |HD| - [35602227] - C:\ProgramData\CanonBJ [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\Comms [10/04/2016 04:38:06] - |D| - [3120] - C:\ProgramData\DAEMON Tools Lite [08/04/2016 23:45:37] - |SHD| - [278] - C:\ProgramData\Documents [01/07/2016 20:24:54] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [09/04/2016 00:39:00] - |AD| - [1596920] - C:\ProgramData\DriversCloud.com [13/05/2016 14:06:25] - |D| - [415596] - C:\ProgramData\Dropbox [05/07/2016 19:32:42] - |D| - [0] - C:\ProgramData\EA Core [05/07/2016 19:32:42] - |D| - [1840] - C:\ProgramData\EA Logs [17/06/2016 00:04:24] - |D| - [31065] - C:\ProgramData\Electronic Arts [19/07/2016 23:12:50] - |D| - [21698938] - C:\ProgramData\Epic [03/06/2016 08:55:16] - |D| - [0] - C:\ProgramData\Freemake [07/07/2016 19:53:08] - |D| - [132608] - C:\ProgramData\Futuremark [08/04/2016 23:45:38] - |D| - [9756231] - C:\ProgramData\KMSAutoS [09/04/2016 00:50:22] - |D| - [255] - C:\ProgramData\LogiShrd [04/06/2016 10:52:46] - |D| - [0] - C:\ProgramData\LogMeIn [18/05/2016 23:37:52] - |D| - [19347571] - C:\ProgramData\Malwarebytes [08/04/2016 23:45:37] - |SHD| - [169312] - C:\ProgramData\Menu Démarrer [30/10/2015 09:24:24] - |SD| - [937620896] - C:\ProgramData\Microsoft [13/02/2016 15:18:56] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [08/04/2016 23:45:37] - |SHD| - [0] - C:\ProgramData\Modèles [16/06/2016 13:51:21] - |D| - [70997662] - C:\ProgramData\Oracle [17/06/2016 00:04:25] - |D| - [23277976] - C:\ProgramData\Origin [09/04/2016 00:06:08] - |D| - [121706526] - C:\ProgramData\Package Cache [30/10/2015 09:24:24] - |D| - [1000] - C:\ProgramData\regid.1991-06.com.microsoft [21/04/2016 19:00:20] - |D| - [43065344] - C:\ProgramData\Skype [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\SoftwareDistribution [24/07/2016 21:20:15] - |D| - [3144005] - C:\ProgramData\Sony [30/10/2015 09:24:24] - |D| - [2498] - C:\ProgramData\USOPrivate [13/02/2016 15:15:18] - |D| - [1708032] - C:\ProgramData\USOShared ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [08/04/2016 23:45:37] - |SHD| - [169138] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [30/10/2015 09:24:24] - |RD| - [169138] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [30/10/2015 09:24:24] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [30/10/2015 09:24:24] - |RD| - [15666] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [30/10/2015 09:24:24] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [09/04/2016 00:08:49] - |D| - [2003] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings [08/04/2016 22:55:59] - |D| - [1193] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [16/06/2016 13:50:08] - |D| - [3996] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID [08/04/2016 22:42:37] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [09/04/2016 17:45:28] - |D| - [1993] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [30/05/2016 12:04:20] - |D| - [1272] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [19/07/2016 22:01:10] - |D| - [3662] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark5 [30/10/2015 09:24:28] - |ASH| - [1010] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/10/2015 09:18:13] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [30/10/2015 09:19:28] - |RAS| - [2197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk [04/05/2016 20:48:35] - |D| - [4074] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dovetail Games - Flight [09/04/2016 00:39:01] - |D| - [3944] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [11/07/2016 19:58:15] - |D| - [1272] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [19/07/2016 23:12:59] - |A| - [2568] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [07/07/2016 20:10:10] - |D| - [3359] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [03/06/2016 08:55:17] - |D| - [1371] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [05/07/2016 13:17:12] - |D| - [4272] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Keyboard [09/04/2016 00:18:49] - |A| - [2230] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [30/10/2015 09:19:28] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [16/06/2016 13:51:31] - |D| - [6959] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [15/04/2016 22:06:27] - |D| - [8213] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0 [08/04/2016 19:41:47] - |D| - [964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [30/10/2015 09:24:24] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [18/05/2016 23:37:53] - |D| - [5111] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [03/07/2016 07:35:10] - |D| - [1064] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mephisto [30/10/2015 09:17:57] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [14/04/2016 23:28:34] - |D| - [1075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotionInJoy [09/07/2016 20:05:21] - |A| - [1188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [11/05/2016 00:40:24] - |D| - [2131] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nephya [03/07/2016 08:37:01] - |D| - [3122] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager [16/05/2016 00:45:45] - |D| - [3644] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio [17/06/2016 00:04:24] - |D| - [1832] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [30/10/2015 09:19:28] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [08/04/2016 23:00:10] - |D| - [972] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush [16/05/2016 02:39:14] - |D| - [2153] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent [08/04/2016 23:58:10] - |D| - [8918] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [30/10/2015 09:18:07] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [21/04/2016 19:00:24] - |D| - [2097] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [24/07/2016 21:20:35] - |D| - [2415] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [30/10/2015 09:24:24] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [09/04/2016 01:00:55] - |D| - [1108] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [30/10/2015 09:24:24] - |RD| - [4033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [13/02/2016 15:01:38] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [08/04/2016 22:16:28] - |A| - [1104] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk [11/05/2016 23:58:12] - |A| - [1072] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk [08/07/2016 04:35:19] - |D| - [4948] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine [08/04/2016 23:51:24] - |D| - [6948] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [10/04/2016 05:01:48] - |D| - [4241] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [20/07/2016 00:10:44] - |A| - [1567] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk [20/07/2016 00:10:49] - |A| - [1827] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk [23/05/2016 21:58:58] - |D| - [1733] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [11/05/2016 00:34:00] - |D| - [339596] - C:\Program Files (x86)\Adobe [09/07/2016 02:46:22] - |AD| - [113452258] - C:\Program Files (x86)\AMD [11/05/2016 00:04:43] - |D| - [223927790] - C:\Program Files (x86)\ArkalysGame [08/04/2016 22:53:47] - |D| - [669634736] - C:\Program Files (x86)\Avira [17/06/2016 02:58:58] - |AD| - [11486068] - C:\Program Files (x86)\Battlelog Web Plugins [16/06/2016 13:50:02] - |AD| - [11864832] - C:\Program Files (x86)\Belgium Identity Card [07/07/2016 20:11:18] - |D| - [496] - C:\Program Files (x86)\Benchmarks [26/02/2013 08:28:36] - |A| - [27762] - C:\Program Files (x86)\changes.txt [20/04/2016 23:18:56] - |D| - [27658407482] - C:\Program Files (x86)\Cloud Imperium Games [30/10/2015 08:28:30] - |D| - [98473808] - C:\Program Files (x86)\Common Files [30/05/2016 12:04:20] - |AD| - [19944011] - C:\Program Files (x86)\CrystalDiskInfo [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [10/05/2016 23:52:55] - |D| - [0] - C:\Program Files (x86)\Dofus [04/05/2016 20:37:26] - |D| - [17233591314] - C:\Program Files (x86)\Dovetail Games - Flight [13/05/2016 14:06:27] - |D| - [252203505] - C:\Program Files (x86)\Dropbox [07/06/2016 17:21:09] - |D| - [0] - C:\Program Files (x86)\Electronic Arts [19/07/2016 23:12:50] - |AD| - [10720354430] - C:\Program Files (x86)\Epic Games [05/09/2015 10:11:02] - |A| - [2671376] - C:\Program Files (x86)\fraps.exe [05/09/2015 10:05:08] - |A| - [255760] - C:\Program Files (x86)\fraps32.dll [05/09/2015 10:11:02] - |A| - [102160] - C:\Program Files (x86)\fraps64.dat [05/09/2015 10:05:08] - |A| - [215824] - C:\Program Files (x86)\fraps64.dll [05/09/2015 10:09:46] - |A| - [174080] - C:\Program Files (x86)\frapslcd.dll [07/07/2016 20:11:20] - |A| - [455] - C:\Program Files (x86)\FRAPSLOG.TXT [03/06/2016 08:55:08] - |AD| - [51658572] - C:\Program Files (x86)\Freemake [07/07/2016 19:18:44] - |D| - [5850504] - C:\Program Files (x86)\Futuremark [05/07/2016 13:17:07] - |AD| - [18765774] - C:\Program Files (x86)\Gaming Keyboard [09/04/2016 00:18:22] - |D| - [524512192] - C:\Program Files (x86)\Google [07/07/2016 20:10:10] - |D| - [2199] - C:\Program Files (x86)\HELP [09/04/2016 00:57:28] - |HD| - [30192397] - C:\Program Files (x86)\InstallShield Installation Information [30/10/2015 09:24:24] - |D| - [2154939] - C:\Program Files (x86)\Internet Explorer [16/06/2016 13:51:19] - |D| - [164285669] - C:\Program Files (x86)\Java [15/04/2016 22:05:32] - |AD| - [452750816] - C:\Program Files (x86)\LibreOffice 5 [18/05/2016 23:37:52] - |AD| - [59499544] - C:\Program Files (x86)\Malwarebytes Anti-Malware [30/10/2015 09:24:24] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [14/04/2016 23:28:33] - |AD| - [9130231] - C:\Program Files (x86)\MotionInJoy [07/07/2016 20:11:23] - |D| - [514700976] - C:\Program Files (x86)\Movies [16/06/2016 13:50:06] - |AD| - [96996197] - C:\Program Files (x86)\Mozilla Firefox [09/07/2016 20:05:20] - |D| - [236995] - C:\Program Files (x86)\Mozilla Maintenance Service [09/04/2016 00:45:26] - |D| - [25757] - C:\Program Files (x86)\MSBuild [24/07/2016 14:47:23] - |D| - [42171879] - C:\Program Files (x86)\MSI Afterburner [10/04/2016 04:55:54] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [11/05/2016 00:40:24] - |AD| - [1459289323] - C:\Program Files (x86)\Nephya [24/04/2016 19:41:16] - |AD| - [3150] - C:\Program Files (x86)\Nexus Mod Manager [16/04/2016 02:25:25] - |D| - [104048199] - C:\Program Files (x86)\OBS [17/06/2016 00:03:42] - |AD| - [248355040] - C:\Program Files (x86)\Origin [17/06/2016 00:07:48] - |D| - [103823166455] - C:\Program Files (x86)\Origin Games [08/04/2016 23:00:10] - |AD| - [568904] - C:\Program Files (x86)\puush [08/04/2016 23:34:19] - |D| - [75199557] - C:\Program Files (x86)\qBittorrent [25/04/2016 19:33:57] - |D| - [580624] - C:\Program Files (x86)\Raptr Inc [26/02/2013 08:27:46] - |A| - [1894] - C:\Program Files (x86)\README.HTM [09/04/2016 00:57:28] - |D| - [7651348] - C:\Program Files (x86)\Realtek [09/04/2016 00:45:26] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [08/04/2016 23:58:50] - |D| - [5162147119] - C:\Program Files (x86)\Rockstar Games [07/07/2016 20:11:22] - |D| - [18662598] - C:\Program Files (x86)\Screenshots [21/04/2016 19:00:24] - |RD| - [80069883] - C:\Program Files (x86)\Skype [24/07/2016 21:20:15] - |D| - [60592635] - C:\Program Files (x86)\Sony [09/04/2016 01:00:54] - |D| - [242273726779] - C:\Program Files (x86)\Steam [08/04/2016 22:13:29] - |AD| - [75749461] - C:\Program Files (x86)\TeamSpeak 3 [18/04/2016 23:30:18] - |AD| - [42741453] - C:\Program Files (x86)\TeamViewer [01/07/2016 20:22:54] - |HD| - [0] - C:\Program Files (x86)\Temp [08/07/2016 04:35:16] - |D| - [287824825] - C:\Program Files (x86)\Unigine [07/07/2016 20:10:10] - |A| - [36079] - C:\Program Files (x86)\uninstall.exe [19/04/2016 02:30:57] - |D| - [249167] - C:\Program Files (x86)\Unlocker [08/04/2016 23:51:20] - |D| - [126076377] - C:\Program Files (x86)\VideoLAN [10/05/2016 08:13:48] - |D| - [1736108] - C:\Program Files (x86)\VulkanRT [30/10/2015 09:24:24] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [30/10/2015 09:24:24] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [30/10/2015 09:24:24] - |D| - [3342927] - C:\Program Files (x86)\Windows Media Player [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [30/10/2015 09:24:24] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [30/10/2015 09:24:24] - |SD| - [2685232] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [09/07/2016 02:45:10] - |AD| - [99594832] - C:\Program Files\AMD [08/04/2016 22:42:35] - |AD| - [18626824] - C:\Program Files\CCleaner [30/10/2015 08:28:30] - |D| - [63958973] - C:\Program Files\Common Files [09/04/2016 17:45:28] - |D| - [3110766] - C:\Program Files\CPUID [19/07/2016 22:01:10] - |AD| - [7290977] - C:\Program Files\CrystalDiskMark5 [10/04/2016 04:38:18] - |D| - [35489759] - C:\Program Files\DAEMON Tools Lite [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files\desktop.ini [16/06/2016 13:50:08] - |D| - [707464] - C:\Program Files\DIFX [09/04/2016 00:39:00] - |AD| - [10805724] - C:\Program Files\DriversCloud.com [08/04/2016 23:45:37] - |SHD| - [63958973] - C:\Program Files\Fichiers communs [30/10/2015 09:24:24] - |D| - [2776230] - C:\Program Files\Internet Explorer [16/06/2016 13:50:06] - |D| - [0] - C:\Program Files\log [08/04/2016 19:41:14] - |D| - [199307083] - C:\Program Files\Logitech Gaming Software [09/04/2016 00:45:26] - |D| - [25757] - C:\Program Files\MSBuild [03/07/2016 08:37:00] - |AD| - [24288454] - C:\Program Files\Nexus Mod Manager [16/04/2016 02:25:30] - |D| - [131340995] - C:\Program Files\OBS [01/07/2016 20:24:44] - |D| - [42726992] - C:\Program Files\Realtek [09/04/2016 00:45:26] - |D| - [36850857] - C:\Program Files\Reference Assemblies [08/04/2016 23:58:09] - |D| - [70176190094] - C:\Program Files\Rockstar Games [24/07/2016 21:20:15] - |D| - [775382518] - C:\Program Files\Sony [13/02/2016 15:14:31] - |HD| - [0] - C:\Program Files\Uninstall Information [30/10/2015 09:24:24] - |D| - [11400666] - C:\Program Files\Windows Defender [13/02/2016 15:01:38] - |D| - [8974456] - C:\Program Files\Windows Journal [30/10/2015 09:24:24] - |D| - [6322176] - C:\Program Files\Windows Mail [30/10/2015 09:24:24] - |D| - [5394547] - C:\Program Files\Windows Media Player [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7862330] - C:\Program Files\Windows NT [30/10/2015 09:24:24] - |D| - [6381248] - C:\Program Files\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files\Windows Sidebar [30/10/2015 09:24:24] - |HD| - [1042602244] - C:\Program Files\WindowsApps [30/10/2015 09:24:24] - |SD| - [2856133] - C:\Program Files\WindowsPowerShell [10/04/2016 05:01:45] - |AD| - [5340766] - C:\Program Files\WinRAR [20/07/2016 00:10:38] - |AD| - [155873843] - C:\Program Files\Wireshark ---------- | C:\Program Files (x86)\Common Files [11/05/2016 00:34:00] - |AD| - [51091534] - C:\Program Files (x86)\Common Files\Adobe AIR [08/04/2016 21:44:02] - |D| - [5510224] - C:\Program Files (x86)\Common Files\BattlEye [07/06/2016 17:21:09] - |D| - [392688] - C:\Program Files (x86)\Common Files\BioWare [17/06/2016 02:59:00] - |HD| - [7354863] - C:\Program Files (x86)\Common Files\EAInstaller [03/06/2016 08:55:17] - |D| - [631296] - C:\Program Files (x86)\Common Files\Freemake Shared [30/04/2016 21:33:12] - |D| - [1976305] - C:\Program Files (x86)\Common Files\InstallShield [16/06/2016 13:51:37] - |D| - [1964616] - C:\Program Files (x86)\Common Files\Java [30/10/2015 09:24:24] - |D| - [16022961] - C:\Program Files (x86)\Common Files\Microsoft Shared [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [21/04/2016 19:00:24] - |AD| - [2399872] - C:\Program Files (x86)\Common Files\Skype [09/04/2016 01:00:56] - |D| - [1450064] - C:\Program Files (x86)\Common Files\Steam [30/10/2015 09:24:24] - |D| - [9676683] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [09/07/2016 02:45:42] - |D| - [2541840] - C:\Program Files\Common files\ATI Technologies [09/04/2016 00:53:33] - |D| - [12323924] - C:\Program Files\Common files\Logitech [30/10/2015 09:24:24] - |D| - [38584896] - C:\Program Files\Common files\microsoft shared [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files\Common files\Services [30/10/2015 09:24:24] - |D| - [10505611] - C:\Program Files\Common files\System ---------- | Tasks [MD5.851CBE56EC2A142972307BBC4E7692F0] - [17/05/2016 17:42:41] - |A| - [214] - C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job [MD5.A2DC4D7B627D54D33B06566B2662D110] - [13/05/2016 14:06:28] - |A| - [1188] - C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job [MD5.BBA3D00C56E221056D91EB7EA0DB7BEF] - [13/05/2016 14:06:29] - |A| - [1192] - C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job [MD5.62B96FAA03460F026CACC2D0B677E6E4] - [09/04/2016 00:18:25] - |A| - [1082] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.588C0995018810FC35556C718641F824] - [09/04/2016 00:18:25] - |A| - [1086] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [13/02/2016 15:14:15] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.581C1A87C6544BACF57804ABD39725AD] - [09/04/2016 00:11:01] - |A| - [4296] - C:\Windows\System32\Tasks\AMD Updater : "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" [MD5.EE5AB3DC665F10AC556385B3BED050F0] - [08/04/2016 22:42:38] - |A| - [2868] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.52B4AA18AAB745018C4AB0225EE38E61] - [13/05/2016 14:06:28] - |A| - [4020] - C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.12797A66C82BE68572921BBE55A49BB9] - [13/05/2016 14:06:29] - |A| - [4252] - C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.51FB0DDC887A3B61F89DF9680E531CDD] - [09/04/2016 00:18:25] - |A| - [3912] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.B912DAC2278CAA0BFD03DAECACB7D538] - [09/04/2016 00:18:25] - |A| - [4144] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.A575659A77BF62287248C2D8CD4BF39D] - [08/04/2016 23:45:39] - |A| - [3786] - C:\Windows\System32\Tasks\KMSAutoNet : "C:\ProgramData\KMSAutoS\KMSAuto Net.exe" [MD5.F514CCFC6D57BBE9216E1467965B7D87] - [03/06/2016 08:55:18] - |A| - [4082] - C:\Windows\System32\Tasks\LaunchPreSignup : C:\Program Files (x86)\OLBPre\OLBPre.exe [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [422240] - C:\Windows\System32\Tasks\Microsoft [MD5.9A6E4D0E839B83B3D7D1702EB49CA1A2] - [08/04/2016 23:45:53] - |A| - [4172] - C:\Windows\System32\Tasks\User_Feed_Synchronization-{6187DFF0-41C2-470C-86BB-353A3BD631BB} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "DeliveryOptimization-TCP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "MDNS-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "{19DDD197-BC1E-48C8-AB93-097D001AC164}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{FC249F47-28FC-4D63-97C0-502D222ED9DD}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{28F92960-91CA-4D60-8271-45F7FF746B04}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{9A93D27A-6EEA-4AA5-A06E-E02B5309BDBD}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{2B062BAD-0AC3-42AF-862E-F64E74528CC5}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{6EF2F7A4-F765-4E80-8180-6BC7AC5529D1}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{58F08406-FC62-46D3-99DE-ADFBE21A8C58}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{FAFD8BBD-99B0-4217-AFC0-EB5F7361E28C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D36AC68D-96AC-40F4-AA2C-A509A1F4FACA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{AC1B32DF-3D42-4B2A-9D48-F08AAFE4C55F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{A7DA44F4-98B9-4BA0-BA8E-0D7A705687D2}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{EC84E376-8699-451D-87C9-313AB814F10B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{D41962C3-A0F1-40EC-B092-5E85C8FACDEA}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{EC2E7C0F-A226-4292-81FB-26BC11452DFF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{07BF16C3-E749-4D54-B439-71949775E992}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{07FE52D2-C413-4617-ABEB-30223FAEB3CF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{21A4E0D3-32B0-4FB3-985A-E68BFB1D25BB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{4CADDACB-DDC7-46ED-9EE0-E823E88994D5}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{19C39404-F883-47A6-A1B5-E68C35498BC4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D7BFA687-51CD-4882-AC47-FA8AF9097C38}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{6EBC3A51-C506-47E1-8C42-B9919A1CEF9D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-115953588-1755372066-384823517-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{6A9D41A7-E8D5-4801-9B2E-74456DF3BA78}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1000|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{9D81FFA4-138A-4BAE-B01E-B2D2525B908E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1000|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{7F75CA7A-CA7B-4B3A-9D7E-15181BFAB0D7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{2E8CA8D0-CC0F-4085-8255-0C69591E0CE4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{3E4F1A3E-C5E7-47F9-B32D-1432DCBEF14A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{C1FE9B36-ADC8-4900-932F-7BA7F1AEEA27}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{1DA3883E-D41A-463F-B301-6C7719191C37}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{AC2B3564-3B9D-47DC-BD75-C6E80D2E2F8F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9D9EE104-37EB-4E87-B82D-2233998A510F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{CE53BA7A-E6F1-4CF0-A7A1-173D77CB753F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{83BED948-2354-4995-8BB0-A64BF2CB396C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{6185A536-E435-411D-8F41-E86DED7C34E5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{08E7A35C-8BB3-4CDE-85FC-7012A270E513}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{30E30292-7EF5-428B-A52C-0FFA1945E679}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{653A38A7-E51F-46C4-A5BD-E69B2BA05B2F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{954B80DC-CB1C-42AD-991A-67392B2949E3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F462F0E7-2FB3-49E1-A184-AE85734A713F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{D3A65DB6-2987-40E9-B64F-1103F40B5032}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{4D107377-27ED-4DDD-87AE-AD042F693F9E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{16AF1C01-9DF7-4358-A0B7-E2B13045E824}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A9AB44FB-373A-4FE1-94F0-6073DDD43284}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{93FE8CDB-4ECE-4B7C-8319-C2F328EDDEC8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{10DB6D2C-075B-4AEB-B1EF-FE96D3094F65}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\MCDetection.exe|Name=mcdetection| "{0EA6FC91-266E-4285-823F-A2FCE0CB4214}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\MCDetection.exe|Name=mcdetection| "TCP Query User{EB635DB8-5102-466A-9B6C-D24DD401B8D2}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User| "UDP Query User{87BC1BE3-BE31-4126-89A4-C9713B89DF85}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User| "TCP Query User{5A8DE541-C348-4595-8295-DA06C5B6821D}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe|Name=Arma 3|Desc=Arma 3|Defer=User| "UDP Query User{14D2531D-25A3-43BA-9AB8-8B6D50882518}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe|Name=Arma 3|Desc=Arma 3|Defer=User| "TCP Query User{D06998A3-5398-44BB-A1B4-7C3883AD1372}C:\program files\rockstar games\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\rockstar games\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "UDP Query User{2DDCF489-B06F-4A85-B41A-987F01955832}C:\program files\rockstar games\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\rockstar games\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "TCP Query User{77E34919-7F5D-4BA3-994E-361D78C8B732}C:\program files (x86)\cloud imperium games\patcher\cigpatcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\cloud imperium games\patcher\cigpatcher.exe|Name=cigpatcher|Desc=cigpatcher|Edge=TRUE|Defer=App| "UDP Query User{DF6BB0B4-26D4-426A-A3CA-07B31B449182}C:\program files (x86)\cloud imperium games\patcher\cigpatcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\cloud imperium games\patcher\cigpatcher.exe|Name=cigpatcher|Desc=cigpatcher|Edge=TRUE|Defer=App| "TCP Query User{D757BCB9-3C28-4B59-B62D-DAA537115CED}C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe|Name=starcitizen|Desc=starcitizen|Defer=User| "UDP Query User{1786E84B-9B90-4831-ACAF-125B75CFC0F4}C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe|Name=starcitizen|Desc=starcitizen|Defer=User| "{820A092F-4565-407B-9391-1E8188651BE6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "TCP Query User{C9FC66E9-6357-49F7-AB62-CF253E16B35C}C:\users\nour\desktop\teamspeak3-server_win64\ts3server.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\nour\desktop\teamspeak3-server_win64\ts3server.exe|Name=ts3server.exe|Desc=ts3server.exe|Defer=User| "UDP Query User{D2B14879-9510-4971-ACDB-09E532F0F181}C:\users\nour\desktop\teamspeak3-server_win64\ts3server.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\nour\desktop\teamspeak3-server_win64\ts3server.exe|Name=ts3server.exe|Desc=ts3server.exe|Defer=User| "{97FCC614-5A86-492F-A16C-BD6C9BF5C395}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{2F5A3C9C-C8B2-473B-A4E1-88834BE37569}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{5F4A62CB-AF4A-4B79-A568-574D197FAE39}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{5FC62905-1335-4E83-83D6-3226DCD48711}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{F6223F05-F081-42D9-A7FE-BD8779AE34BC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\qBittorrent\qbittorrent.exe|Name=qBittorrent| "{514476BB-AEB0-4182-90A7-A64032D2105B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\qBittorrent\qbittorrent.exe|Name=qBittorrent| "TCP Query User{75E7278D-95BF-490E-9B7D-03C5027CB7AF}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe|Name=aces|Desc=aces|Defer=User| "UDP Query User{526B0A5B-548F-449C-826B-7C600DE05AA7}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe|Name=aces|Desc=aces|Defer=User| "{E81764CB-FA04-40D6-ACF8-2775310888D9}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Games\World_of_Warships\WoWSLauncher.exe|Name=World of Warships_Launcher in|Desc=|EmbedCtxt=World of Warships| "{CDA0C972-C1CA-4426-8D9A-D4A6447A33F9}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|App=C:\Games\World_of_Warships\WoWSLauncher.exe|Name=World of Warships_Launcher out|Desc=|EmbedCtxt=World of Warships| "{518F52C7-4DA5-4F43-8B95-410BC7050F5D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Games\World_of_Warships\worldofwarships.exe|Name=World of Warships in|Desc=|EmbedCtxt=World of Warships| "{A9EACC0D-A806-4D77-A2BD-4A10B45F9A35}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|App=C:\Games\World_of_Warships\worldofwarships.exe|Name=World of Warships out|Desc=|EmbedCtxt=World of Warships| "TCP Query User{4F06F646-C030-464C-A0E2-26A9BAB6BA2A}C:\program files (x86)\driver san francisco\driver.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\driver san francisco\driver.exe|Name=driver|Desc=driver|Defer=User| "UDP Query User{EA88C077-73FD-4D4B-8EE6-F747FBF5E772}C:\program files (x86)\driver san francisco\driver.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\driver san francisco\driver.exe|Name=driver|Desc=driver|Defer=User| "{846BFD86-BDBE-4872-8BC2-3C19D22765E5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{AB911F53-B7AE-4DC0-B17F-D60E59E56F34}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{1A877DD0-FD59-4DB0-A3DD-63844D486662}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe|Name=Battlefield 4™ (x64)| "{2AC710A3-5EC0-47C6-A114-794715751D39}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe|Name=Battlefield 4™ (x64)| "{1BBE153B-CAE6-42E3-9988-BA7BC6861168}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe|Name=Battlefield 4™ (x86)| "{4362B0A6-BC31-43C6-BCA2-DFBD41DFD0D8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe|Name=Battlefield 4™ (x86)| "TCP Query User{4F755380-53BE-4E30-BC8F-BCF27C95BB9A}C:\program files (x86)\origin games\battlefield 4\bf4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\origin games\battlefield 4\bf4.exe|Name=Battlefield 4™|Desc=Battlefield 4™|Defer=User| "UDP Query User{00EAB4A1-CD5C-48B1-A6B8-202DB7D2A155}C:\program files (x86)\origin games\battlefield 4\bf4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\origin games\battlefield 4\bf4.exe|Name=Battlefield 4™|Desc=Battlefield 4™|Defer=User| "{5CF896EE-C478-4A7B-8738-F7AD316375D8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{135FC83E-B921-483E-A3AF-9639D6B4842B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ| "{0508DD7C-C0E1-4B1D-9036-539B422EF456}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Canon Inkjet Print Utility|Desc=Canon Inkjet Print Utility|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-115199243-2764431856-1086699609-1912897127-1214238601-531789971-2447004905|EmbedCtxt=Canon Inkjet Print Utility|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{4C056EB2-BB16-4704-A007-24B66127EDB8}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe|Name=trine2_32bit|Desc=trine2_32bit|Defer=User| "UDP Query User{ECE068A0-EFB1-4887-AA8B-58927296305B}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe|Name=trine2_32bit|Desc=trine2_32bit|Defer=User| "TCP Query User{0E8CEA24-9A16-453B-B231-77A901F03EEE}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe|Name=STAR WARS™ Battlefront™|Desc=STAR WARS™ Battlefront™|Defer=User| "UDP Query User{E8BAE6C0-3A08-42FF-ACA9-97EED1F61B23}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe|Name=STAR WARS™ Battlefront™|Desc=STAR WARS™ Battlefront™|Defer=User| "{518E4A5D-42EE-4FA3-8D49-44D4E85CB6E6}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{1D8C2CFA-3E6E-431D-B435-2586712232FE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{42764952-F0FD-47D1-9213-09A367B2B6C1}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{47A81120-5697-4AFF-BA86-A37624926033}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{64C93E57-82CB-4C0F-ADBE-072A8F44F33E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{F927738F-E4B6-4936-893A-A8D527490396}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{3D6C0521-711B-4776-9469-954BAF9901D6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "{4523A954-99E7-45F1-9AD0-C5FC273CB72B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "{CAB47847-2C01-4AC5-9D42-6667EB557BB6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe|Name=Raptr Desktop App| "{DD129774-B3DF-4418-904D-8F3D6740E2AC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe|Name=Raptr Desktop App| "{1684AC84-F3BD-42A8-8F3C-4CD5D576321A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe|Name=Raptr IM| "{11D19B18-7680-4733-A043-3D802F458DBB}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe|Name=Raptr IM| "{F7E92E2B-01DB-43C7-8696-28838FDEF03F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe|Name=Plays.tv client| "{42652EAD-E6FD-47C8-BC41-7687AD5388A4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe|Name=Plays.tv client| "{A62EEBA6-C936-44E3-A9FE-36905C36A457}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{8A84DAAD-15B0-4FE2-B100-FD0698B9BCDE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{EDB7D8D6-4777-43C1-ACA0-C92A01521D65}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{F5F29695-B6B4-4453-BF95-5FF9ABC03EDB}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{17CDB08C-5BC5-4053-9175-8F186F4310F6}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{B79C2060-AAFA-44EB-B241-E3B62F4C1780}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{2E420786-DB90-4B4C-9D21-50BEE5D22F42}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{ADC5392E-6686-4878-B2D0-95A54CD07756}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{8257BDF0-EBF1-4D59-B29D-161BC2F737B3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{0DE47AC1-9A80-4440-AA1D-2BEFF9643F6A}C:\users\nour\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\nour\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "UDP Query User{CDF6CC42-6D1D-463A-B88F-90275F2EE065}C:\users\nour\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\nour\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "{7E670FC5-A733-454E-A665-84683216F64C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{886B8C78-7697-49A0-B933-9446611AC1E3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{21612A7A-AC18-47C9-A2A1-D5AD4E519252}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{C8B9451E-6CC4-4252-AA18-73BC80D65C6F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{7F76FE84-C11E-4DC1-B095-D4DAEC4F52B4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox| "{C9541888-D01B-4CD7-8588-A381B154322D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{9EA42B11-7992-4C2F-87F5-51FE51AD0D46}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A93AD86E-14F0-4882-8762-559EA0751FB0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{7EEFA5A6-17FA-4BA8-92B0-EFDE31B24906}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{D5E0420F-E9C6-435A-983B-672B1C0892D0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{D0E853F6-8EAE-4BFC-9AE7-75FC1282FBBA}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{03BD067B-25D8-4DF1-A623-633501C48393}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User| "UDP Query User{8F762C5D-7626-4667-A2B1-9DC0FC036EC5}C:\program files\logitech gaming software\lcore.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\logitech gaming software\lcore.exe|Name=Logitech Gaming Framework|Desc=Logitech Gaming Framework|Defer=User| "TCP Query User{2DA6D2B9-EC69-414F-BF38-5255988755AB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe|Name=Arma 3|Desc=Arma 3|Defer=User| "UDP Query User{94628241-3F1D-425E-974E-BD7E4F889C41}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe|Name=Arma 3|Desc=Arma 3|Defer=User| "TCP Query User{2FC21228-6658-44DF-AA71-017585A53EEE}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{CB5B4242-16C6-4030-B00A-C1F84D208E20}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{83801CCA-2FA1-4F44-8246-24F6E1709E54}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{0A173BB5-B1A5-412B-913D-F877B5EB63CE}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{2B6FFA1B-A770-4ECE-A24C-016A36741883}C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User| "UDP Query User{E3556C6C-706F-449A-96AE-7CB765A1B378}C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User| "{7A83F4EE-9390-45DB-A0E9-6C351AD70E96}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F4D907CA-8CFB-4E44-9CB3-306484E22F74}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{DF89C576-72DE-4AB1-8636-EE608F2CF53C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{E91C86D5-E871-48A0-B308-F41776342865}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{96A94045-E8E2-47C8-9544-C98987513B42}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{72B5A8D8-E6E3-4CB4-9353-8D9FBAA4CA8F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{761367BF-CFA6-4755-AE5C-8F88EBC9E2AF}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe|Name=Rocket League|Desc=Rocket League|Defer=User| "UDP Query User{B3E02BDC-F3CE-4994-A12A-ECC3DDA6525C}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe|Name=Rocket League|Desc=Rocket League|Defer=User| "TCP Query User{209CAE1B-C631-4FFB-9A66-DD4D0F16A502}C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe|Name=starcitizen|Desc=starcitizen|Defer=User| "UDP Query User{A067D42D-D9EE-4ACD-A829-C389860C45A4}C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\cloud imperium games\starcitizen\public\bin64\starcitizen.exe|Name=starcitizen|Desc=starcitizen|Defer=User| "{1D384B4F-405C-4BE2-86D5-C52B5EB9BBE6}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{FFCF9699-5E6A-4957-84EA-EC86903D9C7E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{5BE12225-A070-4759-BCFB-6733D6084B9C}C:\program files (x86)\qbittorrent\qbittorrent.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\qbittorrent\qbittorrent.exe|Name=qBittorrent - A Bittorrent Client|Desc=qBittorrent - A Bittorrent Client|Edge=TRUE|Defer=App| "UDP Query User{3C3298F5-2476-41CB-AE2B-90BAB181FAD9}C:\program files (x86)\qbittorrent\qbittorrent.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\qbittorrent\qbittorrent.exe|Name=qBittorrent - A Bittorrent Client|Desc=qBittorrent - A Bittorrent Client|Edge=TRUE|Defer=App| "{26A8CCEE-3E96-41F0-A889-B094120EA72E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{E598C353-168A-4901-A51A-BEF497264DCB}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-115953588-1755372066-384823517-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Nour\Downloads\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Nour\Downloads\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Nour\Downloads\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Nour\Downloads\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Nour\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Nour\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Nour\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Nour\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Nour\Downloads\QuickDiag.exe"=C:\Users\Nour\Downloads\QuickDiag.exe:*:Enabled:QuickDiag "C:\Users\Nour\Desktop\QuickDiag.exe"=C:\Users\Nour\Desktop\QuickDiag.exe:*:Enabled:QuickDiag ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2EA9B43F-3045-43B5-80F2-FD06C55FBB90}] : (vhdmp) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b91b7968-6435-4966-8928-79bf082e3e30}] : (Logitech LCDs) [] -> @oem10.inf,%LGLCD%;Logitech LCDs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{B95B836B-234E-4857-A1F8-D0D9A9BEC1C5}] : (vmbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e24e7a3c-87cd-4ac9-b426-eec8521b7710}] : (LGWinUSB) [] -> @oem16.inf,%DEVICEMANAGERCATEGORY%;Logitech USB Gaming Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [08/04/2016 22:53:50] - (15.0.15.46) - (Avira Operations GmbH & Co. KG - Avira Manager Driver) - C:\Windows\system32\DRIVERS\avkmgr.sys [08/04/2016 22:53:50] - (15.0.17.269) - (Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement) - C:\Windows\system32\DRIVERS\avipbb.sys [10/04/2016 04:38:29] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\Windows\System32\drivers\dtliteusbbus.sys [15/04/2016 00:08:38] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\Windows\System32\drivers\ScpVBus.sys [10/04/2016 04:38:21] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\Windows\System32\drivers\dtlitescsibus.sys [15/06/2016 13:15:39] - (5.1.2.248) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [08/04/2016 22:53:50] - (15.0.16.222) - (Avira Operations GmbH & Co. KG - Avira Minifilter Driver) - C:\Windows\system32\DRIVERS\avgntflt.sys [08/04/2016 22:53:50] - (15.0.17.269) - (Avira Operations GmbH & Co. KG - Avira WFP Network Driver) - C:\Windows\system32\DRIVERS\avnetflt.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys S0 - ADP80XX () -> System32\drivers\ADP80XX.SYS S0 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys S0 - amdkmafd (@oem26.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter) -> System32\drivers\amdkmafd.sys S0 - amdsata () -> System32\drivers\amdsata.sys S0 - amdsbs () -> System32\drivers\amdsbs.sys S0 - amdxata () -> System32\drivers\amdxata.sys S0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys S0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys S0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys S0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys R0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys S0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys S0 - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys S0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys S0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys S0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys S0 - intelide () -> System32\drivers\intelide.sys S0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys S0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys S0 - LSI_SAS () -> System32\drivers\lsi_sas.sys S0 - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys S0 - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys S0 - LSI_SSS () -> System32\drivers\lsi_sss.sys S0 - megasas () -> System32\drivers\megasas.sys S0 - megasr () -> System32\drivers\megasr.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys S0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys S0 - nvraid () -> System32\drivers\nvraid.sys S0 - nvstor () -> System32\drivers\nvstor.sys S0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys S0 - pciide () -> System32\drivers\pciide.sys S0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys S0 - percsas2i () -> System32\drivers\percsas2i.sys S0 - percsas3i () -> System32\drivers\percsas3i.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys S0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys S0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys S0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys S0 - stexstor () -> System32\drivers\stexstor.sys R0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys S0 - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys S0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys S0 - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys S0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys S0 - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys S0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys S0 - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys S0 - vsmraid () -> System32\drivers\vsmraid.sys S0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys R0 - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys R0 - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - avipbb (avipbb) -> \SystemRoot\system32\DRIVERS\avipbb.sys R1 - avkmgr (avkmgr) -> \SystemRoot\system32\DRIVERS\avkmgr.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - Beep (Beep) -> (?) S1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys R1 - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys R1 - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys R2 - AMD External Events Utility () -> %SystemRoot%\system32\atiesrxx.exe R2 - amdacpksd (ACP Kernel Service Driver) -> \??\C:\Windows\system32\drivers\amdacpksd.sys R2 - amdacpusrsvc (ACP User Service) -> "C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe" S2 - AntiVirMailService (Avira Protection e-mail) -> "C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe" R2 - AntiVirSchedulerService (Avira Planificateur) -> "C:\Program Files (x86)\Avira\Antivirus\sched.exe" R2 - AntiVirService (Avira Protection temps réel) -> "C:\Program Files (x86)\Avira\Antivirus\avguard.exe" S2 - AntiVirWebService (Avira Protection Web) -> "C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe" R2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avgntflt (avgntflt) -> system32\DRIVERS\avgntflt.sys R2 - Avira.ServiceHost (Avira Service Host) -> "C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe" R2 - avnetflt (avnetflt) -> \SystemRoot\system32\DRIVERS\avnetflt.sys R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork S2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - CertPropSvc (@%SystemRoot%\System32\certprop.dll,-11) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - CoreMessagingRegistrar (@%SystemRoot%\system32\coremessaging.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService S2 - dbupdate (Service Mise à jour Dropbox (dbupdate)) -> "C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /svc R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - DeviceAssociationService (@%SystemRoot%\system32\das.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\diagtrack.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService S2 - DoSvc (@%systemroot%\system32\dosvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService S2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - LGCoreTemp (Logitech CPU Core Tempurature) -> \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys R2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys R2 - LogiRegistryService (Logitech Gaming Registry Service) -> C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MapsBroker (@%SystemRoot%\System32\moshost.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys R2 - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys R2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService S2 - OneSyncSvc (@%SystemRoot%\system32\APHostRes.dll,-10002) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_10da3f6 (Hôte de synchronisation_10da3f6) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_238b74b (Hôte de synchronisation_238b74b) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_25f84 (Hôte de synchronisation_25f84) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_26da2 (Hôte de synchronisation_26da2) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_27955 (Hôte de synchronisation_27955) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_297c2 (Hôte de synchronisation_297c2) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2b3fb (Hôte de synchronisation_2b3fb) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2bab5 (Hôte de synchronisation_2bab5) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2bc84 (Hôte de synchronisation_2bc84) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2e1e5 (Hôte de synchronisation_2e1e5) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2e499 (Hôte de synchronisation_2e499) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2ea7f (Hôte de synchronisation_2ea7f) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2ea80 (Hôte de synchronisation_2ea80) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup R2 - OneSyncSvc_32e16 (Hôte de synchronisation_32e16) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3a4707a (Hôte de synchronisation_3a4707a) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4633e (Hôte de synchronisation_4633e) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_51dbf50 (Hôte de synchronisation_51dbf50) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_51f4f87 (Hôte de synchronisation_51f4f87) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_5a0f28 (Hôte de synchronisation_5a0f28) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_5dca0da (Hôte de synchronisation_5dca0da) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_9d2ca20 (Hôte de synchronisation_9d2ca20) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PnkBstrA (PnkBstrA) -> C:\Windows\system32\PnkBstrA.exe R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe S2 - SCardSvr (@%SystemRoot%\System32\SCardSvr.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - TeamViewer (TeamViewer 11) -> "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - tiledatamodelsvc (@%SystemRoot%\system32\tileobjserver.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UserManager (@%systemroot%\system32\usermgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - Wcmsvc (@%SystemRoot%\System32\wcmsvc.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding ---------- | System files (Microsoft Files whitelisted) [MD5.2C5B3035B86770ADD2FE9BFBAF5B35A4] - [30/10/2015 09:17:22] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\Windows\System32\Drivers\3ware.sys [MD5.F7D0CD345D2DA42E7042ABCD73662403] - [30/10/2015 09:17:22] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\Windows\System32\Drivers\adp80xx.sys [MD5.402FC542DA7B5C6C0EB4E83D890B193E] - [15/07/2016 21:23:32] - (.© Advanced Micro Devices. - AMD ACP Binaries.) - [306.41 Ko] - (2016.708.1501.43) - C:\Windows\System32\Drivers\amdacpksd.sys [MD5.B28145E732EDEBBEDABC311DBA56D52A] - [28/07/2015 19:45:36] - (.Copyright (C) 2012 Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) - [39.77 Ko] - (8.14.1.6003) - C:\Windows\System32\Drivers\amdkmafd.sys [MD5.5B30BCFE6E02E45D3EE268FF001BC5E0] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F20B30F35A5C7888441B4DCA001ECF8E] - [30/10/2015 09:17:22] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.AFE838D7576C581D6483529621AB10CC] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\Windows\System32\Drivers\amdxata.sys [MD5.E3FE8F610B1CC12BC3B2E6BC43DC97E2] - [30/10/2015 09:17:22] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\Windows\System32\Drivers\arcsas.sys [MD5.A4DA5AB3C75E5412FB0341EDA4AA0DC8] - [06/07/2016 04:33:36] - (.© Advanced Micro Devices. - AMD High Definition Audio Function Driver.) - [99 Ko] - (10.0.0.3) - C:\Windows\System32\Drivers\AtihdWT6.sys [MD5.593654B0B356D804B821EB30810EA55C] - [06/07/2016 04:55:44] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [26380.52 Ko] - (8.1.1.1558) - C:\Windows\System32\Drivers\atikmdag.sys [MD5.342EA1BFB4986AA79DBB4FF829564E3C] - [06/07/2016 04:13:44] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [495.02 Ko] - (8.14.1.6512) - C:\Windows\System32\Drivers\atikmpag.sys [MD5.5CF5E80616F74B769AABCF76FEA791D1] - [08/04/2016 22:53:50] - (.Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors - Avira Minifilter Driver.) - [125.65 Ko] - (15.0.16.222) - C:\Windows\System32\Drivers\avgntflt.sys [MD5.8EF22CC03EFA1CB6810003C6A3B287D3] - [08/04/2016 22:53:50] - (.Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors - Avira Driver for Security Enhancement.) - [143.27 Ko] - (15.0.17.269) - C:\Windows\System32\Drivers\avipbb.sys [MD5.79F7741A773FF194EEC64A8161AE26D5] - [08/04/2016 22:53:50] - (.Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors - Avira Manager Driver.) - [34.66 Ko] - (15.0.15.46) - C:\Windows\System32\Drivers\avkmgr.sys [MD5.899D89FDF015BBAF628076987D74C295] - [08/04/2016 22:53:50] - (.Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors - Avira WFP Network Driver.) - [76.38 Ko] - (15.0.17.269) - C:\Windows\System32\Drivers\avnetflt.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\Windows\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\Windows\System32\Drivers\bcmfn2.sys [MD5.6447BA6FA709514B6C803D159B4C7D1E] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.679FF716052109392D870F6A6C4A3535] - [10/04/2016 04:38:21] - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Virtual SCSI Bus Driver.) - [29.55 Ko] - (5.28.0.0) - C:\Windows\System32\Drivers\dtlitescsibus.sys [MD5.E23FDD696839A4790682CA66C48D3F2F] - [10/04/2016 04:38:29] - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Virtual USB Bus Driver.) - [46.55 Ko] - (3.4.0.0) - C:\Windows\System32\Drivers\dtliteusbbus.sys [MD5.BBDB58505EE476DF1F610AC5D7CD67AF] - [19/04/2016 21:29:22] - (.-.) - [332.74 Ko] - (0.0.0.0) - C:\Windows\System32\Drivers\EasyAntiCheat.sys [MD5.491275B864B704B54EC08168344E0F38] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2014-2015 QLogic Corporation - QLogic 10 GigE VBD.) - [3356.34 Ko] - (7.12.2.3) - C:\Windows\System32\Drivers\evbda.sys [MD5.7F79205B4EFA98F0767309479C8C01C6] - [04/05/2016 13:35:10] - (.Copyright (C) 2013 LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) - [44.61 Ko] - (8.1.4.1) - C:\Windows\System32\Drivers\Hamdrv.sys [MD5.FF442DCDCE1F6E9FAA9C8AD0CD1D199B] - [30/10/2015 09:17:22] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [30/10/2015 09:17:18] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\Windows\System32\Drivers\iai2c.sys [MD5.59A20F5AD9F4AE54098154359519408E] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [162 Ko] - (30.63.1519.7) - C:\Windows\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [MD5.6B0029A0253098CCE28EACCFDB9E7208] - [30/10/2015 09:17:22] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\Windows\System32\Drivers\iaStorAV.sys [MD5.9652E1E35A92D8C75710C17A63B15796] - [30/10/2015 09:17:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.FFADF691F7BF727AF5C863454A372723] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [414.84 Ko] - (4.91.10730.0) - C:\Windows\System32\Drivers\ibbus.sys [MD5.305BB2AC00D46542E0A653AB63F4ABB1] - [31/07/2014 00:49:18] - (.Copyright(c) 2013 Logitech Inc. - Capture Filter Driver.) - [400.4 Ko] - (8.46.19.1) - C:\Windows\System32\Drivers\ladfGSCamd64.sys [MD5.28CDDC7D478A6313F55077416DCBD0DE] - [31/07/2014 00:49:18] - (.Copyright(c) 2013 Logitech Inc. - DPL2/EQ Filter Driver.) - [100.4 Ko] - (8.46.19.1) - C:\Windows\System32\Drivers\ladfGSRamd64.sys [MD5.31AEF4DF2E06EC0F1A65EC6396771FE6] - [16/02/2016 05:43:08] - (.© 2004-2016 Logitech. - Surround Filter Driver.) - [44.14 Ko] - (8.81.12.0) - C:\Windows\System32\Drivers\ladfGSS.sys [MD5.17325C9B9ADB2BB99049936D0C9812C8] - [11/06/2015 02:33:40] - (.© 2004-2012 Logitech. - Logitech WingMan Virtual Bus Enumerator Driver.) - [36.53 Ko] - (8.70.161.0) - C:\Windows\System32\Drivers\LGBusEnum.sys [MD5.C7AF05942E041D4B1F345ACF79993BB3] - [11/06/2015 02:33:42] - (.© 1999-2010 Logitech. - Logitech Gaming Software Joystick Translation Driver.) - [66.78 Ko] - (8.70.161.0) - C:\Windows\System32\Drivers\LGJoyXlCore.sys [MD5.1DDB8DE3D6EEF31EDCF4977B2D2FAACC] - [11/06/2015 02:33:42] - (.© 2004-2012 Logitech. - Logitech GamePanel Virtual Hid Device Driver.) - [26.28 Ko] - (8.70.161.0) - C:\Windows\System32\Drivers\LGVirHid.sys [MD5.961F28D879D345BFA50AF51285C90F2E] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.6BFB8D1B3407518BE06B6F81F92FA0F5] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [102.34 Ko] - (2.0.76.80) - C:\Windows\System32\Drivers\lsi_sas2i.sys [MD5.BE0E47988D78F731DEC2C0CB03E765CB] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [96.84 Ko] - (2.50.96.80) - C:\Windows\System32\Drivers\lsi_sas3i.sys [MD5.F99BF02BE9219986817BF094981EEB18] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\Windows\System32\Drivers\lsi_sss.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [18/05/2016 23:37:52] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\Windows\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [18/05/2016 23:37:52] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [19/05/2016 00:00:27] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.2ED29B635F35E31A1C0D3DDB7DD2AD03] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\Windows\System32\Drivers\megasas.sys [MD5.22E3CB85870879CBAE13C5095A8B12E3] - [30/10/2015 09:17:23] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\Windows\System32\Drivers\megasr.sys [MD5.D41920FBFFF2BBCBBC69A5B383AD022E] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [688.84 Ko] - (4.91.10730.0) - C:\Windows\System32\Drivers\mlx4_bus.sys [MD5.218705233D02776AE4D19CC37D985C1B] - [30/10/2015 09:17:23] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\Windows\System32\Drivers\mvumis.sys [MD5.898415AC0B5F1D2A9A48ABCB68A6DC4B] - [18/05/2016 23:37:52] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.88 Ko] - (1.0.6.0) - C:\Windows\System32\Drivers\mwac.sys [MD5.B57CE307DA101C739885B7CC0678077F] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [74.34 Ko] - (4.91.10730.0) - C:\Windows\System32\Drivers\ndfltr.sys [MD5.604D27CC38CC23493F218D0BB834B3FF] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\Windows\System32\Drivers\nvraid.sys [MD5.8B50D897657AB4A15FD9E251BBF7D107] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\Windows\System32\Drivers\nvstor.sys [MD5.1398A85E59698067CBBE1D66A9C13ADF] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2014 - MEGASAS RAID Controller Driver for Windows.) - [56.84 Ko] - (6.803.21.0) - C:\Windows\System32\Drivers\percsas2i.sys [MD5.35F7C7AD709D909D618D9EDF987FC3ED] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.602.12.0) - C:\Windows\System32\Drivers\percsas3i.sys [MD5.D8EB393983B644879DE0546122CC16DF] - [08/04/2016 23:40:53] - (.OpenVPN Technologies, Inc. - TAP-Windows Virtual Network Driver (NDIS 6.0).) - [26.5 Ko] - (9.0.0.20) - C:\Windows\System32\Drivers\ptun0901.sys [MD5.1A2D92AE3413BE649F69C232EC09BE6D] - [09/04/2016 00:57:37] - (.Copyright (C) 2016 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Driver .) - [914.25 Ko] - (10.7.107.2016) - C:\Windows\System32\Drivers\rt640x64.sys [MD5.3A2D6740F51BE48C0FD01AD907329DEE] - [01/07/2016 20:24:10] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [4391.21 Ko] - (6.0.1.7541) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.0447065A6E10774EFCECFDD0EB970A79] - [15/04/2016 00:08:38] - (.Copyright © 2012, 2013 Scarlet.Crush Productions. - Scp Virtual Bus Driver.) - [38.25 Ko] - (1.0.0.103) - C:\Windows\System32\Drivers\ScpVBus.sys [MD5.ABBE803FE0BDAE0E5BE74DDEFBE62F23] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6043DF55CFE3C7ACF477645FA64DEA98] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.CCDA497C880AD16D87EDFAEFCFB2EDF5] - [30/10/2015 09:17:23] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\Windows\System32\Drivers\stexstor.sys [MD5.6D1671CB2E5402F01D2F13ECF764CAA1] - [19/01/2016 22:50:38] - (.Copyright © 2006-2015, Intel Corporation. - Intel(R) Management Engine Interface.) - [197.3 Ko] - (11.0.0.1157) - C:\Windows\System32\Drivers\TeeDriverW8x64.sys [MD5.D48ED0A08BD2FD25A833E6AC99623091] - [30/10/2015 09:17:23] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.6990D4AFDF545669D4E6C232F26DE1FB] - [30/10/2015 09:17:23] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\Windows\System32\Drivers\VSTXRAID.SYS [MD5.4A53441C1C4D2878BEF27E381138BB2D] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [26.34 Ko] - (4.91.10730.0) - C:\Windows\System32\Drivers\winmad.sys [MD5.40A3E8D729F458B2C9A8BD9380FF83D5] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [57.84 Ko] - (4.91.10730.0) - C:\Windows\System32\Drivers\winverbs.sys ---------- | Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\6af12c54-643b-4752-87d0-8335503010de_is1] : (Nexus Mod Manager.-.Black Tree Gaming) -> "C:\Program Files\Nexus Mod Manager\uninstall\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958] : (Package de pilotes Windows - Fedict SmartCard (08/08/2015 4.1.5).-.Fedict) -> rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_434c3be66d9de384\beidmdrv.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AMD Catalyst Install Manager] : (AMD Install Manager.-.Advanced Micro Devices, Inc.) -> "C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe" /UNINSTALL /IGNORE_UPGRADE /ON_REBOOT_MESSAGE:NO [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID HWMonitor_is1] : (CPUID HWMonitor 1.29.-.) -> "C:\Program Files\CPUID\HWMonitor\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CrystalDiskMark5_is1] : (CrystalDiskMark 5.1.2.-.Crystal Dew World) -> "C:\Program Files\CrystalDiskMark5\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Lite\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Logitech Gaming Software] : (Logitech - Assistant pour jeux vidéo 8.81.-.Logitech Inc.) -> C:\Program Files\Logitech Gaming Software\uninstallhlpr.exe /bitness=x64 /silentmode=off /langid=FRA /downgrade=no /firstRun=yes [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 105450] : (Age of Empires® III: Complete Collection.-.Ensemble Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/105450 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 107410] : (Arma 3.-.Bohemia Interactive) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/107410 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 219640] : (Chivalry: Medieval Warfare.-.Torn Banner Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/219640 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 221380] : (Age of Empires II: HD Edition.-.Skybox Labs) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/221380 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 227940] : (Heroes & Generals.-.Reto-Moto) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/227940 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 231350] : (3DMark Demo.-.Futuremark) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/231350 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 236390] : (War Thunder.-.Gaijin Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/236390 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252490] : (Rust.-.Facepunch Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/252490 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252950] : (Rocket League.-.Psyonix) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/252950 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 273350] : (Evolve Stage 2.-.Turtle Rock Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/273350 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 291550] : (Brawlhalla.-.Blue Mammoth Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/291550 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 346110] : (ARK: Survival Evolved.-.Studio Wildcard) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/346110 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 35720] : (Trine 2.-.Frozenbyte) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/35720 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 394380] : (BattleStick.-.Pinterac) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/394380 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 4000] : (Garry's Mod.-.Facepunch Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/4000 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 48000] : (LIMBO.-.Playdead) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/48000 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 49520] : (Borderlands 2.-.Gearbox Software) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/49520 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 620] : (Portal 2.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/620 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 730] : (Counter-Strike: Global Offensive.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/730 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeamSpeak 3 Client] : (TeamSpeak 3 Client.-.TeamSpeak Systems GmbH) -> "C:\Program Files (x86)\TeamSpeak 3\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.2.-.Cedrick Collomb) -> C:\Program Files (x86)\Unlocker\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.11.0] : (Vulkan Run Time Libraries 1.0.11.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.11.0\UninstallVulkanRT.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.17.0] : (Vulkan Run Time Libraries 1.0.17.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.17.0\UninstallVulkanRT.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.17.0-2] : (Vulkan Run Time Libraries 1.0.17.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.17.0\Instance_2\UninstallVulkanRT.exe [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.17.0-3] : (Vulkan Run Time Libraries 1.0.17.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.17.0\Instance_3\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.17.0-4] : (Vulkan Run Time Libraries 1.0.17.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.17.0\Instance_4\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.31 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{00FA63C2-474D-4DA4-666B-438520BBCCF9}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{013256F8-F40D-07D5-681C-6EA5BF5B7594}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{02ECCCD8-9676-1E7F-95FC-7EC239DB8D2B}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{03E62AC2-0B16-0089-A3D6-518552A10DC8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06714B56-AF80-FB75-0256-17DB2D7FAD95}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06875F50-592B-63B4-7C06-F2857EEE7C8F}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{082BEE01-97AB-807C-AF6F-A84A78614B47}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0A330707-8720-CBD4-EE4C-DE4E2F1DC95C}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0B28C240-6616-E755-5E44-405D80CD6171}] : (Catalyst Control Center Next Localization PL.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0BA5C068-FA0D-7C39-E185-1FE9AD8C9A98}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0DC45D90-2743-93F9-322A-46D7B283A2C3}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0FB8AE42-3111-AAEB-48DE-2C28AC924BE3}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{10D374E8-7833-3E1E-1092-E11D97C6DAD0}] : (Catalyst Control Center Next Localization SV.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{15B5DADF-A72C-88AE-0729-7EDAA98771DD}] : (Catalyst Control Center Next Localization DE.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{168EE3C4-34EF-5E53-B568-6A195E01547C}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{16FDA73A-E471-A23F-C67E-9E21E7D1C4ED}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{175B4F7D-78B3-C918-0B90-6B0AB08C13C9}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1AFE5198-B1F8-F438-4553-BE0CF99911A8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1E0EEC88-0B57-7E0D-01D2-3ADE40666BE8}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1EE9A097-77CB-944A-8168-50C50623DC59}] : (Catalyst Control Center Next Localization ES.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1FCA2589-DCB9-D859-9871-BC29BCC8E870}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{22D9A80A-FDD0-604F-EE11-84B9A78D72F7}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{24E392FA-47F1-5B50-8CA2-A994F2A2F103}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{25EB4D76-20B3-E658-399A-933E70E85FE8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2641FC6B-EE23-C90B-62E6-ED85FA614FAC}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{270FB07F-6252-8B82-A104-91D440DC7F13}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{277F0908-0383-FDF6-DD8F-E24463033523}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{29479D33-D9B9-0FAB-B3F0-7CD16B6B611D}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2C56E8B3-9480-FB9D-F846-4B8428C490B8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2DA1063D-FE21-D819-A99C-13C34864CDAD}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2DADF833-8782-9B64-8626-D5CD015E443A}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2DFFBAB5-4B39-EF67-38C6-F89DCCA5E127}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2ECEDF72-0C28-B694-7149-39F88E899493}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2F544F88-4C0C-6B80-93E4-25AB21B246D6}] : (Catalyst Control Center Next Localization FI.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{306EB1A2-2F78-5F38-A9B8-26A5C7B810EB}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{32336B51-174A-E66A-DDF5-A641BC0CB7A8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{331C140F-151D-3376-6218-EBCC1FE56A72}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{33FF0C93-CC6F-5548-9BC9-E38A2663E700}] : (Catalyst Control Center Next Localization CHS.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{341B5E60-B0C9-58FD-BFE8-9A1D524BAB1F}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3666E222-0332-4CEE-4772-EBCE5A291214}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3784F95B-4761-108E-1992-ABD39808BD4E}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3DB0C4BA-37EE-A3E1-F80C-3EDB5AA203A2}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3DC89690-E037-D1D4-264C-F2D6DA2240C4}] : (Catalyst Control Center Next Localization KO.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{452BA5F3-6E3F-37B1-13D9-01231342C427}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4573B238-A946-F4E7-A50B-D1CB84C3A56C}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{49EF7101-09DD-C987-6848-2FA8A0159DB7}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4A43AD98-B06A-8E46-03F4-08E3771F85D8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4C51F276-0642-44CD-1EAE-1A53DCA45C0A}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4CB271A3-7EFD-6C7C-96BC-14E271AB63AB}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4E9FA66E-EFC2-A398-4686-BA1FCCF96530}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{511FBA3E-FA09-BA46-22EE-50432AE3CEEE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{51533F47-C4A9-E0C6-3B98-0B2EAC89B2A3}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{523A30C8-FCB3-37B0-87CC-137A4B69FFD4}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{525825D2-44EA-ABC8-D946-79E82A7F41BD}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{52A46417-A51E-B544-7A46-28AB2899246F}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{52FA4E1B-3789-D61E-E0EA-2E1C90F4FE8A}] : (Catalyst Control Center Next Localization TH.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{54279CE3-1803-42E4-6F25-A0818531AED2}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5894E0F8-A763-0971-3A77-351903EBFFE9}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5A51B53B-6BD4-FDE2-F5C1-395DCB1B011E}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5A65C20E-F239-A80C-D550-AFE8F88B11B4}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5ACE0214-DB28-9ED6-E247-F07CF81AC1AF}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5B80C9E9-CA09-0A11-3856-0C750D4ACFBE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5E0FB053-0AE7-5466-E972-551F7BE9E1B7}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6046E5CE-9DC6-135B-C7BC-B8E4F34A5096}] : (Catalyst Control Center Next Localization NL.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{60836954-934F-0ECF-9C05-168DBECE2399}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{60FE119D-C665-5547-820C-5DC3A8D16F87}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{614564F1-EC98-B820-E420-C400CA605A57}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{61AA5823-E3D2-8E4B-9817-8E23556A5259}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{61C87839-E54E-F438-AF30-A8F4F451C4FA}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6237346A-DDA6-19F0-03A7-818D85D64DEF}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{65862EB0-A23C-17A1-6952-91E6E70A16FC}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6633931B-28B3-E7E4-F752-C3E50A933E6D}] : (Catalyst Control Center Next Localization RU.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{67FB1962-32C5-9A85-7195-F2D1285DA2B2}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{690285C2-2481-44FB-8402-162EA970A6DD}] : (Logitech Gaming Software.-.Logitech Inc.) -> MsiExec.exe /I{690285C2-2481-44FB-8402-162EA970A6DD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6BEDE94D-9D3E-148D-C041-D0E08F554205}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6D6021C2-872B-139F-5DAD-488D7D7A4532}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6F700CE8-375F-84B8-F98C-654CF62DE313}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{706A03F5-F3C3-F298-60DE-F9E8F4F76B10}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{72818A93-B1CE-2D9F-B9BF-7E26B8271C1B}] : (Catalyst Control Center Next Localization EL.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{740CBA0A-849C-BB90-A03A-A765C1F492F3}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7559603B-C973-C9A4-F645-21AC07D7B74F}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{778703F2-CCFD-41FC-BC93-7306147211D1}] : (Catalyst Control Center Next Localization HU.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{77D6A6E7-4771-44F5-EC4D-24D6AD296BE9}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{77EEC345-B758-45DF-94C2-25D91D520650}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{77EEC345-B758-45DF-94C2-25D91D520650} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{78ACE60E-0CB7-4935-BCD4-F33422105607}] : (AMD Settings - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{78ACE60E-0CB7-4935-BCD4-F33422105607} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{796DECDD-EC97-0220-CF30-20E5179FC177}] : (Catalyst Control Center Next Localization JA.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7AE7CA86-C5E4-2A6C-0501-3CCE620D8F37}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7B15D05C-4704-0B8E-793F-B052503C87E9}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7BD3F231-E746-15AF-19A3-A30DF71955EF}] : (AMD Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{7BD3F231-E746-15AF-19A3-A30DF71955EF} REBOOT=ReallySuppress [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7C411F24-85CA-D042-D339-DDCB0563670F}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7DCB7E5D-78D4-EF3B-D51E-DDCAECC3A206}] : (Catalyst Control Center Next Localization BR.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7FDD47B2-94C4-2EF2-819C-40FB19AF267A}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{82EE8DF9-60C9-85CF-2E87-F9F423EBC8F6}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{848FBADF-13BD-8948-65AB-083C2F6E94D5}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{86F718E7-6AFB-1DFB-219E-AF7752F91C4E}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{87009858-7535-57E2-5EA9-FBEDEDA1E312}] : (Catalyst Control Center Next Localization NO.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{87AF01F7-11D3-944A-DF28-999928FBAB1F}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{87B2419A-F615-AD3A-3521-FFE0C4FE37DF}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88D913EA-E638-B59D-4281-98B6F434EDED}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88DC06DE-350D-B3A6-99D7-D22820775D14}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8CC237F6-02EA-BA74-FBEB-70B7A9AF82B1}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{919A2EDC-34F8-C5C3-7276-A557992CFA60}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{91DF8F16-C2CC-A13A-7D7F-EA0A305A1F71}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{94511398-5192-1638-AEED-8BAA10DDC8AF}] : (Catalyst Control Center Next Localization IT.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{94B27DCE-7F54-363C-D574-808FDC9CFB58}] : (Catalyst Control Center Next Localization DA.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{94BF308C-4DB7-2286-D917-1AA237280A0C}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9556C483-2D67-6B2F-A15E-D83417604CE7}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9A9FB48A-EBB1-665E-DB29-B2FECCCD59E8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9C73DB4D-ECF4-B764-5FF7-4B7860BFC681}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9D8F0660-1091-7367-345E-E58AD705CA41}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9DEA3C61-6DDD-FB20-59BC-F5F8F7E52AFE}] : (Catalyst Control Center Next Localization CHT.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9F11B70E-FE0B-9830-D5B8-9FD15B980123}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9FD0E0C9-9E88-A306-4BA3-41BC479446C8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A069CDA1-2484-399C-5592-63F1C8F604DD}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A13A0F4A-E14D-3A68-4F7B-E157CBA76784}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A312A358-3900-E831-040C-0D39825F3DD8}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A36C9E35-4DAF-36A9-6976-5BDC4FF3EAA3}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A4AB9E6D-43AC-BA78-20E8-C0D0D8649F19}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A8DAE24C-5E00-B481-BD9B-D46532EF219A}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AA461BB2-9A5D-3E1E-05A6-3C1FCD768EEB}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AAF31E58-E44A-994E-F65D-B41808FB3160}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B03568CA-336E-A0C2-7C15-4AD826D03D88}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B05F28F6-B562-C4F7-CAE3-BDD77C16C3E3}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B0D87120-6049-36ED-C233-229B82474373}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B16E9589-7E9F-DC0B-1B19-F898AE5A7C47}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B320E1A2-D333-A53E-7AA6-462699EC3437}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B911A29E-3D28-A02D-85F6-7362A997A5FB}] : (Catalyst Control Center Next Localization FR.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BAB5C2A4-59AE-F873-756E-F6E054501D18}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BCBF0016-9941-90DD-6DAE-4560B9797274}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BF07E05D-3D7C-6E4E-3843-DFE6D9FFACC8}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BFAC2F93-73DB-EC58-4577-C16D5A298912}] : (Catalyst Control Center Next Localization CS.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C105DB6E-CA11-9A0A-9419-0D1255173D39}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C2746832-43BE-8590-3EEE-19984585C101}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C2B8CBDE-5232-11E3-B494-F04DA23A5C58}] : (MSVCRT Redists.-.Sony Creative Software Inc.) -> MsiExec.exe /I{C2B8CBDE-5232-11E3-B494-F04DA23A5C58} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C5F114C0-4584-A637-C2E9-E8BCD6A2408F}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C7BAA2B7-63EC-8772-A355-52F36462CE21}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C8048A0E-274F-1E7B-2DBB-FA290A92DB36}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C8B0F5C1-5497-4289-C957-8FE674665F30}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C972AB5C-1958-7368-3558-E799CC584053}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CAC827E3-7101-DC1B-B0F9-F787C7203ECF}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CB1B3B51-83E0-FE61-C9D8-0D5752368F9D}] : (Catalyst Control Center Next Localization TR.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}] : (Vegas Pro 13.0 (64-bit).-.Sony) -> MsiExec.exe /X{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D0405779-60EA-E075-B6F3-8CB099401E8F}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D2A02D8A-096D-95F5-5E64-60A197790AC4}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D342FC9C-FC1A-EE75-9C83-98963901A71E}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D3582742-A464-3F63-526C-6247E26183B8}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}] : (MSVCRT Redists.-.Sony Creative Software Inc.) -> MsiExec.exe /I{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D6EDF10E-023C-198F-215B-5DD74E2B1D81}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D7B63982-8094-4AEA-7A77-FA48FF2C1CCC}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D8D5F56E-63B5-3290-4938-EE82D703DBEB}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DB92F356-B5CD-DAD1-68CD-70B62297D07D}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DB942AEA-93D6-4FE4-8862-180D35A71730}] : (Belgium e-ID middleware 4.1.18 (build 1730).-.Belgian Government) -> MsiExec.exe /I{DB942AEA-93D6-4FE4-8862-180D35A71730} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DBAE36A4-F2D8-F405-FB92-57C7BC546EC5}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DD3D1B32-7AAA-6D38-310B-606A799A17FA}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E4551776-E23C-B5BE-1124-91643E733A2E}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E4687E1C-4C56-50EF-4363-345D08306B56}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E68043FB-73DF-C829-A36D-4DB96A119CDD}] : (AMD Settings.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E6FA089C-448D-334D-4E92-C331282FEC45}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7D4B73C-C643-FEFC-81CA-8F9F1757E668}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E8B8B751-7006-7DFC-4AB8-7A503E25087A}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E99569A3-3BDB-5227-3BE9-36A81151D796}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EA85E135-7E7D-19E5-B65D-5E3A87C5F5EF}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EB35416E-D6F2-B385-2AA8-B3EF09396085}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ECCFBBAA-5D4D-8C5F-83FE-965A6C78F98D}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ED720098-D212-12DC-754D-E1E39AF0BC61}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F08A0BBC-9335-1BA0-79A9-732113E9DF1C}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F189C432-DD9A-3503-F421-8D28B134D8CC}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F27AE362-13CD-3D68-94FD-20E4F92AADAE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F391790D-F08F-F4B5-77CD-668EBC078B1A}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F5205865-EB7A-5F19-73B4-BE967D12B43E}] : (ACP Application.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{F5205865-EB7A-5F19-73B4-BE967D12B43E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F8E2FEC7-85F0-3AF4-8E73-44E959167018}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F92DEA29-82F9-F1F1-E8A6-113CE36EEF64}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FC4135A5-7715-980D-556B-47D6CC032449}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FF9BDE5A-19D7-9CEE-1F84-BA92A3EFFD30}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FFD645F9-D4B8-B0AC-5560-097D7232DEB0}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Shockwave Player] : (Adobe Shockwave Player 12.2.-.Adobe Systems, Inc.) -> "C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Afterburner] : (MSI Afterburner 4.2.0.-.MSI Co., LTD) -> "C:\Program Files (x86)\MSI Afterburner\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avira Antivirus] : (Avira Antivirus.-.Avira Operations GmbH & Co. KG) -> C:\Program Files (x86)\Avira\Antivirus\setup.exe /REMOVE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battlelog Web Plugins] : (Battlelog Web Plugins.-.EA Digital Illusions CE AB) -> C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BitRaider Streaming Client] : (BitRaider Streaming Client.-.BitRaider, LLC) -> C:\ProgramData\BitRaider\common\brwc.exe -brremoveclient [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CrystalDiskInfo_is1] : (CrystalDiskInfo 6.8.2 Shizuku Edition.-.Crystal Dew World) -> "C:\Program Files (x86)\CrystalDiskInfo\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ESN Sonar-0.70.4] : (ESN Sonar.-.ESN Social Software AB) -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fraps] : (Fraps.-.) -> "C:\Program Files (x86)\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Freemake Audio Converter_is1] : (Freemake Audio Converter version 1.1.8.-.Ellora Assets Corporation) -> "C:\Program Files (x86)\Freemake\Freemake Audio Converter\Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\G430_Driver] : (Logitech G430 Driver.-.Logitech) -> "C:\Program Files\Common Files\Logitech\G430Install\uninstall.exe" /S [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Flight Simulator X Steam Edition_is1] : (Microsoft Flight Simulator X Steam Edition.-.) -> "C:\Program Files (x86)\Dovetail Games - Flight\Microsoft Flight Simulator X Steam Edition\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 47.0.1 (x86 fr)] : (Mozilla Firefox 47.0.1 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Open Broadcaster Software] : (Open Broadcaster Software.-.) -> C:\Program Files (x86)\OBS\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Origin] : (Origin.-.Electronic Arts, Inc.) -> C:\Program Files (x86)\Origin\OriginUninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\qBittorrent] : (qBittorrent 3.2.4.-.The qBittorrent project) -> "C:\Program Files (x86)\qBittorrent\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TeamViewer] : (TeamViewer 11.-.TeamViewer) -> C:\Program Files (x86)\TeamViewer\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unigine Heaven Benchmark (Basic Edition)_is1] : (Heaven Benchmark version 4.0.-.Unigine Corp.) -> "C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wireshark] : (Wireshark 2.0.4 (64-bit).-.The Wireshark developer community, https://www.wireshark.org) -> "C:\Program Files\Wireshark\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08A747C5-7144-45BE-9CFB-1DB07957AAAE}_is1] : (The Witcher 3 Wild Hunt.-.CD Projekt) -> "C:\Games\The Witcher 3 Wild Hunt\Uninstall\unins000.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{12225E6B-0028-4417-B43B-E72DA1FB0CD2}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{19687AD5-7E54-4C5E-A796-125C95079C1D}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{19687AD5-7E54-4C5E-A796-125C95079C1D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218091F0}] : (Java 8 Update 91.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218091F0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}\UE4PrereqSetup_x64.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34CE35A5-BC22-4045-9F05-6C411D3A74DB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{36404440-3A39-C9B5-4713-2DB315DEF034}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3d9e0476-943f-4962-99dc-b9c937a43840}] : (Avira Launcher.-.Avira Operations GmbH & Co. KG) -> "C:\ProgramData\Package Cache\{3d9e0476-943f-4962-99dc-b9c937a43840}\Avira.OE.Setup.Bundle.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40C98ADC-A44D-401E-BDDD-5094E4CF7D09}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43D862C3-739D-4FF6-91C0-25612368CC81}] : (LibreOffice 5.0.5.2.-.The Document Foundation) -> MsiExec.exe /I{43D862C3-739D-4FF6-91C0-25612368CC81} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4D2D3DC8-404C-46E2-B57C-49C45BD110AC}] : (Gaming Keyboard Driver.-.LXD) -> C:\Program Files (x86)\InstallShield Installation Information\{4D2D3DC8-404C-46E2-B57C-49C45BD110AC}\setup.exe -runfromtemp -l0x0009 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5052D282-C9AE-48CC-A9F5-17058BEEAA50}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56F20B16-D527-24CE-4EF9-3D7B3E86E929}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] : (swMSM.-.Adobe Systems, Inc) -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6342EDFC-41D8-45F8-8F26-65750E918032}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6AF775D8-E2DD-4D8B-9636-D0F6992B7A1A}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{72AE1DCC-7F4B-462A-AAFF-11A2702DE6E7}_is1] : (Nephya version 2.0.-.Nephya) -> "C:\Program Files (x86)\Nephya\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{74980DB7-1651-B9FD-B18D-04433FE38C77}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{76285C16-411A-488A-BCE3-C83CB933D8CF}] : (Battlefield 3™.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83BD0D59-6E0E-34B2-F25F-5F950E133599}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92a7fd6b-31e5-472f-862e-79214c5032ef}] : (Avira Launcher.-.Avira Operations GmbH & Co. KG) -> "C:\ProgramData\Package Cache\{92a7fd6b-31e5-472f-862e-79214c5032ef}\Avira.OE.Setup.Bundle.exe" /uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{99272ACB-A083-6069-F834-E1463A101CD4}] : (AMD Settings.-.Advanced Micro Devices, Inc.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A6634D1D-EA57-45DE-AF8F-0EDD35B912C3}] : (Avira Launcher.-.Avira Operations GmbH & Co. KG) -> MsiExec.exe /X{A6634D1D-EA57-45DE-AF8F-0EDD35B912C3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABADE36E-EC37-413B-8179-B432AD3FACE7}] : (Battlefield 4™.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B41E2EA6-F400-3D38-2A34-09EA8ABD7BDF}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B455E95A-B804-439F-B533-336B1635AE97}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD7E17B3-FEB2-4761-980D-50C4FA169EF9}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{BD7E17B3-FEB2-4761-980D-50C4FA169EF9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C029726A-CCBF-46D8-893A-E62105DB9803}_is1] : (DS3 Tool 1.0005 Windows.-.MotionInJoy.) -> "C:\Program Files (x86)\MotionInJoy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C1578C4F-5453-44FE-A172-01331906BF18}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3592426-531E-4110-911D-BFECE2CE284B}] : (puush.-.Dean Herbert) -> MsiExec.exe /X{C3592426-531E-4110-911D-BFECE2CE284B} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C7FF0DD8-90C1-4612-B41F-0CA013062953}] : (Futuremark SystemInfo.-.Futuremark) -> MsiExec.exe /X{C7FF0DD8-90C1-4612-B41F-0CA013062953} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}] : (GTA San Andreas.-.Rockstar Games) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}] : (Grand Theft Auto V.-.Rockstar Games) -> "C:\Program Files (x86)\InstallShield Installation Information\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E402D891-4E45-4ce9-B41F-DD35864EF170}] : (STAR WARS™ Battlefront™.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\STAR WARS Battlefront\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB1095C7-9E14-A458-FE29-60EA52D39186}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}] : (Skype™ 7.22.-.Skype Technologies S.A.) -> MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6} ---------- | Installer [HKCR\Installer\Products\042C82B06166557EE54404D508DC1617] : Catalyst Control Center Next Localization PL -> C:\Windows\Installer\{0B28C240-6616-E755-5E44-405D80CD6171}\ARPPRODUCTICON.exe [HKCR\Installer\Products\09698CD3730E4D1D62C42F6DAD22044C] : Catalyst Control Center Next Localization KO -> C:\Windows\Installer\{3DC89690-E037-D1D4-264C-F2D6DA2240C4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\132F3DB7647EFA51913A3AD07F9155FE] : AMD Install Manager -> C:\Windows\Installer\{7BD3F231-E746-15AF-19A3-A30DF71955EF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\15B3B1BC0E3816EF9C8DD0752563F8D9] : Catalyst Control Center Next Localization TR -> C:\Windows\Installer\{CB1B3B51-83E0-FE61-C9D8-0D5752368F9D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\16C3AED9DDD602BF95CB5F8F7F5EA2EF] : Catalyst Control Center Next Localization CHT -> C:\Windows\Installer\{9DEA3C61-6DDD-FB20-59BC-F5F8F7E52AFE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2C5820961842BF44482061E29A076ADD] : Logitech Gaming Software [HKCR\Installer\Products\2F307877DFCCCF14CB3937604127111D] : Catalyst Control Center Next Localization HU -> C:\Windows\Installer\{778703F2-CCFD-41FC-BC93-7306147211D1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\39A81827EC1BF9D29BFBE7628B72C1B1] : Catalyst Control Center Next Localization EL -> C:\Windows\Installer\{72818A93-B1CE-2D9F-B9BF-7E26B8271C1B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\39C0FF33F6CC8455B99C3EA862367E00] : Catalyst Control Center Next Localization CHS -> C:\Windows\Installer\{33FF0C93-CC6F-5548-9BC9-E38A2663E700}\ARPPRODUCTICON.exe [HKCR\Installer\Products\39F2CAFBBD3785CE54771CD6A5929821] : Catalyst Control Center Next Localization CS -> C:\Windows\Installer\{BFAC2F93-73DB-EC58-4577-C16D5A298912}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3B71E7DB2BEF167489D0054CAF61E99F] : Epic Games Launcher -> C:\Windows\Installer\{BD7E17B3-FEB2-4761-980D-50C4FA169EF9}\UnrealEngineLauncher.ico [HKCR\Installer\Products\3C268D34D9376FF4190C52163286CC18] : LibreOffice 5.0.5.2 -> C:\Windows\Installer\{43D862C3-739D-4FF6-91C0-25612368CC81}\soffice.ico [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208190F] : Java 8 Update 91 -> C:\Program Files (x86)\Java\jre1.8.0_91\\bin\javaws.exe [HKCR\Installer\Products\543CEE77857BFD54492C529DD1256005] : DriversCloud.com (64 bits) -> C:\Windows\Installer\{77EEC345-B758-45DF-94C2-25D91D520650}\maconfico [HKCR\Installer\Products\5685025FA7BE91F5374BEB69D7214BE3] : ACP Application -> C:\Windows\Installer\{F5205865-EB7A-5F19-73B4-BE967D12B43E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\5DA7869145E7E5C47A6921C55970C9D1] : Adobe AIR [HKCR\Installer\Products\6030E61781384634B8F8C04C9E73B6CA] : Analyseur et SDK MSXML 4.0 SP2 [HKCR\Installer\Products\6242953CE135011419D1FBCE2EEC82B4] : puush -> C:\Windows\Installer\{C3592426-531E-4110-911D-BFECE2CE284B}\osunew_0001.ico [HKCR\Installer\Products\74A569CF9384AC046B81814F680F246C] : Skype™ 7.22 -> C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe [HKCR\Installer\Products\790A9EE1BC77A4491886055C6032CD95] : Catalyst Control Center Next Localization ES -> C:\Windows\Installer\{1EE9A097-77CB-944A-8168-50C50623DC59}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7C43C21609E58D74B9C5F017D78D7262] : swMSM -> C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8589007853572E75E59ABFDEDE1A3E21] : Catalyst Control Center Next Localization NO -> C:\Windows\Installer\{87009858-7535-57E2-5EA9-FBEDEDA1E312}\ARPPRODUCTICON.exe [HKCR\Installer\Products\88F445F2C0C408B6394E52BA122B646D] : Catalyst Control Center Next Localization FI -> C:\Windows\Installer\{2F544F88-4C0C-6B80-93E4-25AB21B246D6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8931154929158361EADEB8AA01DD8CFA] : Catalyst Control Center Next Localization IT -> C:\Windows\Installer\{94511398-5192-1638-AEED-8BAA10DDC8AF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8DD0FF7C1C0921644BF1C00A31609235] : Futuremark SystemInfo -> C:\Windows\Installer\{C7FF0DD8-90C1-4612-B41F-0CA013062953}\FuturemarkIcon [HKCR\Installer\Products\8E473D013387E1E301291ED1796CAD0D] : Catalyst Control Center Next Localization SV -> C:\Windows\Installer\{10D374E8-7833-3E1E-1092-E11D97C6DAD0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\AEA249BD6D394EF4882681D0537A7103] : Belgium e-ID middleware 4.1.18 (build 1730) -> C:\Windows\Installer\{DB942AEA-93D6-4FE4-8862-180D35A71730}\eid.ico [HKCR\Installer\Products\B13933663B824E7E7F253C5EA039E3D6] : Catalyst Control Center Next Localization RU -> C:\Windows\Installer\{6633931B-28B3-E7E4-F752-C3E50A933E6D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B1E4AF259873E16D0EAEE2C1094FEFA8] : Catalyst Control Center Next Localization TH -> C:\Windows\Installer\{52FA4E1B-3789-D61E-E0EA-2E1C90F4FE8A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BCA27299380A96068F431E64A301C14D] : AMD Settings -> C:\Windows\Installer\{99272ACB-A083-6069-F834-E1463A101CD4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BF34086EFD37928C3AD6D49BA611C9DD] : AMD Settings -> C:\Windows\Installer\{E68043FB-73DF-C829-A36D-4DB96A119CDD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D139E7FE48CDB174D86B8A3385904547] : [HKCR\Installer\Products\D1D4366A75AEED54FAF8E0DD539B213C] : Avira Launcher [HKCR\Installer\Products\D5E7BCD74D87B3FE5DE1DDACCE3C2A60] : Catalyst Control Center Next Localization BR -> C:\Windows\Installer\{7DCB7E5D-78D4-EF3B-D51E-DDCAECC3A206}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DDCED69779CE0220FC03025E71F91C77] : Catalyst Control Center Next Localization JA -> C:\Windows\Installer\{796DECDD-EC97-0220-CF30-20E5179FC177}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E06ECA877BC05394CB4D3F4322016570] : AMD Settings - Branding -> C:\Windows\Installer\{78ACE60E-0CB7-4935-BCD4-F33422105607}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E92A119B82D3D20A586F37269A795ABF] : Catalyst Control Center Next Localization FR -> C:\Windows\Installer\{B911A29E-3D28-A02D-85F6-7362A997A5FB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EC5E64066CD9B5317CCB8B4E3FA40569] : Catalyst Control Center Next Localization NL -> C:\Windows\Installer\{6046E5CE-9DC6-135B-C7BC-B8E4F34A5096}\ARPPRODUCTICON.exe [HKCR\Installer\Products\ECD72B4945F7C3635D4708F8CDC9BF85] : Catalyst Control Center Next Localization DA -> C:\Windows\Installer\{94B27DCE-7F54-363C-D574-808FDC9CFB58}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EDBC8B2C23253E114B490FD42AA3C585] : MSVCRT Redists [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F86A02ECCBFB3E11AA370FD42AA3C585] : Vegas Pro 13.0 (64-bit) -> C:\Windows\Installer\{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}\vegas.ico [HKCR\Installer\Products\FC5DAE63FE44FCF4B81E9DC684537D4A] : UE4 Prerequisites (x64) -> C:\Windows\Installer\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}\Setup.ico [HKCR\Installer\Products\FC72DB4DCBFB3E11B9F80FD42AA3C585] : MSVCRT Redists [HKCR\Installer\Products\FDAD5B51C27AEA887092E7AD9A7817DD] : Catalyst Control Center Next Localization DE -> C:\Windows\Installer\{15B5DADF-A72C-88AE-0729-7EDAA98771DD}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: MSI BIOS Manufacturer: American Megatrends Inc. System Manufacturer: MSI System Product Name: MS-7817 Logical Drives Mask: 0x00000004 Analysis of file "C:\QuickDiag\MBR.bin": Windows 7 MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog ATI EEU Service event error ------------ ATI EEU Service event error ------------ ATI EEU Service event error ------------ ATI EEU Service event error ------------ Le programme WhatsApp.exe version 1.2.3.0 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 2aa4 Heure de début : 01d1e76199b347b6 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Users\Nour\AppData\Local\WhatsApp\app-0.2.1061\WhatsApp.exe ID de rapport : db117b0a-5375-11e6-8785-d8cb8ae8f260 Nom complet du package défaillant : ID de l'application relative au package défaillant : ------------ ATI EEU Service event error ------------ ATI EEU Service event error ------------ ATI EEU Service event error ------------ Nom de l’application défaillante dwm.exe, version : 10.0.10586.0, horodatage : 0x5632d756 Nom du module défaillant : dwmcore.dll, version : 10.0.10586.494, horodatage : 0x5775e327 Code d’exception : 0xc0000602 Décalage d’erreur : 0x00000000000d04ff ID du processus défaillant : 0x172c Heure de début de l’application défaillante : 0x01d1e5cf8ec97176 Chemin d’accès de l’application défaillante : C:\Windows\system32\dwm.exe Chemin d’accès du module défaillant: C:\Windows\system32\dwmcore.dll ID de rapport : 718641ee-6695-4ade-ad57-fdc1bd16415e Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Nom de l’application défaillante dwm.exe, version : 10.0.10586.0, horodatage : 0x5632d756 Nom du module défaillant : dwmcore.dll, version : 10.0.10586.494, horodatage : 0x5775e327 Code d’exception : 0xc0000602 Décalage d’erreur : 0x00000000000d04ff ID du processus défaillant : 0x3e4 Heure de début de l’application défaillante : 0x01d1e5ab6612e266 Chemin d’accès de l’application défaillante : C:\Windows\system32\dwm.exe Chemin d’accès du module défaillant: C:\Windows\system32\dwmcore.dll ID de rapport : b889da5c-9ce9-474c-836c-94c00308e06b Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante Explorer.EXE, version : 10.0.10586.494, horodatage : 0x5775e575 Nom du module défaillant : npsm.dll, version : 10.0.10586.0, horodatage : 0x5632d7b2 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000007886 ID du processus défaillant : 0xed8 Heure de début de l’application défaillante : 0x01d1e5ab77bc2557 Chemin d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du module défaillant: C:\Windows\System32\npsm.dll ID de rapport : 87b887c2-7bcc-4ed8-8a7c-44a942308b85 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ La création du contexte d’activation a échoué pour « c:\program files\logitech gaming software\drivers\installers\CallScanReg.exe ». Assembly dépendant Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files (x86)\dovetail games - flight\microsoft flight simulator x steam edition\sdk\core utilities kit\simconnect sdk\samples\weather station\Weather Station.exe ». Assembly dépendant Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62607.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files (x86)\dovetail games - flight\microsoft flight simulator x steam edition\sdk\core utilities kit\simconnect sdk\samples\windows event\Windows Event.exe ». Assembly dépendant Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62607.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files (x86)\dovetail games - flight\microsoft flight simulator x steam edition\sdk\core utilities kit\simconnect sdk\samples\variable strings\Variable Strings.exe ». Assembly dépendant Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62607.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files (x86)\dovetail games - flight\microsoft flight simulator x steam edition\sdk\core utilities kit\simconnect sdk\samples\tracking errors\Tracking Errors.exe ». Assembly dépendant Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62607.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files (x86)\dovetail games - flight\microsoft flight simulator x steam edition\sdk\core utilities kit\simconnect sdk\samples\send event c\Send Event C.exe ». Assembly dépendant Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62607.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « c:\program files (x86)\dovetail games - flight\microsoft flight simulator x steam edition\sdk\core utilities kit\simconnect sdk\samples\throttle control\Throttle Control.exe ». Assembly dépendant Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="1ed9da73c880e429",type="win32",version="10.0.62607.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ ----------( EOF)---------- - 3477 | 23:11:26