--------------- QuickDiag | g3n-h@ckm@n | 2_28.07.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 31/07/2016 00:14:45 Updated 28/07/2016 | 00.10 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Stef-Local (Administrator)] - [SUNSHY] (S-1-5-21-2602208218-2662133878-2470281216-1000) System: Microsoft Windows 10 Professionnel - - (10.0.10586) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk0\Partition2 Boot : Normal boot PC: To Be Filled By O.E.M. - To Be Filled By O.E.M. - IdNumber: To Be Filled By O.E.M. - UUID: 03000200-0400-0500-0006-000700080009 Processor : X64 - 3199 Mhz - Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz BIOS Date: 01/05/16 15:28:29 Ver: 04.06.05 - - American Megatrends Inc. - S/N: To Be Filled By O.E.M. - P1.60 - ALASKA - 1072009 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_1849A662&REV_1001\4&1B0E903C&0&0001 ---------- | Video Intel(R) HD Graphics 4600 - Resolution: 1280x1024 - Colors: 4294967296 - RefreshRate: 75 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igd12umd64.dll,igdumdim32,igd10iumd32,igd10iumd32,igd12umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0412&SUBSYS_04121849&REV_06\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 4600 - DriverVersion: 20.19.15.4444 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27136 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34632 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25344 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:0 % ---------- | Network NETGEAR WNDA3100v3 N600 Wireless Dual Band USB Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.{4C5B2D1B-48C6-4321-8029-20200C3654C5} : SENT:0 bytes/sec / RECVD:0 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:0 bytes/sec, / RECEIVE Maximum:0 bytes/sec Realtek PCIe GBE Family Controller - - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_11\4&2AF7FC6&0&00E3 Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 NETGEAR WNDA3100v3 N600 Wireless Dual Band USB Adapter - Ethernet 802.3 - NETGEAR Inc. - Status: - PnPID : USB\VID_0846&PID_9014\000000000 WAN Miniport (SSTP) - - - Status: - PnPID : WAN Miniport (IKEv2) - - - Status: - PnPID : WAN Miniport (L2TP) - - - Status: - PnPID : WAN Miniport (PPTP) - - - Status: - PnPID : WAN Miniport (PPPOE) - - - Status: - PnPID : WAN Miniport (IP) - - - Status: - PnPID : WAN Miniport (IPv6) - - - Status: - PnPID : WAN Miniport (Network Monitor) - - - Status: - PnPID : Microsoft Wi-Fi Direct Virtual Adapter - - - Status: - PnPID : Microsoft ISATAP Adapter - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\ISATAP_0 Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE Microsoft Wi-Fi Direct Virtual Adapter #2 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\6&35E1D09F&1&12 ---------- | Memory RAM = Total (MB) : 3860 | Free (MB) : 1914 Pagefile = Total (MB) : 3860 | Free (MB) : 1846 Virtual = Total (MB) : 4194 | Free (MB) : 3873 Physical Memory 0 : Capacity: 4294967296 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: 1315 - PartNumber: CT51264BA160BJ.C8 - S/N: 49141113 ---------- | SID Users Administrateur : [S-1-5-21-2602208218-2662133878-2470281216-500] DefaultAccount : [S-1-5-21-2602208218-2662133878-2470281216-503] Invité : [S-1-5-21-2602208218-2662133878-2470281216-501] Stef-Local : [S-1-5-21-2602208218-2662133878-2470281216-1000] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | Drives G:\ -> [Removable] | [ESD-USB] | Total : 29.11 Go | Free : 2.16 Go -> NTFS [USB] C:\ -> [Fixed] | [] | Total : 930.97 Go | Free : 878.9 Go -> NTFS [SATA] Disk Usage Information [3 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_EDGE&REV_1.27\200540546002D5F13EE7&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZRX-00L4HB0\4&31B67FD&0&000000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0903\000000000903&0 ---------- | Windows updates No detected update !!! Windows Is Activated ---------- | Browsers IE : 11.0.10586.494 (© Microsoft Corporation. Tous droits réservés.) GC : 51.0.2704.106 (Copyright 2015 Google Inc.) Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 22.0.0.209 FlashPlayer Plugin : 22.0.0.209 ---------- | Security AV : Windows Defender Disabled AS : Windows Defender Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 332 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.10586.0) = C:\Windows\System32\smss.exe [30/10/2015 09:18:03] CPU Usage:0 % 620 | [Owner : | Parent : 500() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.10586.306) = C:\Windows\System32\wininit.exe [17/07/2016 02:42:06] CPU Usage:0 % 652 | [Owner : | Parent : 588() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.10586.306) = C:\Windows\System32\winlogon.exe [17/07/2016 02:42:11] CPU Usage:0 % 724 | [Owner : | Parent : 620(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.10586.71) = C:\Windows\System32\services.exe [17/07/2016 02:42:13] CPU Usage:0 % 732 | [Owner : | Parent : 620(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.10586.0) = C:\Windows\System32\lsass.exe [30/10/2015 09:18:03] CPU Usage:0 % 820 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 880 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 996 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 316 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 304 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 532 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1084 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1196 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1232 | [Owner : | Parent : 724(services.exe) | ?????] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.3682) = C:\Windows\System32\igfxCUIService.exe [27/05/2016 15:50:54] CPU Usage:0 % 1400 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1564 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.10586.122) = C:\Windows\System32\spoolsv.exe [17/07/2016 02:42:13] CPU Usage:0 % 1616 | [Owner : | Parent : 724(services.exe) | ?????] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - (15.0.18.342) = C:\Program Files (x86)\Avira\Antivirus\sched.exe [10/06/2016 01:46:22] CPU Usage:0 % 2052 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2096 | [Owner : | Parent : 724(services.exe) | ?????] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - (15.0.18.342) = C:\Program Files (x86)\Avira\Antivirus\avguard.exe [10/06/2016 01:46:18] CPU Usage:0 % 2116 | [Owner : | Parent : 724(services.exe) | ?????] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) - (1.1.67.18988) = C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [11/07/2016 11:01:40] CPU Usage:0 % 2128 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2244 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2252 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 2260 | [Owner : | Parent : 724(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [15/07/2016 22:18:32] CPU Usage:0 % 2296 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - Message Queuing Service.) - (10.0.10586.0) = C:\Windows\System32\mqsvc.exe [30/10/2015 09:18:41] CPU Usage:0 % 2884 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.6.1038.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [30/10/2015 09:19:38] CPU Usage:0 % 3008 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.6.1038.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [30/10/2015 09:19:38] CPU Usage:0 % 2092 | [Owner : Stef-Local | Parent : 532(svchost.exe) | 17.74 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10586.0) = C:\Windows\System32\sihost.exe [30/10/2015 09:18:01] CPU Usage:0 % 2736 | [Owner : | Parent : 724(services.exe) | ?????] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8693) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [17/07/2016 02:35:57] CPU Usage:0 % 3264 | [Owner : Stef-Local | Parent : 3216() | 167.22 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe [18/07/2016 07:28:11] CPU Usage:0 % 3556 | [Owner : Stef-Local | Parent : 3476() | 12.12 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.3682) = C:\Windows\System32\igfxEM.exe [27/05/2016 15:50:54] CPU Usage:0 % 3564 | [Owner : Stef-Local | Parent : 3476() | 9 Mo] - (.Intel Corporation - igfxHK Module.) - (6.15.10.3682) = C:\Windows\System32\igfxHK.exe [27/05/2016 15:50:54] CPU Usage:0 % 3616 | [Owner : Stef-Local | Parent : 3476() | 10.78 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\igfxTray.exe [27/05/2016 15:50:54] CPU Usage:0 % 3636 | [Owner : Stef-Local | Parent : 3264(explorer.exe) | 11.6 Mo] - (.IvoSoft - Classic Start Menu.) - (4.2.7.0) = C:\Program Files\Classic Shell\ClassicStartMenu.exe [22/05/2016 12:00:46] CPU Usage:0 % 3376 | [Owner : | Parent : 2096(avguard.exe) | ?????] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) - (15.0.18.354) = C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [10/06/2016 01:46:19] CPU Usage:0 % 3152 | [Owner : Stef-Local | Parent : 820(svchost.exe) | 12.85 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.10586.0) = C:\Windows\System32\dllhost.exe [30/10/2015 09:17:51] CPU Usage:0 % 2460 | [Owner : Stef-Local | Parent : 532(svchost.exe) | 9.62 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe [30/10/2015 09:17:43] CPU Usage:0 % 2224 | [Owner : Stef-Local | Parent : 820(svchost.exe) | 50.01 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.10586.494) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [18/07/2016 07:28:27] CPU Usage:0 % 2068 | [Owner : Stef-Local | Parent : 820(svchost.exe) | 38.11 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe [30/10/2015 09:17:51] CPU Usage:0 % 4108 | [Owner : Stef-Local | Parent : 820(svchost.exe) | 70.28 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.10586.494) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [18/07/2016 07:26:19] CPU Usage:0 % 4500 | [Owner : | Parent : 1084(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.10586.218) = C:\Windows\System32\audiodg.exe [17/07/2016 02:42:34] CPU Usage:0 % 4040 | [Owner : Stef-Local | Parent : 3264(explorer.exe) | 12.98 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.968) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [29/05/2016 22:44:25] CPU Usage:0 % 4604 | [Owner : | Parent : 2040() | 8.22 Mo] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) - (15.0.18.342) = C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [10/06/2016 01:46:18] CPU Usage:0 % 3580 | [Owner : Stef-Local | Parent : 2040() | 6.43 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.101.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [22/06/2016 02:13:02] CPU Usage:0 % 4556 | [Owner : Stef-Local | Parent : 2040() | 18.92 Mo] - (.NETGEAR - WNDA3100v3 Genie MFC Application.) - (1.0.0.10) = C:\Program Files (x86)\NETGEAR\WNDA3100v3\WNDA3100v3.EXE [15/01/2015 17:19:46] CPU Usage:0 % 4540 | [Owner : Stef-Local | Parent : 2116(Avira.ServiceHost.exe) | 4.76 Mo] - (.Avira Operations GmbH & Co. KG - Avira Launcher.) - (1.1.67.18988) = C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [11/07/2016 11:03:10] CPU Usage:0 % 3920 | [Owner : Stef-Local | Parent : 2816() | 1.94 Mo] - (.Piriform Ltd - CCleaner.) - (5.20.0.5668) = C:\Program Files\CCleaner\CCleaner64.exe [13/07/2016 22:40:28] CPU Usage:0 % 4020 | [Owner : Stef-Local | Parent : 820(svchost.exe) | 14.93 Mo] - (.Microsoft Corporation - System Settings Broker.) - (10.0.10586.0) = C:\Windows\System32\SystemSettingsBroker.exe [30/10/2015 09:18:15] CPU Usage:0 % 5856 | [Owner : Stef-Local | Parent : 820(svchost.exe) | 3.28 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.10586.494) = C:\Windows\System32\SettingSyncHost.exe [18/07/2016 07:27:19] CPU Usage:0 % 5164 | [Owner : Stef-Local | Parent : 6100() | 83.75 Mo] - (.Oracle Corporation - Java(TM) Platform SE binary.) - (8.0.1020.14) = C:\Program Files\Java\jre1.8.0_102\bin\javaw.exe [23/07/2016 05:55:30] CPU Usage:0 % 5848 | [Owner : Stef-Local | Parent : 724(services.exe) | 25.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe [30/10/2015 09:17:49] CPU Usage:0 % 1448 | [Owner : Stef-Local | Parent : 3264(explorer.exe) | 105.02 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23/06/2016 09:03:34] CPU Usage:0 % 4760 | [Owner : Stef-Local | Parent : 1448(chrome.exe) | 5.73 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23/06/2016 09:03:34] CPU Usage:0 % 5184 | [Owner : Stef-Local | Parent : 1448(chrome.exe) | 63.64 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23/06/2016 09:03:34] CPU Usage:0 % 5132 | [Owner : Stef-Local | Parent : 1448(chrome.exe) | 162.4 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23/06/2016 09:03:34] CPU Usage:0 % 4276 | [Owner : Stef-Local | Parent : 1448(chrome.exe) | 34.9 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23/06/2016 09:03:34] CPU Usage:0 % 3684 | [Owner : Stef-Local | Parent : 1448(chrome.exe) | 93.66 Mo] - (.Google Inc. - Google Chrome.) - (51.0.2704.106) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23/06/2016 09:03:34] CPU Usage:0 % 5196 | [Owner : Stef-Local | Parent : 3264(explorer.exe) | 26.08 Mo] - (.SosVirus - QuickDiag.) - (28.7.2016.1) = C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe [31/07/2016 00:00:22] CPU Usage:0 % ---------- | MD5 [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [18/07/2016 07:28:11] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4409.43 Ko] - (10.0.10586.494) : C:\WINDOWS\Explorer.exe [MD5.2FC1F968D4288B8C48DA3922A3DC2FA3] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [620 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\cmd.exe [MD5.3E7CCD0F507877C50078205667CE8133] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\csrss.exe [MD5.9513834DAC717444F04169EA5D120885] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - COM Surrogate.) - [18.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\dllhost.exe [MD5.1C9C6933A94C594DE7366124B4DD6075] - [30/10/2015 09:17:46] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [689.05 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.889459F1FDDC5EC58B437AA6C436F33F] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.55 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\lsass.exe [MD5.B339861C6A2A86FBCA67C2006B461473] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [883.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rpcss.dll [MD5.0DCB89B1F3689BC6262FF30BBD603171] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [58 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rundll32.exe [MD5.6FF8248F3A9D69A095C7F3F42BC29CB2] - [17/07/2016 02:42:13] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [429.84 Ko] - (10.0.10586.71) : C:\WINDOWS\System32\services.exe [MD5.8497852ED44AFF902D502015792D315D] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [42.91 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\svchost.exe [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [17/07/2016 02:42:07] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1366.43 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\user32.dll [MD5.8F3ECCB5DC878FA14887B43CD148CBA9] - [30/10/2015 09:17:53] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\userinit.exe [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [17/07/2016 02:42:06] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [284.53 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Wininit.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [17/07/2016 02:42:11] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [572 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Winlogon.exe [MD5.70148EFA9A562E7185B75BBE7D376BF7] - [17/07/2016 02:42:21] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [565.34 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.B6664965BF346322BBDF286174851476] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [188.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.7F9C7226D743B232907ED2537B8A574F] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.82D97776BF982AA143BDC7DFB5054EA8] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [17/07/2016 02:42:19] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.84BC034B6BB763733C1949B7B9BAF976] - [30/10/2015 09:17:18] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [78 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [112 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - [30/10/2015 09:17:43] - (.© Microsoft Corporation. - IP Network Address Translator.) - [140 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.0B3B0C1D86050355676640488FA897D3] - [17/07/2016 02:42:19] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [420.84 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.E582DA849A58524E645545FB68B6625D] - [17/07/2016 02:42:21] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1125.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.C03E926B0E7D66D68994067231DC3246] - [18/07/2016 07:27:19] - (.© Microsoft Corporation. - MBT Transport driver.) - [272 Ko] - (10.0.10586.420) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [17/07/2016 02:42:21] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2101.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.E3C82823B22463BC38AA4F8ADA852624] - [17/07/2016 02:42:13] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - [30/10/2015 09:19:42] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [169 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [18/07/2016 07:26:06] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2346.84 Ko] - (10.0.10586.494) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - [17/07/2016 02:42:30] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [404.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.IvoSoft.-.Start Menu Helper Extension.) - (4.2.7.0) -- C:\WINDOWS\system32\StartMenuHelper64.dll (.IvoSoft.-.Classic Start Menu.) - (4.2.7.0) -- C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\CoreUIComponents.dll (.IvoSoft.-.Adds classic Windows Explorer features.) - (4.2.7.0) -- C:\Program Files\Classic Shell\ClassicExplorer64.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (20.19.15.4444) -- C:\WINDOWS\SYSTEM32\igd10iumd64.dll (.Intel Corporation.-.Unified Shader Compiler for Intel(R) Graphics Accelerator.) - (20.19.15.4444) -- C:\WINDOWS\SYSTEM32\igdusc64.dll (.Intel Corporation.-.igfxDH Module.) - (6.15.10.3682) -- C:\WINDOWS\system32\igfxDH.dll (.Intel Corporation.-.igfxLHM Module.) - (6.15.10.3682) -- C:\WINDOWS\system32\igfxLHM.dll (.Intel Corporation.-.igfxDI Module.) - (6.15.10.3682) -- C:\WINDOWS\system32\igfxDI.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.40.3.0) -- C:\Program Files\WinRAR\rarext.dll (.Avira Operations GmbH & Co. KG.-.AntiVirus context menu.) - (15.0.18.341) -- C:\Program Files (x86)\Avira\Antivirus\shlext64.dll (.Intel Corporation.-.igfxDTCM Module.) - (6.15.10.3682) -- C:\WINDOWS\system32\igfxDTCM.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (20.19.15.4444) -- C:\WINDOWS\SYSTEM32\igdumdim64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.433) -- C:\WINDOWS\system32\RltkAPO64.dll (..-..) - (0.0.0.0) -- C:\windows\system32\WerEtw.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Rainmeter - (C:\PROGRA~1\RAINME~1\RAINME~1.EXE [Startup]) - User: SUNSHY\Stef-Local CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\...\Run]) - User: SUNSHY\Stef-Local OneDrive - ("C:\Users\Stef\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\...\Run]) - User: SUNSHY\Stef-Local RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\...\Run]) - User: Public Classic Start Menu - ("C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "OneDrive"="C:\Users\Stef\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "AquaSnap"=0x0300000080CC96B5E2E1D101 "CCleaner Monitoring"=0x020000000000000000000000 "OneDrive"=0x0300000007C6A831CDE3D101 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=regedit\1 "MRUList"=ab "b"=netplwiz\1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "RTHDVCPL"=0x060000000000000000000000 "Logitech Download Assistant"=0x060000000000000000000000 "Classic Start Menu"=0x03000000F59C09DBD3E3D101 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min "Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [11/07/2016 10:58:56] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "WNDA3100v3"=C:\Program Files (x86)\NETGEAR\WNDA3100v3\WNDA3100v3.EXE [15/01/2015 17:19:46] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Zune Launcher] : "C:\Program Files\Zune\ZuneLauncher.exe" ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RDPVGCInstalled"=1 "InstanceID"=bf8f847c-62ed-4e2f-b5df-2efee3e "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NUMPROC=4 "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=5 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=732 "ProductType"=6 "restrictanonymous"=0 "restrictanonymoussam"=1 "SecureBoot"=1 "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u "SamConnectedAccountsExist"=1 ---------- | .LNK C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Stef\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Stef\AppData\Roaming\ClassicShell\Pinned\startscreen.lnk (-togglenew) C:\Users\Stef\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk (/SendTo) C:\Users\Stef\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Paramètres Shell.lnk (-settings) C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk (-togglenew) C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk (-hunter) C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk () 1\1�H �RAINME~1D ��H ��H �._�R�I�Rainmeterh2���H&j RAINME~1.EXEL C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Stef\Local Settings\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\ProgramData\Menu Démarrer\Programmes\Search.lnk (-sta {C90FB8CA-3295-4462-A721-2935E83694BA}) C:\ProgramData\Menu Démarrer\Programmes\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Menu Démarrer\Programmes\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Menu Démarrer\Programmes\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Security Configuration Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programmes\Avira\Avira Launcher.lnk (/showMiniGui) C:\ProgramData\Menu Démarrer\Programmes\Classic Shell\Classic Start Menu Settings.lnk (-settings) C:\ProgramData\Menu Démarrer\Programmes\Classic Shell\Paramètres Shell.lnk (-settings) C:\ProgramData\Menu Démarrer\Programmes\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Menu Démarrer\Programmes\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Menu Démarrer\Programmes\QTTabBar\Download Image Files.lnk (/i) C:\ProgramData\Menu Démarrer\Programmes\QTTabBar\Download Language File.lnk (/l) C:\ProgramData\Menu Démarrer\Programmes\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Menu Démarrer\Programmes\System Tools\Task Manager.lnk (/7) C:\ProgramData\Menu Démarrer\Programs\Search.lnk (-sta {C90FB8CA-3295-4462-A721-2935E83694BA}) C:\ProgramData\Menu Démarrer\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Menu Démarrer\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Menu Démarrer\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Security Configuration Management.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Menu Démarrer\Programs\Avira\Avira Launcher.lnk (/showMiniGui) C:\ProgramData\Menu Démarrer\Programs\Classic Shell\Classic Start Menu Settings.lnk (-settings) C:\ProgramData\Menu Démarrer\Programs\Classic Shell\Paramètres Shell.lnk (-settings) C:\ProgramData\Menu Démarrer\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Menu Démarrer\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Menu Démarrer\Programs\QTTabBar\Download Image Files.lnk (/i) C:\ProgramData\Menu Démarrer\Programs\QTTabBar\Download Language File.lnk (/l) C:\ProgramData\Menu Démarrer\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Menu Démarrer\Programs\System Tools\Task Manager.lnk (/7) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk (-sta {C90FB8CA-3295-4462-A721-2935E83694BA}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk (/showMiniGui) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Start Menu Settings.lnk (-settings) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Paramètres Shell.lnk (-settings) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk (-tab update) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QTTabBar\Download Image Files.lnk (/i) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QTTabBar\Download Language File.lnk (/l) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk (/7) ---------- | AppCertDlls | AppInit_DLLs ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=6 "WheelScrollChars"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "WheelScrollLines"=6 "UserPreferencesMask"=0x9E3E078012000000 "WaitToKillAppTimeout"=200 "Pattern Upgrade"=TRUE "Wallpaper"=C:\Users\Stef\Pictures\Wallpaper\paul_v2_by_thyrring-d3gqg8l.jpg [25/07/2016 00:11:31] "Win8DpiScaling"=0 "DpiScalingVer"=4096 "MaxVirtualDesktopDimension"=1280 "MaxMonitorDimension"=1280 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC3010018060800200300002003000027E8C72ADEE4D10143003A005C00550073006500720073005C0053007400650066005C00500069006300740075007200650073005C00570061006C006C00700061007000650072005C007000610075006C005F00760032005F00620079005F007400680079007200720069006E0067002D006400330067007100670038006C002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "ActiveWndTrkTimeout"=0 "AutoColorization"=0 "ImageColor"=3305111551 "LockScreenAutoLockActive"=0 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoSimpleNetIDList"=1 "NoDriveTypeAutoRun"=221 "NolowDiskSpaceChecks"=1 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{645FF040-5081-101B-9F08-00AA002F954E}"=1 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{645FF040-5081-101B-9F08-00AA002F954E}"=1 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "EnableAutoTray"=1 "ShellState"=0x2400000036A8010000000000000000000000000001000000130000000000000022000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "TelemetrySalt"=2 "SlowContextMenuEntries"=0x45DD8419CF52CD49AB7718F378FEA264890B00000114020000000000C000000000000046970600006024B221EA3A6910A2DC08002B30309D4C100000EE984C473DCFF54180E34AAB0AB04301B571000060B81DB4E464D2119906E49FADC173CA36040000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "GlobalAssocChangedCounter"=118 "LastClockSize"=0x270000000F000000360000000F000000410000000F000000 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=341 "link"=0x1E000000 "Reason Setting"=255 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewShadow"=1 "StartMenuInit"=11 "Start_ShowMyGames"=1 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=1 "TaskbarGlomLevel"=0 "Start_MinMFU"=7 "Start_JumpListItems"=7 "Start_PowerButtonAction"=2 "Start_NotifyNewApps"=0 "Start_ShowHelp"=1 "Start_ShowPrinters"=1 "Start_AdminToolsRoot"=0 "StartMenuAdminTools"=0 "Start_ShowSetProgramAccessAndDefaults"=1 "Start_ShowRun"=1 ""=0 "ExtendedUIHoverTime"=0 "DesktopLivePreviewHoverTime"=0 "nonetcrawling"=1 "ListviewAlphaSelect"=0 "TaskbarAnimations"=1 "AlwaysShowMenus"=0 "NavPaneShowAllFolders"=0 "NavPaneExpandToCurrentFolder"=0 "ShowSuperHidden"=1 "ShowStatusBar"=0 "StoreAppsOnTaskbar"=1 "EnableStartMenu"=1 "ReindexedProfile"=1 "ShowTaskViewButton"=0 "DontUsePowerShellOnWinX"=1 "HideIcons"=0 "SnapFill"=1 "SnapAssist"=1 "Start_TrackDocs"=0 "LaunchTo"=1 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x020000000100000000000000FFFFFFFF "0"=0x6300720061000000 "1"=0x63007200610073006800440075006D00700073000000 "2"=0x71007500690063006B0064006900610067000000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=0 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=0 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=21 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=10586 "FirstLogon"=0 "PUUActive"=0x53A5712D020005002B009000A10B060010D20600C6820800D0000000090038001051A4FC479108006836080079610300514B03000C1C000000000000B4140800DB3500001E030000E3ED4802A8EAD101 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"=SUNSHY "DefaultUserName"=Stef-Local "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "ShutdownStartTime"=131143248068193083 "UserSessionShutdownStopTime"=131143248069755670 "ShutdownFlags"=2147483699 "Userinit"=C:\WINDOWS\System32\Userinit.exe, "ShutdownWithoutLogon"=0 "scremoveoption"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 "AutoAdminLogon"=1 "AutoLogonSID"=S-1-5-21-2602208218-2662133878-2470281216-1000 "LastUsedUsername"=Stef-Local [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [18/07/2016 07:27:18] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [18/07/2016 07:27:18] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\Stef\Documents\navigateur\ChromeSetup.exe"=1 "C:\Users\Stef\Documents\install_flash_player.exe"=1 "C:\Users\Stef\Documents\Gravure\faststone-screen-capture_faststone_screen_capture_5.3_francais_18509.exe"=1 "C:\Users\Stef\Documents\antivirus\avira_fr_av_55b3ad7b0663b__adw.exe"=1 "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe"=1 "SIGN.MEDIA=C627A53 Drivers\Audio\REALTEK\(7209)\Setup.exe"=1 "C:\Users\Stef\Documents\ZuneSetupPkg.exe"=1 "C:\Users\Stef\Documents\Drivers\0006-64bit_Win7_Win8_Win81_Win10_R279.exe"=1 "C:\Users\Stef\Documents\nettoyeurs\revosetup.exe"=1 "C:\Users\Stef\Documents\MozBackup-1.5.1-EN.exe"=1 "SIGN.MEDIA=1625A26 ASRSetup.exe"=1 "SIGN.MEDIA=5DBCBE0 Utilities\A-Tuning\ASRock\ATuningSetup(v2.0.151).exe"=1 "C:\Users\Stef\Documents\media players\vlc-2.2.4-win64.exe"=1 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\Avira\Antivirus\avcenter.exe"=0x5341435001000000000000000700000028000000F85F0C00FF330D0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000037930000000000000900000009000000 "C:\Program Files (x86)\Avira\Antivirus\ipmgui.exe"=0x5341435001000000000000000700000028000000C0940700E24C080001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A1A60000000000004B0000004B000000 "C:\Users\Stef\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C03802000BA5020001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000482B1100BF58110001000000000000000000000A0021000059193B14E312D1010000000100000000 "C:\Users\Stef\Documents\Connecteur Wifi\launcher_win.bat"=0x534143500100000000000000070000002800000000920300914704000100000000000000000001050010000059193B14E312D1010000000000000000 "C:\Program Files (x86)\Avira\Antivirus\ccuac.exe"=0x534143500100000000000000070000002800000020DD07009AA5080001000000000000000000000A0021000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000007B080000000000001700000017000000 "C:\Users\Stef\Documents\NETGEAR N600\Instal Netgear N600\WNDA3100v3-v1.0.0.10-Standalone.exe"=0x5341435001000000000000000700000028000000D806AE02C56DAE020100000000000000000003060001000019B4C529E312D1010000000000000000 "C:\Users\Stef\Documents\NETGEAR N600\Instal Netgear N600\WNDA3100v3-v1.0.0.10.exe"=0x5341435001000000000000000700000028000000D884AE0278CEAE020100000000000000000003060001000019B4C529E312D1010000000000000000 "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe"=0x5341435001000000000000000700000028000000303E30001B1231000100000000000000000002067122000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000A9F00A00000000001A0000001A000000 "SIGN.MEDIA=8731600 autostart.exe"=0x534143500100000000000000070000002800000000C804009AA905000100000000000000000002067120000019B4C529E312D1010000000000000000 "C:\Program Files\Zune\ZuneSetup.exe"=0x5341435001000000000000000700000028000000E0583D004F3A3E000300000000000000000001060021000059193B14E312D1010000000000000000010000000400000001000000060000000800000000008000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000000008000000000000000800000000000007D0000000000000200000001000000000001060000002000008000000000000000800000000000FE070000000000000100000000000000 "C:\Program Files\CPUID\HWMonitor\HWMonitor.exe"=0x5341435001000000000000000700000028000000D8602400D036250001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FE370200000000000800000008000000 "C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe"=0x534143500100000000000000070000002800000000FA3400000000000100000000000000000002066120000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000050890100000000000E0000000E000000 "C:\Program Files\Classic Shell\ClassicExplorerSettings.exe"=0x5341435001000000000000000700000028000000C07F010093F8010001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E3300000000000000400000004000000 "C:\Program Files\Zune\Zune.exe"=0x5341435001000000000000000700000028000000E06A0300F44C04000100000000000000000001067320000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000065380000000000000100000001000000 "C:\Program Files\Classic Shell\ClassicIE_64.exe"=0x5341435001000000000000000700000028000000C09301002F7E020001000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002F000000000000000200000002000000 "C:\Users\Stef\Documents\resource-hacker_4-2-5_en_13014.exe"=0x5341435001000000000000000700000028000000D16F2A00000000000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000011390000000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0740C00B1CA0C0001000000010000000000000A0021000059193B14E312D1010000000000000000 "C:\Program Files\CMAK\Support\fr-FR\cmstp.exe"=0x534143500100000000000000070000002800000000B001005050020001000000010000000000000A7322000059193B14E312D1010000000000000000 "C:\Program Files (x86)\FastStone Capture\FSCapture.exe"=0x534143500100000000000000070000002800000000041100000000000100000000000000000000066120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C1101200000000001100000011000000 "C:\Program Files\Windows Defender\MSASCui.exe"=0x534143500100000000000000070000002800000000541400449F140001000000010000000000000A0021000059193B14E312D1010000000000000000 "C:\Program Files\Classic Shell\ClassicStartMenu.exe"=0x5341435001000000000000000700000028000000D87F0200FE9D020001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000062020000000000001200000012000000 "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x534143500100000000000000070000002800000000BC0700DCBA080001000000010000000000000A7122000019B4C529E312D1010000000000000000 "C:\Program Files (x86)\Avira\Antivirus\wsctool.exe"=0x5341435001000000000000000700000028000000905607008D36080001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000057010000000000000100000001000000 "C:\Program Files (x86)\Avira\Antivirus\avconfig.exe"=0x534143500100000000000000070000002800000050F60D00D1CC0E0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000009BA0000000000000700000007000000 "C:\Program Files (x86)\Avira\Antivirus\fact.exe"=0x5341435001000000000000000700000028000000E8FB0E0072A40F0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000015070000000000000200000002000000 "C:\Users\Stef\Documents\nettoyeurs\revosetup.exe"=0x5341435001000000000000000700000028000000A8082800A0C628000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000070C30000000000000100000001000000 "C:\Users\Stef\Documents\ClassicShellSetup_4_2_7.exe"=0x534143500100000000000000070000002800000010E96D00E8576E0001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000004990000000000000100000001000000 "C:\Program Files (x86)\Avira\Antivirus\avscan.exe"=0x534143500100000000000000070000002800000030341300FC23140001000000000000000000000A0021000019B4C529E312D101000000000000000002000000500000000000000000000000000000000000000000000000000000009B51000000000000020000000200000000000000000000400000000000000000000000000000000044280100000000000100000000000000 "C:\Windows\SysWOW64\FlashPlayerApp.exe"=0x5341435001000000000000000700000028000000F8A30C00C8CF0C0001000000000000000000000A7122000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000036EB0100000000000100000001000000 "C:\Users\Stef\Documents\Nettoye et optimise le système d'exploitation\Slowin Killer.exe"=0x534143500100000000000000070000002800000000BA14002AE914000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000BA650100000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000090A51700F986180001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000071290000000000002000000020000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000D8AC8700A9BD870001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000048010000000000000700000007000000 "C:\Program Files (x86)\Avira\Antivirus\setup.exe"=0x5341435001000000000000000700000028000000A02D230085F8230003000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006C020100000000000200000002000000 "C:\Users\Stef\Documents\navigateur\Firefox Setup 44.0.2.exe"=0x534143500100000000000000070000002800000008809202913493020100000000000000000003060001000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000001D370000000000000100000001000000 "C:\Program Files\Rainmeter\SkinInstaller.exe"=0x5341435001000000000000000700000028000000906E00001FFB000001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000086230000000000000100000001000000 "C:\Windows\explorer_backup_wti.exe"=0x534143500100000000000000070000002800000000C42B00B6F42B000100000000000000000001067302000059193B14E312D1010000000000000000020000002800000000000000000000000000000800000000000000000000000063070000000000000100000001000000 "C:\Windows\UTP.exe"=0x534143500100000000000000070000002800000068C50000AB5D01000100000000000000000000067102000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B5640000000000000100000001000000 "C:\Program Files (x86)\Avira\Launcher\Avira.Messenger.exe"=0x534143500100000000000000070000002800000030230100C567010001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000007C080000000000000100000001000000 "SIGN.MEDIA=E3753F adwcleaner_5.201.exe"=0x534143500100000000000000070000002800000040A438006BC9380001000000000000000000000A0021000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000000E080000000000000100000001000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131131873483830717 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallTime"=0x42A19A71BEDFD101 "ManagedDefenderProductType"=0 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 "ProductStatus"=0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | @ [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "UseClearType"=no "XMLHTTP"=1 "Cache_Update_Frequency"=Once_Per_Session "Local Page"=C:\WINDOWS\system32\blank.htm "Use_DlgBox_Colors"=yes "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "CompatibilityFlags"=0 "FullScreen"=no "IE8RunOnceLastShown"=1 "IE8RunOnceLastShown_TIMESTAMP"=0x5F4EE7554C72D101 "IE8TourShown"=1 "IE8TourShownTime"=0x648D6130C170D101 "Start Page Redirect Cache_TIMESTAMP"=0x88066D12C270D101 "Start Page Redirect Cache AcceptLangs"=fr "NotifyDownloadComplete"=yes "OperationalData"=13 "ImageStoreRandomFolder"=wicdncc "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0x1AB416C0F9E8D101 "IE10TourShown"=1 "IE10TourShownTime"=0x6E40C2FAAEE0D101 "HistoryViewType"=0x0000 "DoNotTrack"=1 "IE10RunOncePerInstallCompleted"=0 "IE10RunOnceCompletionTime"=0x6E40C2FAAEE0D101 "NoUpdateCheck"=1 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF13010000DD00000093030000BD020000 "SuppressScriptDebuggerDialog"=0 "DefSpellLang"=fr-FR "Start Page_TIMESTAMP"=0xAEF79B0E15E6D101 "StatusBarOther"=0 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Move System Caret"=no "Expand Alt Text"=no "UseSWRender"=0 "Enable AutoImageResize"=yes "EnableAlternativeCodec"=yes "Show image placeholders"=0 "GotoIntranetSiteForSingleWordEntry"=0 "UseThemes"=1 "Friendly http errors"=yes "Error Dlg Displayed On Every Error"=no "NscSingleExpand"=0 "Check_Associations"=yes "SmoothScroll"=1 "DOMStorage"=1 "Isolation64Bit"=0 "AutoHide"=no "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x01000000480000004FD149B9BE52BB937B2DA3A86FF2B3A1A0789518152C2969364828FEA2CBA4091913131671EE992FC749150FF52C73A65C57E227F2DC06A278D8E41163796F0FA2D5669CD51C8BBB020000000E00000079747241504C79574A2F6F253364 "IE10TourNoShow"=0 "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000000500000F030000 "ScriptDebugger_EnableHiddenTabs"=0 "StatusBarWeb"=1 "ForceGDIPlus"=0 "AlwaysShowMenus"=0 "ShutdownWaitForOnUnload"=0 "DNSPreresolution"=8 "SpellChecking"=1 "LangToolsBroker"={5bbd58bb-993e-4c17-8af6-3af8e908fca8} "DisablePasswordReveal"=0 "DisableRequiresActiveXPrompt"= "AutoSearch"=1 "PredictedViewExpansion"=100 "PredictedViewChangeThreshold"=10 "PredictedViewChangeThresholdPaint"=10 "ContentLayerCacheExpansion"=300 "RenderingLoopMaxTime"=250 "CSS_Compat"=doctype "Display Inline Videos"=1 "Use Stylesheets"=1 "Disable Diagnostics Mode"=no "UseHR"=0 "Q300829"=0 "Cleanup HTCs"=0 "XDomainRequest"=1 "JScriptProfileCacheEventDelay"=5000 "HideLocalHostIP"=0 "CrossfadeMinTimeoutInMS"=30000 "CrossfadeMaxTimeoutInMS"=30000 "CrossfadeCurrentTimeoutInMS"=30000 "ScrollTimeoutInMS"=6000 "DisableFirstRunCustomize"=0 "IE10RecommendedSettingsNo"=0 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "HangRecovery"=1 "DesktopTransparentCoverWindowTime"=8 "TSEnable"=1 "Isolation"=PMIL "IsolationImmersive"=PMEM "TabShutdownDelay"=60000 "FrameShutdownDelay"=0 "Search Bar"=Preserve "MinIEEnabled"=1 "RefcountTracker"=0 "TabDragOnSingleProc"=0 "ForceBFCacheCandidacyPass"=0 "Fasterback"=1 "BackForwardInstrumentation"=0 "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160630-1736 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "EnableNegotiate"=1 "MaxConnectionsPer1_0Server"=10 "MaxConnectionsPerServer"=10 "MigrateProxy"=1 "ProxyEnable"=0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=IEUser@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "ZonesSecurityUpgrade"=0xD972E0EAB8DFD101 "WarnonZoneCrossing"=0 "GlobalUserOffline"=0 "DisableIDNPrompt"=0 "EnablePunycode"=1 "ShowPunycode"=0 "ProxyHttp1.1"=1 "EnableHTTP2"=1 "WarnOnPostRedirect"=1 "WarnonBadCertRecving"=1 "EnableAutodial"=0 "NoNetAutodial"=0 "BackgroundConnections"=1 "SyncMode5"=4 "EnableSSL3Fallback"=1 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "ProxyEnable"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "ProxyEnable"=0 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SSODL | SEH | URLSH | STS [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE}"=QTTabBarLib.ExplorerProcessCaptor ---------- | Toolbar [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000030000000100000001500000001000000000700005E010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=21 [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 "UpgradeTime"=0x6E40C2FAAEE0D101 "ShowSearchSuggestionsGlobal"=1 "ShowSearchSuggestionsInAddressGlobal"=1 "KnownProvidersUpgradeTime"=0x6E40C2FAAEE0D101 "Version"=5 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{553891B7-A0D5-4526-BE18-D3CE461D6310}"= "{d2bf470e-ed1c-487f-a666-2bd8835eb6ce}"=QCommandBar "{d2bf470e-ed1c-487f-a777-2bd8835eb6ce}"=QCommandBar2nd "{d2bf470e-ed1c-487f-a333-2bd8835eb6ce}"=QTTabBar "{d2bf470e-ed1c-487f-a300-2bd8835eb6ce}"=QManagementBar [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{553891B7-A0D5-4526-BE18-D3CE461D6310}"= "{d2bf470e-ed1c-487f-a666-2bd8835eb6ce}"=QCommandBar "{d2bf470e-ed1c-487f-a777-2bd8835eb6ce}"=QCommandBar2nd "{d2bf470e-ed1c-487f-a333-2bd8835eb6ce}"=QTTabBar "{d2bf470e-ed1c-487f-a300-2bd8835eb6ce}"=QManagementBar [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{56753E59-AF1D-4FBA-9E15-31557124ADA2}] : (Classic IE Settings) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{56753E59-AF1D-4FBA-9E15-31557124ADA2}] : (Classic IE Settings) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{d8f67242-b229-4065-95fa-391b077ed6ca}] : () - [] ---------- | SearchScopes [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] -> (ExplorerBHO Class) : C:\Program Files\Classic Shell\ClassicExplorer32.dll [22/05/2016 12:00:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] -> (ClassicIEBHO Class) : C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [22/05/2016 12:00:44] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] -> (ExplorerBHO Class) : C:\Program Files\Classic Shell\ClassicExplorer32.dll [22/05/2016 12:00:44] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}] -> (AviraBrowserSafety.BrowserSafety) : mscoree.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] -> (ClassicIEBHO Class) : C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [22/05/2016 12:00:44] ---------- | Chrome [HKLM\Software\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk] ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.209 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.102.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.102.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.209 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll ---------- | Active Connections TCP 192.168.2.74:50527 ec2-52-28-62-228.eu-central-1.compute.amazonaws.com:https CLOSE_WAIT 2096 TCP 192.168.2.74:50530 ec2-52-58-115-41.eu-central-1.compute.amazonaws.com:https CLOSE_WAIT 2096 TCP 192.168.2.74:50690 wa-in-f188.1e100.net:5228 ESTABLISHED 1448 TCP 192.168.2.74:50752 122.128.153.77.rev.sfr.net:https TIME_WAIT 0 TCP 192.168.2.74:50754 248.227.154.77.rev.sfr.net:https TIME_WAIT 0 TCP 192.168.2.74:50764 a23-206-33-26.deploy.static.akamaitechnologies.com:http TIME_WAIT 0 TCP 192.168.2.74:50767 2.22.112.195:http TIME_WAIT 0 TCP 192.168.2.74:50770 static-ip-188-138-17-104.inaddr.ip-pool.com:http TIME_WAIT 0 TCP 192.168.2.74:50771 118.128.153.77.rev.sfr.net:https ESTABLISHED 1448 TCP 192.168.2.74:50774 249.221.154.77.rev.sfr.net:https ESTABLISHED 532 TCP 192.168.2.74:50775 25.228.154.77.rev.sfr.net:https ESTABLISHED 1448 TCP 192.168.2.74:50778 64.41.88.125:http TIME_WAIT 0 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=109.0.66.10 109.0.66.20 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{4c5b2d1b-48c6-4321-8029-20200c3654c5}] "DhcpNameServer"=109.0.66.10 109.0.66.20 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4c5b2d1b-48c6-4321-8029-20200c3654c5}] "DhcpNameServer"=109.0.66.10 109.0.66.20 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\LaunchWinApp.exe] : "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\zune.exe] : C:\Program Files\Zune\Zune.exe /PlayMedia:"%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\LaunchWinApp.exe] : "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\zune.exe] : C:\Program Files\Zune\Zune.exe /PlayMedia:"%L" ---------- | Svchost - Netsvcs (Whitelisted) NetSetupSvc - %SystemRoot%\System32\NetSetupSvc.dll : %SystemRoot%\System32\svchost.exe -k netsvcs UserManager - %SystemRoot%\System32\usermgr.dll : %SystemRoot%\system32\svchost.exe -k netsvcs ---------- | Software [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\AppDataLow] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\ASRock] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Avira] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\BonSoft] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Clients] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Codeusa Software] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Epic Games] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\factormystic.net] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Google] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\IM Providers] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Intel] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\IvoSoft] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\JavaSoft] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\LogiShrd] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Macromedia] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\mimio] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Mozilla Backup] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\MozillaPlugins] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\PhotoFiltre 7] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Piriform] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Policies] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Quizo] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Realtek] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\RegisteredApplications] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\RW-Everything] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Stardock] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Sysinternals] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Tihiy] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Trolltech] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Unity] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\VB and VBA Program Settings] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\VSRevoGroup] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\WinRAR] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\WinRAR SFX] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Wow6432Node] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\ATI Technologies] [HKLM\Software\Clients] [HKLM\Software\CPUID] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\IvoSoft] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Logishrd] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Quizo] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wswpnservice] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\ASRock] [HKLM\Software\WOW6432Node\Avira] [HKLM\Software\WOW6432Node\Black Ice Software, Inc.] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\mimio] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\NETGEAR] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Rainmeter] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\Stardock] [HKLM\Software\WOW6432Node\X-AVCSD] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives G: [29/05/2016 13:58:58] - |A| - (.-.) - [974] - (0.0.0.0) - G:\CPUID HWMonitor.lnk [16/07/2016 02:17:17] - |A| - (.ToolsLib - AdwCleaner.) - [3712064] - (5.2.0.1) - G:\adwcleaner_5.201.exe [27/07/2016 09:25:14] - |A| - (.Copyright (c) 1995-2016 FinalWire Ltd. - AIDA64 Extreme .) - [16374624] - (5.75.3900.0) - G:\aida64extreme575.exe [19/07/2016 21:04:44] - |A| - (.Copyright (C) 2009-2016, Ivo Beltchev - Adds classic shell features to Windows 7 and Windows 8.) - [7203088] - (4.2.7.0) - G:\ClassicShellSetup_4_2_7.exe [26/05/2016 06:26:07] - |A| - (.-.) - [597304] - (0.0.0.0) - G:\flux-setup.exe [23/06/2016 08:49:22] - |A| - (. - CPUID HWMonitor Setup .) - [1224080] - (0.0.0.0) - G:\hwmonitor_1.29.exe [26/05/2016 06:26:01] - |A| - (.Copyright © 1996-2015 Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 17.0 r0.) - [18240176] - (17.0.0.134) - G:\install_flash_player.exe [26/05/2016 06:26:01] - |A| - (.Copyright © Microsoft 2009 - LibraryIconChanger.) - [351232] - (1.0.0.0) - G:\LibraryIconChanger.exe [26/05/2016 06:25:53] - |A| - (.-.) - [1035926] - (0.0.0.0) - G:\MozBackup-1.5.1-EN.exe [26/05/2016 06:25:50] - |A| - (.-.) - [5200936] - (0.0.0.0) - G:\pf7-setup-fr.exe [26/05/2016 06:25:50] - |A| - (.Copyright © 1999 - 2015 Angus Johnson. - Resource Hacker Setup .) - [2781137] - (0.0.0.0) - G:\resource-hacker_4-2-5_en_13014.exe [26/05/2016 06:25:50] - |A| - (.(c) 2014 Unity Technologies ApS. - Unity Web Player Installer.) - [1080608] - (4.6.2.0) - G:\UnityWebPlayer.exe [26/05/2016 06:25:27] - |A| - (.© Microsoft Corporation. - Self-Extracting Cabinet.) - [105664248] - (4.8.2345.0) - G:\ZuneSetupPkg.exe ---------- | C: [14/07/2009 05:18:56] - |SHD| - [483] - C:\$Recycle.Bin [30/10/2015 21:25:38] - |HD| - [4252707102] - C:\$WINDOWS.~BT [24/05/2016 09:38:21] - |HD| - [603435] - C:\$Windows.~WS [25/07/2016 14:29:49] - |D| - [1067220] - C:\AdwCleaner [MD5.93B885ADFE0DA089CDF634904FD59F71] - [30/10/2015 10:13:44] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [25/07/2016 14:24:07] - |SHD| - [0] - C:\Config.Msi [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [17/07/2016 02:36:31] - |D| - [254654] - C:\inetpub [26/02/2016 20:39:07] - |D| - [90184] - C:\Intel [30/10/2015 09:24:24] - |D| - [0] - C:\PerfLogs [30/10/2015 08:28:30] - |RD| - [1890512545] - C:\Program Files [30/10/2015 08:28:30] - |RD| - [1826484881] - C:\Program Files (x86) [30/10/2015 09:24:24] - |HD| - [9903735011] - C:\ProgramData [31/07/2016 00:01:18] - |D| - [262074] - C:\QuickDiag [MD5.7DC3425080221B7894427A708271F15C] - [31/07/2016 00:14:45] - |A| - (.-.) - [132991] - (0.0.0.0) - C:\QuickDiag.txt [17/07/2016 02:02:42] - |SHD| - [0] - C:\Recovery [26/02/2016 19:49:12] - |SHD| - [0] - C:\System Volume Information [30/10/2015 08:28:30] - |RD| - [39833357663] - C:\Users [30/10/2015 08:28:30] - |D| - [19236665480] - C:\Windows [17/07/2016 02:44:30] - |D| - [39392579526] - C:\Windows.old ---------- | C:\WINDOWS [30/10/2015 09:24:24] - |D| - [802] - C:\WINDOWS\addins [30/10/2015 09:24:24] - |D| - [12820866] - C:\WINDOWS\appcompat [30/10/2015 09:24:24] - |D| - [12360910] - C:\WINDOWS\AppPatch [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\AppReadiness [15/07/2016 22:18:32] - |D| - [582] - C:\WINDOWS\ASRock [30/10/2015 09:24:24] - |RD| - [1530797906] - C:\WINDOWS\assembly [30/10/2015 09:24:24] - |D| - [241412] - C:\WINDOWS\bcastdvr [MD5.DE3C720C11A91557E1DFDFF0DB2AA3C2] - [30/10/2015 09:17:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61952] - (10.0.10586.0) - C:\WINDOWS\bfsvc.exe [30/10/2015 21:03:12] - |SHD| - [610843] - C:\WINDOWS\BitLockerDiscoveryVolumeContents [30/10/2015 09:24:24] - |D| - [32716961] - C:\WINDOWS\Boot [MD5.CFA5BC34CF2FDD660D5A330DB7A5B521] - [17/07/2016 01:48:19] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [30/10/2015 09:24:24] - |D| - [4794968] - C:\WINDOWS\Branding [30/10/2015 09:11:39] - |D| - [0] - C:\WINDOWS\CbsTemp [14/07/2009 09:46:31] - |D| - [0] - C:\WINDOWS\CSC [30/10/2015 09:24:24] - |D| - [11679242] - C:\WINDOWS\Cursors [30/10/2015 09:24:24] - |D| - [60571] - C:\WINDOWS\debug [30/10/2015 09:24:24] - |RD| - [20934] - C:\WINDOWS\DesktopTileResources [30/10/2015 09:24:24] - |RD| - [3032320] - C:\WINDOWS\DevicesFlow [MD5.41CE27E9D2A4B25B0ACFCF4B6EAD46E3] - [29/05/2016 14:29:12] - |A| - (.-.) - [20895] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [30/10/2015 09:24:24] - |D| - [4217368] - C:\WINDOWS\diagnostics [MD5.F955ACDA319098480A9387D86E179232] - [29/05/2016 14:29:12] - |A| - (.-.) - [19053] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [30/10/2015 21:00:07] - |D| - [0] - C:\WINDOWS\DigitalLocker [26/02/2016 20:09:18] - |D| - [35003970] - C:\WINDOWS\Downloaded Installations [30/10/2015 09:24:24] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.D246F9D9EB4887066C5BB81068F2C688] - [30/07/2016 18:45:50] - |A| - (.-.) - [372] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log [14/07/2009 09:46:36] - |D| - [0] - C:\WINDOWS\ehome [30/10/2015 09:24:24] - |HD| - [44568] - C:\WINDOWS\ELAMBKUP [30/10/2015 21:00:07] - |D| - [0] - C:\WINDOWS\en-US [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [18/07/2016 07:28:11] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4515256] - (10.0.10586.494) - C:\WINDOWS\explorer.exe [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - [29/02/2016 23:32:05] - |A| - (.© Microsoft Corporation. - Windows Explorer.) - [3231232] - (6.1.7601.19135) - C:\WINDOWS\explorer.exe.backup [MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - [27/02/2016 15:42:24] - |A| - (.© Microsoft Corporation. - Windows Explorer.) - [2868224] - (6.1.7600.16385) - C:\WINDOWS\explorer_backup_wti.exe [30/10/2015 09:24:24] - |RSD| - [358744080] - C:\WINDOWS\Fonts [30/10/2015 21:00:07] - |D| - [134144] - C:\WINDOWS\fr-FR [30/10/2015 09:24:24] - |D| - [25769840] - C:\WINDOWS\Globalization [30/10/2015 09:24:24] - |D| - [1589372] - C:\WINDOWS\Help [MD5.430DE1635CE173440D34ABA1676113D7] - [18/07/2016 07:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [994816] - (10.0.10586.494) - C:\WINDOWS\HelpPane.exe [MD5.C7228F24B9130C64DCF4C390A04A775C] - [30/10/2015 09:17:54] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.10586.0) - C:\WINDOWS\hh.exe [30/10/2015 09:24:24] - |D| - [173194846] - C:\WINDOWS\IME [30/10/2015 09:24:24] - |RD| - [6840341] - C:\WINDOWS\ImmersiveControlPanel [30/10/2015 09:21:47] - |D| - [161299947] - C:\WINDOWS\INF [30/10/2015 09:24:24] - |D| - [943476491] - C:\WINDOWS\InfusedApps [30/10/2015 09:24:24] - |D| - [36258450] - C:\WINDOWS\InputMethod [30/10/2015 09:24:24] - |SHD| - [390663067] - C:\WINDOWS\Installer [30/10/2015 09:24:24] - |D| - [89407] - C:\WINDOWS\L2Schemas [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\LiveKernelReports [30/10/2015 08:31:03] - |D| - [74670566] - C:\WINDOWS\Logs [30/10/2015 09:24:24] - |RSD| - [41346560] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [30/10/2015 09:17:40] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [30/10/2015 09:24:24] - |D| - [787898178] - C:\WINDOWS\Microsoft.NET [30/10/2015 09:24:24] - |D| - [2371] - C:\WINDOWS\Migration [17/07/2016 02:57:10] - |D| - [0] - C:\WINDOWS\Minidump [30/10/2015 09:24:24] - |RD| - [470257] - C:\WINDOWS\MiracastView [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\WINDOWS\msdfmap.ini [MD5.015BD8AE10C0D0395490F1B0FB4E0F06] - [30/10/2015 09:19:28] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [574976] - (10.0.10586.0) - C:\WINDOWS\notepad.exe [30/10/2015 21:00:47] - |D| - [418530] - C:\WINDOWS\OCR [30/10/2015 09:24:24] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [30/10/2015 09:24:24] - |D| - [29721910] - C:\WINDOWS\Performance [30/10/2015 09:24:24] - |D| - [1136442] - C:\WINDOWS\PLA [30/10/2015 09:24:24] - |D| - [6328302] - C:\WINDOWS\PolicyDefinitions [17/07/2016 01:47:46] - |D| - [38306273] - C:\WINDOWS\Prefetch [30/10/2015 09:24:24] - |RD| - [1963312] - C:\WINDOWS\PrintDialog [MD5.026398FFA29364396CEC7A303E99A4C1] - [30/10/2015 21:03:47] - |A| - (.-.) - [32200] - (0.0.0.0) - C:\WINDOWS\Professional.xml [30/10/2015 09:24:24] - |D| - [1297393] - C:\WINDOWS\Provisioning [26/02/2016 20:56:58] - |D| - [63488] - C:\WINDOWS\pss [30/10/2015 09:24:24] - |RD| - [770223] - C:\WINDOWS\PurchaseDialog [MD5.34DBE185600B601082BDD223A17A3485] - [30/10/2015 09:17:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [1081856] - (10.0.10586.0) - C:\WINDOWS\regedit.exe [30/10/2015 09:24:24] - |D| - [1095144] - C:\WINDOWS\registration [30/10/2015 09:24:24] - |D| - [3693985] - C:\WINDOWS\rescache [30/10/2015 09:24:24] - |D| - [18075292] - C:\WINDOWS\Resources [MD5.A444609BA3B1DD9C1E9C7934BBB40350] - [29/05/2016 22:43:25] - |A| - (.Copyright (C) 2015 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2825944] - (1.0.6.4) - C:\WINDOWS\RtlExUpd.dll [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\SchCache [30/10/2015 09:24:24] - |D| - [121229] - C:\WINDOWS\schemas [30/10/2015 09:24:24] - |D| - [7899414] - C:\WINDOWS\security [30/10/2015 21:07:15] - |D| - [87211819] - C:\WINDOWS\ServiceProfiles [30/10/2015 08:28:30] - |D| - [76216650] - C:\WINDOWS\servicing [30/10/2015 09:26:37] - |D| - [42] - C:\WINDOWS\Setup [30/10/2015 21:03:13] - |D| - [4544] - C:\WINDOWS\ShellNew [30/10/2015 21:00:30] - |D| - [6828144] - C:\WINDOWS\SKB [20/03/2016 07:43:02] - |D| - [124526171] - C:\WINDOWS\SoftwareDistribution [26/02/2016 19:53:39] - |D| - [1106974371] - C:\WINDOWS\SoftwareDistribution.Old [30/10/2015 09:24:24] - |D| - [103543755] - C:\WINDOWS\Speech [30/10/2015 09:24:24] - |D| - [50814701] - C:\WINDOWS\Speech_OneCore [MD5.3BB80AF91D069F97006DCCC031164903] - [30/10/2015 09:18:09] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [128000] - (10.0.10586.0) - C:\WINDOWS\splwow64.exe [30/10/2015 09:24:24] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [30/10/2015 08:28:30] - |D| - [4793211583] - C:\WINDOWS\System32 [30/10/2015 09:24:25] - |D| - [155697157] - C:\WINDOWS\SystemApps [30/10/2015 09:24:25] - |D| - [18175861] - C:\WINDOWS\SystemResources [30/10/2015 08:28:37] - |D| - [1494816235] - C:\WINDOWS\SysWOW64 [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\TAPI [14/07/2009 05:20:14] - |D| - [3184] - C:\WINDOWS\Tasks [30/10/2015 09:24:25] - |D| - [140] - C:\WINDOWS\Temp [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\tracing [30/10/2015 09:24:25] - |D| - [7680] - C:\WINDOWS\twain_32 [MD5.669A44C0BCA67D8CDE111F7FBA91EE86] - [30/10/2015 09:19:30] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [60416] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.E126B77AA21DF82FBD267B6785B5C154] - [27/02/2016 15:42:22] - |A| - (.-.) - [50536] - (0.0.0.0) - C:\WINDOWS\UTP.exe [30/10/2015 09:24:25] - |D| - [12420] - C:\WINDOWS\Vss [30/10/2015 09:24:25] - |D| - [15729830] - C:\WINDOWS\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [30/10/2015 09:18:16] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [30/07/2016 18:45:36] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.8C459D003560EA9817F7CDB29AA55382] - [30/10/2015 09:18:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.10586.0) - C:\WINDOWS\winhlp32.exe [30/10/2015 08:28:30] - |D| - [6424180956] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [30/10/2015 09:18:41] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E9C22DCE95A6E5B6C37FED42B3749E32] - [30/10/2015 09:18:14] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.10586.0) - C:\WINDOWS\write.exe ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [29/07/2016 01:12:52] - C:\WINDOWS\Installer\20c55a2.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/07/2016 06:43:54] - C:\WINDOWS\Installer\2619f6.msi : (Classic Shell - IvoSoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/06/2016 01:48:44] - C:\WINDOWS\Installer\8277d5.msi : (Avira Browser Safety - Avira Operations GmbH & Co KG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/01/2016 17:51:46] - C:\WINDOWS\Installer\919f0c.msi : (UE4 Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/07/2016 11:07:32] - C:\WINDOWS\Installer\b342b.msi : (Avira Launcher - Avira Operations GmbH & Co. KG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/07/2016 03:10:11] - C:\WINDOWS\Installer\cffc84.msi : (Java SE Runtime Environment 8 Update 101 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/07/2016 03:10:12] - C:\WINDOWS\Installer\cffc8d.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/07/2016 19:40:40] - C:\WINDOWS\Installer\d3de97.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/07/2016 05:53:23] - C:\WINDOWS\Installer\e4e1f.msi : (Java SE Runtime Environment 8 Update 102 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [30/10/2015 09:18:41] - [3458] - C:\WINDOWS\System32\ieuinit.inf [17/07/2016 01:53:03] - [2131822] - C:\WINDOWS\System32\PerfStringBackup.INI [30/10/2015 09:18:09] - [60124] - C:\WINDOWS\System32\tcpmon.ini [30/10/2015 09:17:49] - [2269] - C:\WINDOWS\System32\WimBootCompress.ini [30/10/2015 09:19:39] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [17/07/2016 01:52:59] - [2036216] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [30/10/2015 09:18:25] - [2269] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | [.oracle_jre_usage] [23/07/2016 03:10:44] - |A| - [51] - C:\Users\Stef\.oracle_jre_usage\17dfc292991c7bc7.timestamp [26/02/2016 20:31:05] - |A| - [56] - C:\Users\Stef\.oracle_jre_usage\48ac84126bcac2aa.timestamp [26/02/2016 20:33:03] - |A| - [56] - C:\Users\Stef\.oracle_jre_usage\48ac84126bcac2cc.timestamp [16/07/2016 01:46:36] - |A| - [50] - C:\Users\Stef\.oracle_jre_usage\90737d32e3abaa4.timestamp ---------- | [3D Objects] [18/07/2016 06:44:15] - |A| - [192654] - C:\Users\Stef\3D Objects\Bulldozer.3mf [18/07/2016 06:44:16] - |A| - [227638] - C:\Users\Stef\3D Objects\Caboose car.3mf [18/07/2016 06:44:16] - |A| - [158247] - C:\Users\Stef\3D Objects\Chess Set.3mf [18/07/2016 06:44:16] - |A| - [23039] - C:\Users\Stef\3D Objects\Cone Shape.3mf [18/07/2016 06:44:16] - |A| - [9079] - C:\Users\Stef\3D Objects\Cube Shape.3mf [18/07/2016 06:44:16] - |A| - [22750] - C:\Users\Stef\3D Objects\Cylinder Shape.3mf [18/07/2016 06:44:15] - |ASH| - [298] - C:\Users\Stef\3D Objects\desktop.ini [18/07/2016 06:44:16] - |A| - [189582] - C:\Users\Stef\3D Objects\Gift Box.3mf [18/07/2016 06:44:15] - |A| - [305981] - C:\Users\Stef\3D Objects\Gimble Keychain.3mf [18/07/2016 06:44:16] - |A| - [8239] - C:\Users\Stef\3D Objects\Hexagon Shape.3mf [18/07/2016 06:44:15] - |A| - [53141] - C:\Users\Stef\3D Objects\Keychain.3mf [18/07/2016 06:44:16] - |A| - [176493] - C:\Users\Stef\3D Objects\Left Curve Track.3mf [18/07/2016 06:44:16] - |A| - [4721] - C:\Users\Stef\3D Objects\Pyramid Shape.3mf [18/07/2016 06:44:16] - |A| - [147058] - C:\Users\Stef\3D Objects\Right Curve Track.3mf [18/07/2016 06:44:15] - |A| - [119010] - C:\Users\Stef\3D Objects\Ship in a Bottle.3mf [18/07/2016 06:44:16] - |A| - [211318] - C:\Users\Stef\3D Objects\Space Shuttle.3mf [18/07/2016 06:44:16] - |A| - [136391] - C:\Users\Stef\3D Objects\Sphere Shape.3mf [18/07/2016 06:44:16] - |A| - [236858] - C:\Users\Stef\3D Objects\Split Track.3mf [18/07/2016 06:44:16] - |A| - [295552] - C:\Users\Stef\3D Objects\Star Trophy.3mf [18/07/2016 06:44:16] - |A| - [128970] - C:\Users\Stef\3D Objects\Straight Track.3mf [18/07/2016 12:10:12] - |A| - [18552] - C:\Users\Stef\3D Objects\Tetrahedron Shape.3mf [18/07/2016 06:44:16] - |A| - [245346] - C:\Users\Stef\3D Objects\Torus Shape.3mf [18/07/2016 06:44:16] - |A| - [169424] - C:\Users\Stef\3D Objects\Track Connector.3mf [18/07/2016 06:44:16] - |A| - [306363] - C:\Users\Stef\3D Objects\Train Engine.3mf [18/07/2016 06:44:16] - |A| - [232957] - C:\Users\Stef\3D Objects\Trophy Cylinder.3mf [18/07/2016 06:44:16] - |A| - [5951] - C:\Users\Stef\3D Objects\Wedge Shape.3mf [18/07/2016 06:44:16] - |A| - [117514] - C:\Users\Stef\3D Objects\Windmill.3mf ---------- | [AppData] [17/07/2016 01:53:37] - |D| - [11464128439] - C:\Users\Stef\AppData\Local [26/02/2016 19:57:26] - |D| - [132905625] - C:\Users\Stef\AppData\LocalLow [17/07/2016 01:53:37] - |D| - [4005214] - C:\Users\Stef\AppData\Roaming ---------- | [Application Data] ---------- | [Contacts] [26/02/2016 19:57:35] - |ASH| - [412] - C:\Users\Stef\Contacts\desktop.ini [26/02/2016 19:57:35] - |A| - [30940] - C:\Users\Stef\Contacts\Stef.contact ---------- | [Cookies] ---------- | [Desktop] [31/07/2016 00:13:29] - |A| - [361001] - C:\Users\Stef\Desktop\2016-07-31_001324.png [22/07/2016 06:48:33] - |SH| - [193] - C:\Users\Stef\Desktop\desktop.ini [31/07/2016 00:00:22] - |A| - [2149376] - C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe ---------- | [Documents] [26/02/2016 20:13:58] - |A| - [12] - C:\Users\Stef\Documents\   espace entre 2 mots en HTML.txt [26/02/2016 20:13:58] - |A| - [93] - C:\Users\Stef\Documents\Accélérer son disque dure.txt [26/02/2016 20:13:58] - |A| - [96] - C:\Users\Stef\Documents\Accélérer Windows avec readyboost.txt [24/07/2016 01:43:26] - |A| - [1259] - C:\Users\Stef\Documents\Activer le compte caché.txt [26/02/2016 20:13:58] - |A| - [215] - C:\Users\Stef\Documents\Actualiser la corbeile regedit.txt [27/07/2016 09:19:45] - |A| - [16374624] - C:\Users\Stef\Documents\aida64extreme575.exe [26/02/2016 20:13:58] - |A| - [612] - C:\Users\Stef\Documents\Ajouter copier dans... et déplacer dans....txt [29/05/2016 19:41:20] - |D| - [4721376] - C:\Users\Stef\Documents\antivirus [21/07/2016 12:04:34] - |D| - [1343580] - C:\Users\Stef\Documents\Changer la police [19/07/2016 21:04:40] - |A| - [7203088] - C:\Users\Stef\Documents\ClassicShellSetup_4_2_7.exe [22/05/2016 04:12:47] - |A| - [2874] - C:\Users\Stef\Documents\click sur image et texte apparait.txt [26/02/2016 20:13:58] - |A| - [968] - C:\Users\Stef\Documents\Clé windows 10.txt [19/07/2016 19:05:36] - |A| - [319] - C:\Users\Stef\Documents\Color barre des titres.txt [26/02/2016 20:13:58] - |A| - [670] - C:\Users\Stef\Documents\Comment retablir la connexion.txt [26/02/2016 20:17:07] - |D| - [941857] - C:\Users\Stef\Documents\Connecteur Wifi [02/03/2016 17:52:22] - |A| - [987] - C:\Users\Stef\Documents\ControleTOTAL.reg [18/07/2016 15:17:42] - |D| - [901611] - C:\Users\Stef\Documents\Convertisseur img BMP [29/07/2016 16:18:25] - |D| - [113675428] - C:\Users\Stef\Documents\Créer une image système Video [26/02/2016 20:13:58] - |A| - [48408] - C:\Users\Stef\Documents\CSS complet d'un thème forumactif.txt [26/02/2016 20:13:58] - |A| - [200] - C:\Users\Stef\Documents\CSS du membre a supprimer.txt [26/02/2016 20:13:58] - |A| - [7702] - C:\Users\Stef\Documents\CSS good thème complet forumactif.txt [26/02/2016 19:57:42] - |ASH| - [402] - C:\Users\Stef\Documents\desktop.ini [18/07/2016 10:16:13] - |D| - [3088] - C:\Users\Stef\Documents\Dossier barre des taches [26/02/2016 20:17:08] - |D| - [2333416] - C:\Users\Stef\Documents\Driver Intel [26/02/2016 20:17:08] - |D| - [359442327] - C:\Users\Stef\Documents\Drivers [11/07/2016 04:06:06] - |D| - [4529456] - C:\Users\Stef\Documents\défragmenteur [22/05/2016 04:50:59] - |A| - [955] - C:\Users\Stef\Documents\esssssssssssssssaie.js [30/07/2016 17:41:12] - |A| - [339750] - C:\Users\Stef\Documents\favoris_30_07_2016.html [25/07/2016 19:49:10] - |D| - [103176] - C:\Users\Stef\Documents\Fax [11/04/2016 23:03:38] - |A| - [13] - C:\Users\Stef\Documents\Fenêtre qui tremblke.txt [26/02/2016 20:13:58] - |A| - [597304] - C:\Users\Stef\Documents\flux-setup.exe [26/02/2016 20:13:58] - |A| - [483] - C:\Users\Stef\Documents\Flèche sur icônes bureau.txt [26/02/2016 20:17:34] - |D| - [1342556] - C:\Users\Stef\Documents\Gravure [27/07/2016 00:31:15] - |A| - [170] - C:\Users\Stef\Documents\Hachtag Config.txt [23/06/2016 08:45:15] - |A| - [1224080] - C:\Users\Stef\Documents\hwmonitor_1.29.exe [26/02/2016 20:13:58] - |A| - [18240176] - C:\Users\Stef\Documents\install_flash_player.exe [28/07/2016 16:26:20] - |D| - [25186399] - C:\Users\Stef\Documents\Logiciel audio [26/07/2016 15:50:56] - |D| - [5041707] - C:\Users\Stef\Documents\Logiciel Explorator Windows [17/07/2016 01:53:37] - |SHD| - [0] - C:\Users\Stef\Documents\Ma musique [26/02/2016 20:14:00] - |A| - [56] - C:\Users\Stef\Documents\Ma vrai clé.txt [26/02/2016 20:16:57] - |D| - [31717016] - C:\Users\Stef\Documents\media players [26/02/2016 20:14:01] - |A| - [373] - C:\Users\Stef\Documents\Meilleur armes BF4.txt [17/07/2016 01:53:37] - |SHD| - [0] - C:\Users\Stef\Documents\Mes images [26/02/2016 20:14:01] - |A| - [1589] - C:\Users\Stef\Documents\Mes mots de passe.txt [23/07/2016 05:43:47] - |D| - [2182760] - C:\Users\Stef\Documents\Mes téléchargements Filehippo [17/07/2016 01:53:37] - |SHD| - [0] - C:\Users\Stef\Documents\Mes vidéos [26/02/2016 20:16:58] - |D| - [50449456] - C:\Users\Stef\Documents\Microsoft [26/02/2016 20:14:01] - |A| - [97] - C:\Users\Stef\Documents\Mot de passe a l'ouverture.txt [26/02/2016 20:14:01] - |A| - [18] - C:\Users\Stef\Documents\mot de passe canard.txt [26/02/2016 20:14:01] - |A| - [27] - C:\Users\Stef\Documents\mot de passe SFR.txt [14/07/2016 14:55:03] - |A| - [1035926] - C:\Users\Stef\Documents\MozBackup-1.5.1-EN.exe [26/02/2016 20:16:57] - |D| - [113520] - C:\Users\Stef\Documents\My Config [26/02/2016 20:16:14] - |D| - [44143192] - C:\Users\Stef\Documents\navigateur [30/05/2016 12:45:40] - |D| - [118580522] - C:\Users\Stef\Documents\NETGEAR N600 [23/07/2016 04:44:21] - |D| - [1358336] - C:\Users\Stef\Documents\Nettoye et optimise le système d'exploitation [26/02/2016 20:16:14] - |D| - [83842465] - C:\Users\Stef\Documents\nettoyeurs [19/07/2016 14:34:36] - |A| - [123] - C:\Users\Stef\Documents\Nom de poupée.txt [18/07/2016 13:31:28] - |RD| - [10138] - C:\Users\Stef\Documents\Nouveau dossier [26/02/2016 20:14:01] - |A| - [5621420] - C:\Users\Stef\Documents\npp.6.8.1.Installer.exe [26/02/2016 20:14:01] - |A| - [5200936] - C:\Users\Stef\Documents\pf7-setup-fr.exe [30/05/2016 08:50:37] - |D| - [44879924] - C:\Users\Stef\Documents\Pilote carte réseau [29/05/2016 17:31:46] - |D| - [10780307] - C:\Users\Stef\Documents\Pilote for pc [26/02/2016 20:14:02] - |A| - [586] - C:\Users\Stef\Documents\Placer un logiciel dans le menu contextuel (clic droit).txt [27/07/2016 13:13:37] - |D| - [98319] - C:\Users\Stef\Documents\Placer un raccourci dans menu contextuel [26/02/2016 20:14:02] - |A| - [1089] - C:\Users\Stef\Documents\Play list Aiekillu.txt [26/02/2016 20:16:15] - |D| - [63109184] - C:\Users\Stef\Documents\Plugins [26/02/2016 20:14:02] - |A| - [36] - C:\Users\Stef\Documents\Pseudo ˙·٠•●Sanshi●•٠·˙.txt [26/02/2016 20:14:02] - |A| - [140] - C:\Users\Stef\Documents\Raccourci bouton arrêt.txt [23/07/2016 21:56:25] - |D| - [2871913] - C:\Users\Stef\Documents\Rainmeter [26/02/2016 20:14:02] - |A| - [390] - C:\Users\Stef\Documents\Remplacer l'icône d'un disque.txt [18/07/2016 15:09:20] - |A| - [2781137] - C:\Users\Stef\Documents\resource-hacker_4-2-5_en_13014.exe [26/02/2016 20:14:02] - |A| - [150] - C:\Users\Stef\Documents\Retirer les pointillés des icônes bureau.txt [02/03/2016 16:32:31] - |A| - [12] - C:\Users\Stef\Documents\SI explorer plante taper cette commande.txt [24/04/2016 10:08:36] - |A| - [549] - C:\Users\Stef\Documents\Supprimer la virgule des sous forum.txt [29/07/2016 17:47:33] - |A| - [143] - C:\Users\Stef\Documents\systemtransparency.ini [27/07/2016 09:27:19] - |D| - [34430751] - C:\Users\Stef\Documents\Thème Aero Glass [18/07/2016 10:36:22] - |D| - [556] - C:\Users\Stef\Documents\Thème Dark caché Windows 10 [26/02/2016 20:14:02] - |A| - [300] - C:\Users\Stef\Documents\TOP 5 meilleurs casques.txt [26/02/2016 20:14:02] - |A| - [1080608] - C:\Users\Stef\Documents\UnityWebPlayer.exe [31/05/2016 18:29:30] - |D| - [3993411] - C:\Users\Stef\Documents\Windows_Loader_v2.2.1 [26/02/2016 20:13:57] - |D| - [2182760] - C:\Users\Stef\Documents\zippeurs [25/03/2016 03:30:39] - |A| - [105664248] - C:\Users\Stef\Documents\ZuneSetupPkg.exe ---------- | [Downloads] [26/02/2016 19:57:42] - |ASH| - [282] - C:\Users\Stef\Downloads\desktop.ini [28/07/2016 15:53:40] - |D| - [0] - C:\Users\Stef\Downloads\NETGEAR ---------- | [Favorites] [26/08/2015 10:23:53] - |A| - [268] - C:\Users\Stef\Favorites\4,00 Go 3,68 Go Utilisable - Recherche Google.URL [26/08/2015 10:23:54] - |A| - [168] - C:\Users\Stef\Favorites\911 Ordi • the boot devices have been changed Problèmes généraux avec Internet.URL [26/08/2015 10:23:53] - |A| - [144] - C:\Users\Stef\Favorites\Accélérer le démarrage d'un ordinateur - YouTube.URL [18/07/2016 06:10:07] - |D| - [358] - C:\Users\Stef\Favorites\Administrations [26/08/2015 10:23:54] - |A| - [163] - C:\Users\Stef\Favorites\Amis - Battlelog Battlefield 4.URL [26/08/2015 10:23:53] - |A| - [149] - C:\Users\Stef\Favorites\Améliorer vitesse et performances de Windows.URL [18/07/2016 06:10:21] - |D| - [173] - C:\Users\Stef\Favorites\Banque de logiciel [18/07/2016 06:10:04] - |D| - [775] - C:\Users\Stef\Favorites\BF4 [17/07/2016 02:05:39] - |A| - [208] - C:\Users\Stef\Favorites\Bing.url [26/08/2015 10:23:53] - |A| - [180] - C:\Users\Stef\Favorites\Bombe de decompression sur avast (Résolu).URL [26/08/2015 10:23:54] - |A| - [142] - C:\Users\Stef\Favorites\booster votre connexion internet a 100% - YouTube.URL [26/08/2015 10:23:53] - |A| - [272] - C:\Users\Stef\Favorites\Changer icône disques durs - Recherche Google.URL [26/08/2015 10:23:53] - |A| - [220] - C:\Users\Stef\Favorites\Changer icône disques durs [HD] - YouTube.URL [26/08/2015 10:23:53] - |A| - [128] - C:\Users\Stef\Favorites\Classic Shell - windows 8.URL [26/08/2015 10:23:53] - |A| - [176] - C:\Users\Stef\Favorites\Clé de licences génériques Microsoft, appelé aussi Clés d’installation des clients KMS. Cbouba.fr des infos et des astuces sur l'informatique.URL [26/08/2015 10:23:54] - |A| - [131] - C:\Users\Stef\Favorites\Code promo LDLC et code reduc LDLC tous les bons plans et les codes de réduction LDLC.com.URL [26/08/2015 10:23:53] - |A| - [187] - C:\Users\Stef\Favorites\Commande shutdown.URL [26/08/2015 10:23:54] - |A| - [164] - C:\Users\Stef\Favorites\Comment accélerer mon ordinateur Conseils et Astuces.URL [26/08/2015 10:23:54] - |A| - [125] - C:\Users\Stef\Favorites\Comment brancher le XIM EDGE ps4.URL [26/08/2015 10:23:53] - |A| - [273] - C:\Users\Stef\Favorites\Comment changer le navigateur par défaut dans Windows 10 Assistance de Firefox.URL [26/08/2015 10:23:54] - |A| - [142] - C:\Users\Stef\Favorites\Comment nettoyer son pc sous windows 8 et 7 - YouTube.URL [18/07/2016 06:10:16] - |D| - [144] - C:\Users\Stef\Favorites\Connexion [18/07/2016 06:10:40] - |D| - [184] - C:\Users\Stef\Favorites\Convertir PNG en ICON [26/02/2016 19:57:42] - |ASH| - [402] - C:\Users\Stef\Favorites\desktop.ini [26/08/2015 10:23:53] - |A| - [157] - C:\Users\Stef\Favorites\DigiProst - YouTube.URL [26/08/2015 10:23:54] - |A| - [183] - C:\Users\Stef\Favorites\Diminuer la température de son processeur.URL [26/08/2015 10:23:53] - |A| - [150] - C:\Users\Stef\Favorites\Désactiver la mise en veille prolongée - Windows 7 - PC Astuces.URL [26/08/2015 10:23:53] - |A| - [200] - C:\Users\Stef\Favorites\F.lux - Règle la luminosité.URL [26/08/2015 10:23:53] - |A| - [203] - C:\Users\Stef\Favorites\Fenêtre animation JS.URL [26/08/2015 10:23:53] - |A| - [304] - C:\Users\Stef\Favorites\fond d'écran hd 3d animé - Recherche Google.URL [26/08/2015 10:23:53] - |A| - [319] - C:\Users\Stef\Favorites\fond d'écran hd 3d gratuit pour pc - Recherche Google.URL [18/07/2016 06:10:14] - |D| - [938] - C:\Users\Stef\Favorites\football & auto [18/07/2016 06:10:14] - |D| - [30079] - C:\Users\Stef\Favorites\FORUM ACTIF [26/08/2015 10:23:53] - |A| - [183] - C:\Users\Stef\Favorites\Forum avoiiiiiiir.URL [26/08/2015 10:23:53] - |A| - [195] - C:\Users\Stef\Favorites\Frange pour rideau JS.URL [26/08/2015 10:23:53] - |A| - [152] - C:\Users\Stef\Favorites\Geckozone • Consulter le sujet - Mettre image personnelle page de démarrage [Résolu].URL [26/08/2015 10:23:53] - |A| - [230] - C:\Users\Stef\Favorites\Geckozone • Consulter le sujet - Mettre les marque page à droite [Résolu].URL [18/07/2016 06:10:10] - |D| - [1053] - C:\Users\Stef\Favorites\Gifs et images [18/07/2016 06:10:31] - |D| - [2530] - C:\Users\Stef\Favorites\GTA V [18/07/2016 06:10:37] - |D| - [3894] - C:\Users\Stef\Favorites\Générateurs [18/07/2016 06:10:23] - |D| - [1808] - C:\Users\Stef\Favorites\Icônes [26/08/2015 10:23:53] - |A| - [135] - C:\Users\Stef\Favorites\Image sera chargé au déffilement.URL [26/08/2015 10:23:53] - |A| - [146] - C:\Users\Stef\Favorites\Images d'horreur.URL [26/08/2015 10:23:53] - |A| - [257] - C:\Users\Stef\Favorites\impots.gouv.fr - Espace Particulier.URL [18/07/2016 06:10:24] - |D| - [5350] - C:\Users\Stef\Favorites\Jeux [26/08/2015 10:23:53] - |A| - [162] - C:\Users\Stef\Favorites\Jeux - Tous les meilleurs logiciels gratuits.URL [26/08/2015 10:23:54] - |A| - [169] - C:\Users\Stef\Favorites\KMPlayer - Télécharger KMPlayer (gratuit).URL [18/07/2016 10:18:23] - |D| - [0] - C:\Users\Stef\Favorites\Liens [26/02/2016 19:57:44] - |RD| - [44065] - C:\Users\Stef\Favorites\Links [18/07/2016 06:10:04] - |D| - [661] - C:\Users\Stef\Favorites\Logiciel pour mémoire [18/07/2016 06:10:32] - |D| - [3795] - C:\Users\Stef\Favorites\Mes forums test [18/07/2016 06:10:08] - |D| - [326] - C:\Users\Stef\Favorites\Mettre image de crew [26/08/2015 10:23:53] - |A| - [338] - C:\Users\Stef\Favorites\mise a jour icône windows 10 - Recherche Google.URL [18/07/2016 06:10:07] - |D| - [4608] - C:\Users\Stef\Favorites\Mozilla Firefox [18/07/2016 06:10:01] - |D| - [7190] - C:\Users\Stef\Favorites\Musiques [26/08/2015 10:23:53] - |A| - [221] - C:\Users\Stef\Favorites\My New Gaming Rendering PC - i7 5960X Octa-core 4.5Ghz OC w Liquid Cooling! [Open Frame] - YouTube.URL [26/08/2015 10:23:54] - |A| - [162] - C:\Users\Stef\Favorites\Nettoyer Windows supprimez tous les programmes et fichiers inutiles.URL [26/08/2015 10:23:54] - |A| - [207] - C:\Users\Stef\Favorites\onglet la solution.URL [26/08/2015 10:23:54] - |A| - [167] - C:\Users\Stef\Favorites\Optimiser Windows 7 pour son SSD.URL [26/08/2015 10:23:53] - |A| - [161] - C:\Users\Stef\Favorites\Password Exporter les mots de passe.URL [18/07/2016 06:10:13] - |D| - [388] - C:\Users\Stef\Favorites\PC - Config [26/08/2015 10:23:53] - |A| - [169] - C:\Users\Stef\Favorites\PC Astuces - Désactiver les services inutiles de Windows 7.URL [26/08/2015 10:23:53] - |A| - [232] - C:\Users\Stef\Favorites\PC Astuces - Personnaliser les icônes de Windows.URL [26/08/2015 10:23:53] - |A| - [179] - C:\Users\Stef\Favorites\Personnaliser l'écran de démarrage de Windows 7.URL [26/08/2015 10:23:53] - |A| - [181] - C:\Users\Stef\Favorites\Personnaliser le bouton démarrer sur Windows 7 et XP ! Easytutoriel.com.URL [26/08/2015 10:23:53] - |A| - [163] - C:\Users\Stef\Favorites\Personnaliser son PC - Tous les meilleurs logiciels gratuits.URL [18/07/2016 06:10:39] - |D| - [336] - C:\Users\Stef\Favorites\Photo Philtre [18/07/2016 06:10:02] - |D| - [1378] - C:\Users\Stef\Favorites\pratique [26/08/2015 10:23:54] - |A| - [147] - C:\Users\Stef\Favorites\probleme connexions d'acces à distance [resolu] Réseau internet.URL [26/08/2015 10:23:53] - |A| - [144] - C:\Users\Stef\Favorites\Présentation Logiciel TuneUp Utilities 2014 [Tuto Fr HD] - YouTube.URL [26/08/2015 10:23:53] - |A| - [191] - C:\Users\Stef\Favorites\Purger la zone de notification des anciennes icônes - Windows 7 - Vista Windows 10 - Windows 8 - Windows 7 - VISTA.URL [26/08/2015 10:23:54] - |A| - [226] - C:\Users\Stef\Favorites\R9 290 Tri-X - 4 Go GDDR5 .URL [26/08/2015 10:23:53] - |A| - [150] - C:\Users\Stef\Favorites\Retirer l'icône Obtenir Windows 10 de la barre des tâches - Windows toutes versions - PC Astuces.URL [26/08/2015 10:23:53] - |A| - [221] - C:\Users\Stef\Favorites\Rust gratuitement.URL [26/08/2015 10:23:54] - |A| - [158] - C:\Users\Stef\Favorites\Réception de votre demande rouen.fr.URL [26/08/2015 10:23:53] - |A| - [183] - C:\Users\Stef\Favorites\Régler fréquence du PRO dans bio.URL [26/08/2015 10:23:53] - |A| - [188] - C:\Users\Stef\Favorites\Sapphire Radeon R9 390 Nitro OC - 8 Go - Carte graphique - Achat Vente sur Materiel.net.URL [18/07/2016 06:10:30] - |D| - [1719] - C:\Users\Stef\Favorites\SFR [26/08/2015 10:23:53] - |A| - [134] - C:\Users\Stef\Favorites\Sireas Icons.URL [18/07/2016 06:10:06] - |D| - [577] - C:\Users\Stef\Favorites\Sites Web Microsoft [18/07/2016 06:10:32] - |D| - [864] - C:\Users\Stef\Favorites\Sites Web MSN [26/08/2015 10:23:54] - |A| - [150] - C:\Users\Stef\Favorites\Sonneries. Musique Soul Téléchargez des sonneries gratuitement sur votre téléphone.URL [18/07/2016 06:10:01] - |D| - [142] - C:\Users\Stef\Favorites\Souris [26/08/2015 10:23:53] - |A| - [158] - C:\Users\Stef\Favorites\Supprimer Optimizer Pro - Comment Supprimer .URL [26/08/2015 10:23:53] - |A| - [210] - C:\Users\Stef\Favorites\Supprimer rapidement le contenu d'un dossier - Windows 8.1 - PC Astuces.URL [26/08/2015 10:23:53] - |A| - [210] - C:\Users\Stef\Favorites\Supprimer rapidement le contenu d'un dossier - Windows toutes versions - PC Astuces.URL [26/08/2015 10:23:53] - |A| - [212] - C:\Users\Stef\Favorites\Supprimer rapidement le contenu d'un dossier - Windows toutes versions.URL [26/08/2015 10:23:54] - |A| - [146] - C:\Users\Stef\Favorites\Supprimer Web Search - Comment Supprimer .URL [26/08/2015 10:23:53] - |A| - [150] - C:\Users\Stef\Favorites\Temps de démarrage de Windows - Windows 7 - PC Astuces.URL [26/08/2015 10:23:53] - |A| - [205] - C:\Users\Stef\Favorites\Terrifiant Fonds d'écran HD Arrière-plans - Wallpaper Abyss.URL [26/08/2015 10:23:53] - |A| - [133] - C:\Users\Stef\Favorites\Test débit ADSL ou Fibre, tester sa connexion.URL [26/08/2015 10:23:53] - |A| - [197] - C:\Users\Stef\Favorites\The Witcher 3 HairWorks on AMD GPUs With Normal Performance.URL [26/08/2015 10:23:53] - |A| - [139] - C:\Users\Stef\Favorites\Trucs et Astuces de la Base de registre de Windows.URL [26/08/2015 10:23:54] - |A| - [179] - C:\Users\Stef\Favorites\Tutorial Baisser son PING.URL [26/08/2015 10:23:54] - |A| - [273] - C:\Users\Stef\Favorites\tutoriel MozBackup - Recherche Google.URL [26/08/2015 10:23:53] - |A| - [191] - C:\Users\Stef\Favorites\Télécharger CPUID HWmonitor Portable (32bit) (gratuit).URL [26/08/2015 10:23:54] - |A| - [157] - C:\Users\Stef\Favorites\Télécharger NetLimiter 4.0.4.0 (Gratuit) pour Windows.URL [26/08/2015 10:23:54] - |A| - [147] - C:\Users\Stef\Favorites\Télécharger RogueKiller.URL [26/08/2015 10:23:54] - |A| - [159] - C:\Users\Stef\Favorites\Télécharger TeamSpeak gratuit.URL [26/08/2015 10:23:53] - |A| - [220] - C:\Users\Stef\Favorites\Télévision sur Ordinateur par Internet.URL [26/08/2015 10:23:53] - |A| - [253] - C:\Users\Stef\Favorites\Un fichier du même nom existe déjà.URL [26/08/2015 10:23:54] - |A| - [144] - C:\Users\Stef\Favorites\Uplay Psyko-034.URL [26/08/2015 10:23:54] - |A| - [170] - C:\Users\Stef\Favorites\Vider la mémoire RAM en utilisant le Bloc-notes.URL [26/08/2015 10:23:53] - |A| - [252] - C:\Users\Stef\Favorites\Vous devez disposer des droit d'administrateur .URL [26/08/2015 10:23:53] - |A| - [157] - C:\Users\Stef\Favorites\WakeMeUp! - Download Page.URL [18/07/2016 06:10:02] - |D| - [2130] - C:\Users\Stef\Favorites\Wallpapers [26/08/2015 10:23:53] - |A| - [219] - C:\Users\Stef\Favorites\WinCustomize page 158.URL [18/07/2016 06:10:26] - |D| - [4629] - C:\Users\Stef\Favorites\Windows [26/08/2015 10:23:54] - |A| - [233] - C:\Users\Stef\Favorites\Windows backup software - Acronis True Image Family.URL [18/07/2016 06:10:23] - |D| - [576] - C:\Users\Stef\Favorites\Windows Live [26/08/2015 10:23:53] - |A| - [130] - C:\Users\Stef\Favorites\WinRAR.URL [18/07/2016 06:10:15] - |D| - [638] - C:\Users\Stef\Favorites\XIM EDGE [26/08/2015 10:23:53] - |A| - [144] - C:\Users\Stef\Favorites\[TUTO COMPLET] Nettoyer son PC efficacement et l'accélérer en 6 méthodes [FR] [HD] - YouTube.URL [26/08/2015 10:23:53] - |A| - [144] - C:\Users\Stef\Favorites\[TUTO] Cracker CursorFX Plus Avoir CursorFX gratuitement [FR] [HD] - YouTube.URL [26/08/2015 10:23:53] - |A| - [221] - C:\Users\Stef\Favorites\[TUTO] Cracker WinRAR 4.11 Avoir WinRAR gratuitement ! [FR] [HD] - YouTube.URL [26/08/2015 10:23:53] - |A| - [144] - C:\Users\Stef\Favorites\[TUTO] Installer des polices d'écriture gratuitement ! [FR] [HD] - YouTube.URL [26/08/2015 10:23:53] - |A| - [178] - C:\Users\Stef\Favorites\[TuTo] Modifiez votre Windows en profondeur - Windows - Le forum de KORBEN.INFO.URL [26/08/2015 10:23:54] - |A| - [142] - C:\Users\Stef\Favorites\▶ Accélérer Nettoyer son PC comme au Premier jour ! - YouTube.URL [26/08/2015 10:23:54] - |A| - [144] - C:\Users\Stef\Favorites\▶ Comment monter son PC - Tutoriel Gamekult - YouTube.URL ---------- | [IntelGraphicsProfiles] [26/02/2016 20:41:18] - |ASH| - [8436] - C:\Users\Stef\IntelGraphicsProfiles\Brighten Video.man.igpi [26/02/2016 20:41:18] - |ASH| - [8436] - C:\Users\Stef\IntelGraphicsProfiles\Darken Video.man.igpi [26/02/2016 20:41:18] - |ASH| - [8436] - C:\Users\Stef\IntelGraphicsProfiles\Enhance Video Colors.man.igpi [03/06/2016 14:52:43] - |ASH| - [7844] - C:\Users\Stef\IntelGraphicsProfiles\Stef.man.igpi ---------- | [Links] [03/04/2016 14:49:27] - |A| - [432] - C:\Users\Stef\Links\Bureau.lnk [03/04/2016 14:21:32] - |A| - [1858] - C:\Users\Stef\Links\Connecteur Wifi.lnk [26/02/2016 19:57:42] - |SH| - [580] - C:\Users\Stef\Links\desktop.ini [24/05/2016 09:32:08] - |A| - [489] - C:\Users\Stef\Links\Desktop.lnk [03/04/2016 14:24:41] - |A| - [1141] - C:\Users\Stef\Links\Document.lnk [26/02/2016 19:57:42] - |A| - [946] - C:\Users\Stef\Links\Downloads.lnk [03/04/2016 14:21:49] - |A| - [1822] - C:\Users\Stef\Links\Images Perso.lnk [24/05/2016 09:32:08] - |A| - [383] - C:\Users\Stef\Links\RecentPlaces.lnk [03/04/2016 14:28:13] - |A| - [1795] - C:\Users\Stef\Links\Wallpaper.lnk ---------- | [Local Settings] [17/07/2016 02:07:32] - |D| - [0] - C:\Users\Stef\Local Settings\ActiveSync [20/06/2016 20:17:07] - |D| - [0] - C:\Users\Stef\Local Settings\Adobe [17/07/2016 01:53:37] - |SHD| - [10425770010] - C:\Users\Stef\Local Settings\Application Data [01/04/2016 03:55:43] - |D| - [0] - C:\Users\Stef\Local Settings\Apps [20/03/2016 12:45:56] - |D| - [32868177] - C:\Users\Stef\Local Settings\BalanCity [14/03/2016 05:58:03] - |D| - [8185972] - C:\Users\Stef\Local Settings\CEF [18/07/2016 11:09:29] - |D| - [2691711] - C:\Users\Stef\Local Settings\ClassicShell [17/07/2016 02:25:28] - |D| - [22225000] - C:\Users\Stef\Local Settings\Comms [17/07/2016 02:40:04] - |D| - [2098321] - C:\Users\Stef\Local Settings\Diagnostics [28/02/2016 11:42:14] - |D| - [679099] - C:\Users\Stef\Local Settings\ElevatedDiagnostics [09/03/2016 01:35:02] - |D| - [2717] - C:\Users\Stef\Local Settings\factormystic.net [25/07/2016 20:13:56] - |D| - [6262] - C:\Users\Stef\Local Settings\FastStone [26/02/2016 20:53:36] - |A| - [44624] - C:\Users\Stef\Local Settings\GDIPFONTCACHEV1.DAT [23/06/2016 09:03:35] - |D| - [483037864] - C:\Users\Stef\Local Settings\Google [01/03/2016 00:01:16] - |D| - [71] - C:\Users\Stef\Local Settings\GWX [17/07/2016 01:53:37] - |SHD| - [290] - C:\Users\Stef\Local Settings\Historique [19/07/2016 21:24:04] - |AH| - [168352] - C:\Users\Stef\Local Settings\IconCache.db [24/03/2016 01:45:13] - |D| - [0] - C:\Users\Stef\Local Settings\Macromedia [17/07/2016 01:53:37] - |D| - [291122092] - C:\Users\Stef\Local Settings\Microsoft [17/07/2016 02:28:14] - |D| - [87469] - C:\Users\Stef\Local Settings\MicrosoftEdge [29/07/2016 13:39:48] - |D| - [0] - C:\Users\Stef\Local Settings\NetworkTiles [11/06/2016 00:57:29] - |D| - [814] - C:\Users\Stef\Local Settings\Noo-Win64-Shipping [17/07/2016 02:05:35] - |D| - [122390617] - C:\Users\Stef\Local Settings\Packages [30/07/2016 13:03:28] - |D| - [0] - C:\Users\Stef\Local Settings\PeerDistRepub [20/03/2016 13:58:08] - |D| - [0] - C:\Users\Stef\Local Settings\Presentable_Liberty [29/02/2016 13:31:24] - |D| - [0] - C:\Users\Stef\Local Settings\Programs [17/07/2016 02:06:45] - |D| - [0] - C:\Users\Stef\Local Settings\Publishers [19/07/2016 11:42:15] - |A| - [17] - C:\Users\Stef\Local Settings\resmon.resmoncfg [19/07/2016 10:03:01] - |D| - [1129678] - C:\Users\Stef\Local Settings\StartIsBack [17/07/2016 01:53:37] - |D| - [531724] - C:\Users\Stef\Local Settings\Temp [17/07/2016 01:53:37] - |SHD| - [7782296] - C:\Users\Stef\Local Settings\Temporary Internet Files [17/07/2016 02:05:32] - |D| - [11411456] - C:\Users\Stef\Local Settings\TileDataLayer [21/04/2016 08:54:00] - |D| - [149] - C:\Users\Stef\Local Settings\TJoC_R [21/04/2016 08:54:00] - |D| - [54] - C:\Users\Stef\Local Settings\UnrealEngine [26/02/2016 19:57:33] - |D| - [5318656] - C:\Users\Stef\Local Settings\VirtualStore [04/05/2016 18:22:31] - |D| - [69632] - C:\Users\Stef\Local Settings\Windows Live ---------- | [Menu Démarrer] ---------- | [Mes documents] ---------- | [Modèles] ---------- | [Music] [26/07/2016 17:06:55] - |A| - [5548336] - C:\Users\Stef\Music\03 A 20 ans (en duo avec Diam's) By PZED-93600.mp3 [26/07/2016 17:06:55] - |A| - [2259616] - C:\Users\Stef\Music\04 No favors.mp3 [26/07/2016 17:06:55] - |A| - [7373661] - C:\Users\Stef\Music\119-zaho-je_te_promets_(edit_radio).mp3 [26/07/2016 17:06:55] - |A| - [4025104] - C:\Users\Stef\Music\16 what's love got to do with it (ft adina howard).mp3 [26/07/2016 17:06:55] - |A| - [4101880] - C:\Users\Stef\Music\9. Rihanna- Rude Boy-MF.mp3 [26/07/2016 17:18:15] - |SH| - [6009] - C:\Users\Stef\Music\AlbumArtSmall.jpg [27/07/2016 15:41:11] - |SH| - [11493] - C:\Users\Stef\Music\AlbumArt_{07AC5AAF-039F-4834-B36C-89DD64C0A0DF}_Large.jpg [27/07/2016 15:41:11] - |SH| - [2439] - C:\Users\Stef\Music\AlbumArt_{07AC5AAF-039F-4834-B36C-89DD64C0A0DF}_Small.jpg [26/07/2016 17:43:03] - |SH| - [11168] - C:\Users\Stef\Music\AlbumArt_{0C5A814F-D460-425C-8272-6A9D60E86188}_Large.jpg [26/07/2016 17:43:03] - |SH| - [2453] - C:\Users\Stef\Music\AlbumArt_{0C5A814F-D460-425C-8272-6A9D60E86188}_Small.jpg [27/07/2016 15:41:45] - |SH| - [10465] - C:\Users\Stef\Music\AlbumArt_{10CEB323-44E8-4296-A7F7-A84487F8F4D8}_Large.jpg [27/07/2016 15:41:45] - |SH| - [2804] - C:\Users\Stef\Music\AlbumArt_{10CEB323-44E8-4296-A7F7-A84487F8F4D8}_Small.jpg [26/07/2016 17:41:22] - |SH| - [12175] - C:\Users\Stef\Music\AlbumArt_{132D51D9-5B25-450C-86D8-34268B44D9E4}_Large.jpg [26/07/2016 17:41:22] - |SH| - [2797] - C:\Users\Stef\Music\AlbumArt_{132D51D9-5B25-450C-86D8-34268B44D9E4}_Small.jpg [27/07/2016 11:09:15] - |SH| - [11039] - C:\Users\Stef\Music\AlbumArt_{14176AE6-48A7-4BBC-A9DF-A2220544D9F4}_Large.jpg [27/07/2016 11:09:15] - |SH| - [2819] - C:\Users\Stef\Music\AlbumArt_{14176AE6-48A7-4BBC-A9DF-A2220544D9F4}_Small.jpg [26/07/2016 17:23:21] - |SH| - [11994] - C:\Users\Stef\Music\AlbumArt_{1B63D9DF-09B8-49C9-815E-0346257867E2}_Large.jpg [26/07/2016 17:23:21] - |SH| - [2921] - C:\Users\Stef\Music\AlbumArt_{1B63D9DF-09B8-49C9-815E-0346257867E2}_Small.jpg [26/07/2016 17:24:24] - |SH| - [8623] - C:\Users\Stef\Music\AlbumArt_{1E5CD141-A3CD-49C3-8DAC-2A8311DE1B94}_Large.jpg [26/07/2016 17:24:24] - |SH| - [2297] - C:\Users\Stef\Music\AlbumArt_{1E5CD141-A3CD-49C3-8DAC-2A8311DE1B94}_Small.jpg [26/07/2016 17:20:54] - |SH| - [12945] - C:\Users\Stef\Music\AlbumArt_{24EC60A2-5CEF-48FB-953C-557E313CB790}_Large.jpg [26/07/2016 17:20:54] - |SH| - [3325] - C:\Users\Stef\Music\AlbumArt_{24EC60A2-5CEF-48FB-953C-557E313CB790}_Small.jpg [26/07/2016 17:27:43] - |SH| - [13864] - C:\Users\Stef\Music\AlbumArt_{5DCADB9D-416C-43B9-9DCD-55B1A68F1CD1}_Large.jpg [26/07/2016 17:27:43] - |SH| - [3214] - C:\Users\Stef\Music\AlbumArt_{5DCADB9D-416C-43B9-9DCD-55B1A68F1CD1}_Small.jpg [26/07/2016 17:26:27] - |SH| - [12554] - C:\Users\Stef\Music\AlbumArt_{6205A7B3-84C4-45F1-893B-2E6735C6A52C}_Large.jpg [26/07/2016 17:26:27] - |SH| - [2957] - C:\Users\Stef\Music\AlbumArt_{6205A7B3-84C4-45F1-893B-2E6735C6A52C}_Small.jpg [26/07/2016 17:21:03] - |SH| - [7644] - C:\Users\Stef\Music\AlbumArt_{85374D1E-B33A-467E-BC3E-FB9327850FF3}_Large.jpg [26/07/2016 17:21:03] - |SH| - [2198] - C:\Users\Stef\Music\AlbumArt_{85374D1E-B33A-467E-BC3E-FB9327850FF3}_Small.jpg [26/07/2016 17:18:15] - |SH| - [29571] - C:\Users\Stef\Music\AlbumArt_{AD959C91-0600-4ECB-A388-E948FF86652E}_Large.jpg [26/07/2016 17:18:15] - |SH| - [6009] - C:\Users\Stef\Music\AlbumArt_{AD959C91-0600-4ECB-A388-E948FF86652E}_Small.jpg [26/07/2016 17:24:36] - |SH| - [12306] - C:\Users\Stef\Music\AlbumArt_{B148F820-930D-4661-B73A-90BDCF57FCA7}_Large.jpg [26/07/2016 17:24:36] - |SH| - [3038] - C:\Users\Stef\Music\AlbumArt_{B148F820-930D-4661-B73A-90BDCF57FCA7}_Small.jpg [26/07/2016 17:21:32] - |SH| - [7050] - C:\Users\Stef\Music\AlbumArt_{CE0E6255-E54F-4E9B-9BE3-F98745023AE2}_Large.jpg [26/07/2016 17:21:32] - |SH| - [2152] - C:\Users\Stef\Music\AlbumArt_{CE0E6255-E54F-4E9B-9BE3-F98745023AE2}_Small.jpg [27/07/2016 15:41:22] - |SH| - [13864] - C:\Users\Stef\Music\AlbumArt_{F90D73C3-643A-4ADB-B7B5-DD09E4E3E054}_Large.jpg [27/07/2016 15:41:22] - |SH| - [3214] - C:\Users\Stef\Music\AlbumArt_{F90D73C3-643A-4ADB-B7B5-DD09E4E3E054}_Small.jpg [26/07/2016 17:06:56] - |A| - [6717441] - C:\Users\Stef\Music\Alicia Keys - A Womans Worth.mp3 [26/07/2016 17:06:56] - |A| - [6865315] - C:\Users\Stef\Music\Alicia Keys - Diary.mp3 [26/07/2016 17:06:56] - |A| - [5958887] - C:\Users\Stef\Music\Alicia Keys ft Drake - Unthinkable (Im ready) (Sub. Español).mp3 [26/07/2016 17:06:57] - |A| - [5696470] - C:\Users\Stef\Music\Ballad_Of_Jimmy_Bones_-_Latoiya_Williams.mp3 [26/07/2016 17:06:57] - |A| - [4593916] - C:\Users\Stef\Music\Barry White - Change.mp3 [26/07/2016 17:06:57] - |A| - [8327922] - C:\Users\Stef\Music\Beyonce - Sweat Dreams.mp3 [26/07/2016 17:06:57] - |A| - [5396565] - C:\Users\Stef\Music\Beyoncé - Halo.mp3 [26/07/2016 17:06:58] - |A| - [7737659] - C:\Users\Stef\Music\Blackstreet - Tonights The Night ft. SWV Craig Mack.mp3 [26/07/2016 17:06:58] - |A| - [7784533] - C:\Users\Stef\Music\Boyz - 2.mp3 [26/07/2016 17:06:58] - |A| - [6104964] - C:\Users\Stef\Music\Boyz II Men - Close The Door (Teddy Pendergrass cover).mp3 [26/07/2016 17:06:59] - |A| - [6773719] - C:\Users\Stef\Music\Chaka Khan - Aint Nobody.mp3 [26/07/2016 17:06:59] - |A| - [8000200] - C:\Users\Stef\Music\Chemise - She Cant Love You (1982).mp3 [26/07/2016 17:06:59] - |A| - [7219076] - C:\Users\Stef\Music\De - La.mp3 [26/02/2016 19:57:42] - |ASH| - [504] - C:\Users\Stef\Music\desktop.ini [26/07/2016 17:07:00] - |A| - [7478127] - C:\Users\Stef\Music\Dr. Dre - Forgot About Dre ft. Eminem Hittman.mp3 [26/07/2016 17:07:00] - |A| - [5782864] - C:\Users\Stef\Music\Dr. Dre - Kush ft. Snoop Dogg Akon.mp3 [26/07/2016 17:07:00] - |A| - [4810607] - C:\Users\Stef\Music\Dr. Dre - The Next Episode ft. Snoop Dogg Kurupt Nate Dogg.mp3 [26/07/2016 17:05:27] - |D| - [25131744] - C:\Users\Stef\Music\Drake [26/07/2016 17:05:26] - |D| - [26696792] - C:\Users\Stef\Music\Dépèche Mode [26/07/2016 17:07:01] - |A| - [6769665] - C:\Users\Stef\Music\Empire - State.mp3 [26/07/2016 17:07:01] - |A| - [5672376] - C:\Users\Stef\Music\Flarve - Holes - [Official Audio].mp3 [26/07/2016 17:18:15] - |SH| - [29571] - C:\Users\Stef\Music\Folder.jpg [26/07/2016 17:05:28] - |D| - [265135282] - C:\Users\Stef\Music\funk [26/07/2016 17:07:01] - |A| - [4518140] - C:\Users\Stef\Music\Jason Derulo - Talk Dirty feat. 2 Chainz (Official HD Music Vide.mp3 [26/07/2016 17:07:01] - |A| - [13501943] - C:\Users\Stef\Music\Justin Timberlake - What Goes Around...Comes Around.mp3 [26/07/2016 17:07:02] - |A| - [5616501] - C:\Users\Stef\Music\Lil Wayne - Live From The Gutter Feat Hoodybaby T ( Lil Wayne - No Ceilings 2) - vidéo Dailymotion.mp3 [26/07/2016 17:07:02] - |A| - [6123772] - C:\Users\Stef\Music\Mario - Let me love you (Acoustic Version) (Audio with ly.mp3 [26/07/2016 17:07:02] - |A| - [5776552] - C:\Users\Stef\Music\Michael Jackson - - Remember The Time.mp3 [26/07/2016 17:07:03] - |A| - [7083699] - C:\Users\Stef\Music\Michael Jackson - Billie Jean.mp3 [26/07/2016 17:07:03] - |A| - [8501124] - C:\Users\Stef\Music\Michael Jackson - Dont Stop Till You Get Enough _HQ_.mp3 [26/07/2016 17:07:03] - |A| - [9415180] - C:\Users\Stef\Music\Michael Jackson - In The Closet (Lyrics on screen).mp3 [26/07/2016 17:07:04] - |A| - [5691184] - C:\Users\Stef\Music\Michael Jackson - Liberian Girl (Kizomba remix by M&N PRO ft Nilto.mp3 [26/07/2016 17:07:04] - |A| - [5187397] - C:\Users\Stef\Music\Michael Jackson - Liberian Girl Lyrics.mp3 [26/07/2016 17:07:04] - |A| - [6411871] - C:\Users\Stef\Music\Michael Jackson - You Rock My World (with lyrics) (HQ).mp3 [26/07/2016 17:07:05] - |A| - [5362041] - C:\Users\Stef\Music\Michael Jackson ft. 2Pac - Letter To My Liberian Girl.mp3 [26/07/2016 17:07:05] - |A| - [5960893] - C:\Users\Stef\Music\Michael Jackson Justin Timberlake - Love Never Felt So Good.mp3 [26/07/2016 17:05:40] - |D| - [1073927847] - C:\Users\Stef\Music\Music [26/07/2016 17:06:30] - |D| - [496338637] - C:\Users\Stef\Music\Musiques [26/07/2016 17:07:05] - |A| - [5498756] - C:\Users\Stef\Music\Nelly - Hot In Herre (W_Lyrics).mp3 [26/07/2016 17:07:05] - |A| - [7370398] - C:\Users\Stef\Music\No Diggity - Blackstreet ft. Dr Dre (Best Quality).mp3 [26/07/2016 17:07:06] - |A| - [5455037] - C:\Users\Stef\Music\Omarion Ft. Chris Brown & Jhene Aiko - Post To Be (Official Video).mp3 [26/07/2016 17:06:54] - |D| - [62742] - C:\Users\Stef\Music\Playlists [26/07/2016 17:07:06] - |A| - [6906192] - C:\Users\Stef\Music\R.KELLY - WHEN A WOMANS FED UP __(LYRICS ON SCREEN)__.mp3 [26/07/2016 17:07:06] - |A| - [5446783] - C:\Users\Stef\Music\Rihanna - Rude Boy.mp3 [26/07/2016 17:07:07] - |A| - [4867118] - C:\Users\Stef\Music\Seal - Its A Mans Mans Mans World (Soul).mp3 [26/07/2016 17:07:07] - |A| - [5158286] - C:\Users\Stef\Music\Sister Sledge - Hes The Greatest Dancer.mp3 [26/07/2016 17:07:07] - |A| - [5057161] - C:\Users\Stef\Music\Sister Sledge - We Are Family.mp3 [26/07/2016 17:07:07] - |A| - [7842838] - C:\Users\Stef\Music\Snoop Dogg Ft.Pharrell - Beautiful (Official Music Video) (2002).mp3 [26/07/2016 17:07:08] - |A| - [5948499] - C:\Users\Stef\Music\Snoop_Dogg_Feat_MC_Ren_&_RBX_-_Legend_Of_Jimmy_Bones.mp3 [26/07/2016 17:07:08] - |A| - [9486045] - C:\Users\Stef\Music\Temper - No Favors (HQ+Sound 12 inch Remix).mp3 [26/07/2016 17:06:54] - |D| - [10930700] - C:\Users\Stef\Music\The Weeknd [26/07/2016 17:07:09] - |A| - [6624487] - C:\Users\Stef\Music\Usher & Alicia Keys - My Boo.mp3 [26/07/2016 17:07:08] - |A| - [5485360] - C:\Users\Stef\Music\Usher - Nice and Slow.mp3 [26/07/2016 17:07:09] - |A| - [4703087] - C:\Users\Stef\Music\Usher - You Make Me Wanna....mp3 [26/07/2016 17:07:09] - |A| - [5775403] - C:\Users\Stef\Music\Warren G - Regulate ft. Nate Dogg.mp3 [26/07/2016 17:06:54] - |D| - [15008604] - C:\Users\Stef\Music\Wiz Khalifa ---------- | [Pictures] [25/07/2016 14:59:08] - |A| - [44554] - C:\Users\Stef\Pictures\2016-07-22_060232.jpg [25/07/2016 14:59:08] - |A| - [138680] - C:\Users\Stef\Pictures\2016-07-22_072430.jpg [25/07/2016 14:59:08] - |A| - [142817] - C:\Users\Stef\Pictures\2016-07-22_072552.jpg [25/07/2016 14:59:08] - |A| - [56864] - C:\Users\Stef\Pictures\2016-07-22_072609.jpg [25/07/2016 14:59:08] - |A| - [51190] - C:\Users\Stef\Pictures\2016-07-23_055838.jpg [25/07/2016 14:59:08] - |A| - [91862] - C:\Users\Stef\Pictures\2016-07-23_185645.jpg [25/07/2016 14:59:08] - |A| - [90489] - C:\Users\Stef\Pictures\2016-07-23_185744.jpg [25/07/2016 14:59:08] - |A| - [23444] - C:\Users\Stef\Pictures\2016-07-23_231437.jpg [25/07/2016 14:13:51] - |A| - [64900] - C:\Users\Stef\Pictures\2016-07-25_141346.jpg [25/07/2016 18:38:55] - |A| - [35288] - C:\Users\Stef\Pictures\2016-07-25_183851.jpg [25/07/2016 18:40:44] - |A| - [24329] - C:\Users\Stef\Pictures\2016-07-25_184041.jpg [25/07/2016 18:42:03] - |A| - [25023] - C:\Users\Stef\Pictures\2016-07-25_184201.jpg [26/07/2016 09:02:39] - |A| - [63346] - C:\Users\Stef\Pictures\2016-07-26_090235.png [26/07/2016 09:06:12] - |A| - [64915] - C:\Users\Stef\Pictures\2016-07-26_090606.png [26/07/2016 09:06:48] - |A| - [11182] - C:\Users\Stef\Pictures\2016-07-26_090645.png [27/07/2016 10:16:29] - |A| - [6668] - C:\Users\Stef\Pictures\2016-07-27_101625.png [17/07/2016 02:08:11] - |RD| - [190] - C:\Users\Stef\Pictures\Camera Roll [25/07/2016 14:59:08] - |A| - [157966] - C:\Users\Stef\Pictures\CPUID_1.jpg [25/07/2016 14:59:08] - |A| - [31366] - C:\Users\Stef\Pictures\CPUID_2.jpg [26/02/2016 19:57:42] - |ASH| - [504] - C:\Users\Stef\Pictures\desktop.ini [25/07/2016 14:59:08] - |A| - [89645] - C:\Users\Stef\Pictures\Gestionnaire.jpg [29/05/2016 16:33:48] - |D| - [230298054] - C:\Users\Stef\Pictures\Icônes [29/05/2016 16:34:06] - |D| - [31796877] - C:\Users\Stef\Pictures\icônes éssaie [29/05/2016 16:16:48] - |RSD| - [221953013] - C:\Users\Stef\Pictures\Images [27/07/2016 12:05:35] - |RSD| - [1049424209] - C:\Users\Stef\Pictures\Images Perso [21/07/2016 06:28:40] - |RSD| - [46773454] - C:\Users\Stef\Pictures\Photos [21/07/2016 06:28:42] - |D| - [39132535] - C:\Users\Stef\Pictures\Photos Maison [19/07/2016 21:44:08] - |RD| - [190] - C:\Users\Stef\Pictures\Saved Pictures [23/07/2016 01:38:00] - |D| - [576452] - C:\Users\Stef\Pictures\Smiley [29/05/2016 16:35:21] - |D| - [5864946] - C:\Users\Stef\Pictures\Start Orb Changer [21/07/2016 06:28:46] - |RSD| - [2179369] - C:\Users\Stef\Pictures\tatouages [21/07/2016 06:28:46] - |RSD| - [66872167] - C:\Users\Stef\Pictures\Wallpaper [29/05/2016 16:36:15] - |D| - [5801215] - C:\Users\Stef\Pictures\À partir de Mon NOKIA ---------- | [Podcasts] [25/03/2016 03:41:26] - |ASH| - [414] - C:\Users\Stef\Podcasts\desktop.ini [25/06/2016 22:47:06] - |D| - [4233136] - C:\Users\Stef\Podcasts\Music a nice [25/06/2016 22:47:36] - |D| - [1006683] - C:\Users\Stef\Podcasts\My pictures ---------- | [Recent] ---------- | [Saved Games] [26/02/2016 19:57:42] - |ASH| - [282] - C:\Users\Stef\Saved Games\desktop.ini ---------- | [Searches] [26/02/2016 19:57:42] - |ASH| - [524] - C:\Users\Stef\Searches\desktop.ini [26/02/2016 19:57:42] - |RAH| - [248] - C:\Users\Stef\Searches\Everywhere.search-ms [26/02/2016 19:57:42] - |RAH| - [248] - C:\Users\Stef\Searches\Indexed Locations.search-ms [12/03/2016 01:13:56] - |A| - [944] - C:\Users\Stef\Searches\Pense-bête (Pense-bête Windows).searchconnector-ms [29/05/2016 15:49:54] - |A| - [859] - C:\Users\Stef\Searches\winrt--{S-1-5-21-2602208218-2662133878-2470281216-1000}-.searchconnector-ms ---------- | [SendTo] ---------- | [Tracing] [04/05/2016 18:37:36] - |D| - [0] - C:\Users\Stef\Tracing\WPPMedia ---------- | [Videos] [26/02/2016 19:57:42] - |ASH| - [504] - C:\Users\Stef\Videos\desktop.ini ---------- | [Virtual Machines] [26/02/2016 19:57:42] - |ASH| - [442] - C:\Users\Stef\Virtual Machines\desktop.ini ---------- | [Voisinage d'impression] ---------- | [Voisinage réseau] ---------- | C:\ProgramData [17/07/2016 02:02:44] - |SHD| - [9084624826] - C:\ProgramData\Application Data [10/06/2016 01:23:25] - |D| - [197203789] - C:\ProgramData\Avira [26/02/2016 19:57:20] - |SHD| - [0] - C:\ProgramData\Bureau [19/07/2016 21:03:31] - |D| - [188376] - C:\ProgramData\ClassicShell [07/03/2016 02:22:53] - |D| - [3] - C:\ProgramData\D83C629D-C688-4A07-8615-94974D65F157 [17/07/2016 02:02:44] - |SHD| - [278] - C:\ProgramData\Documents [17/07/2016 01:51:07] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [26/02/2016 19:57:20] - |SHD| - [0] - C:\ProgramData\Favoris [25/07/2016 14:38:11] - |D| - [0] - C:\ProgramData\Malwarebytes [26/02/2016 19:57:20] - |SHD| - [227648] - C:\ProgramData\Menu Démarrer [30/10/2015 09:24:24] - |SD| - [757531451] - C:\ProgramData\Microsoft [17/07/2016 02:08:05] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [26/02/2016 19:57:20] - |SHD| - [0] - C:\ProgramData\Modèles [28/07/2016 19:40:44] - |D| - [1356] - C:\ProgramData\NETGEAR [18/07/2016 05:42:37] - |RASH| - [596] - C:\ProgramData\ntuser.pol [26/02/2016 20:30:58] - |D| - [63] - C:\ProgramData\Oracle [28/02/2016 20:08:04] - |D| - [54567479] - C:\ProgramData\Package Cache [17/07/2016 05:33:26] - |D| - [1005] - C:\ProgramData\Ralink [30/10/2015 09:24:24] - |D| - [998] - C:\ProgramData\regid.1991-06.com.microsoft [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\SoftwareDistribution [30/10/2015 09:24:24] - |D| - [1070] - C:\ProgramData\USOPrivate [17/07/2016 02:03:02] - |D| - [1056768] - C:\ProgramData\USOShared ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [26/02/2016 19:57:20] - |SHD| - [113737] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [30/10/2015 09:24:24] - |RD| - [113737] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [30/10/2015 09:24:24] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [30/10/2015 09:24:24] - |RD| - [17351] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [30/10/2015 09:24:24] - |RD| - [23012] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [15/07/2016 22:18:33] - |D| - [2544] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility [28/07/2016 16:26:50] - |A| - [1092] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [10/06/2016 01:23:26] - |D| - [4797] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [16/07/2016 02:05:31] - |D| - [922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [18/07/2016 12:38:16] - |D| - [8594] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell [11/04/2016 08:53:35] - |D| - [2029] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [30/10/2015 09:24:28] - |ASH| - [1010] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/10/2015 09:18:13] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [30/10/2015 09:19:28] - |RAS| - [2197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk [26/02/2016 20:52:06] - |D| - [4260] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture [14/07/2009 07:32:38] - |RD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [23/06/2016 09:03:34] - |A| - [2270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [30/10/2015 09:19:28] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [16/07/2016 01:50:11] - |D| - [6976] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [30/10/2015 09:24:24] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [30/10/2015 09:17:57] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [22/05/2016 18:19:43] - |D| - [4344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 [30/10/2015 09:19:28] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [26/07/2016 15:53:15] - |D| - [10191] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QTTabBar [23/07/2016 21:56:21] - |A| - [1747] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk [30/10/2015 09:18:07] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [30/10/2015 09:24:24] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [30/10/2015 09:24:24] - |RD| - [4033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [30/10/2015 21:03:12] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [26/02/2016 20:50:02] - |D| - [4257] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [25/03/2016 03:39:21] - |D| - [945] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [15/07/2016 22:18:22] - |D| - [180517868] - C:\Program Files (x86)\ASRock Utility [28/07/2016 16:26:44] - |D| - [53646166] - C:\Program Files (x86)\Audacity [29/05/2016 19:41:31] - |D| - [679902554] - C:\Program Files (x86)\Avira [18/07/2016 07:39:38] - |D| - [472309] - C:\Program Files (x86)\CMAK [30/10/2015 08:28:30] - |D| - [136860960] - C:\Program Files (x86)\Common Files [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [26/02/2016 20:52:06] - |D| - [1388600] - C:\Program Files (x86)\FastStone Capture [23/06/2016 09:01:44] - |D| - [645668677] - C:\Program Files (x86)\Google [26/02/2016 20:09:30] - |HD| - [20878331] - C:\Program Files (x86)\InstallShield Installation Information [26/02/2016 20:39:07] - |D| - [4696566] - C:\Program Files (x86)\Intel [30/10/2015 09:24:24] - |D| - [2155161] - C:\Program Files (x86)\Internet Explorer [26/02/2016 20:30:56] - |D| - [0] - C:\Program Files (x86)\Java [30/10/2015 09:24:24] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [17/07/2016 02:36:31] - |D| - [25757] - C:\Program Files (x86)\MSBuild [28/07/2016 19:41:04] - |D| - [13764851] - C:\Program Files (x86)\NETGEAR [22/05/2016 18:19:42] - |D| - [8324967] - C:\Program Files (x86)\PhotoFiltre 7 [29/05/2016 22:40:38] - |D| - [5531900] - C:\Program Files (x86)\Realtek [17/07/2016 02:36:31] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [30/07/2016 18:37:52] - |D| - [39680] - C:\Program Files (x86)\Slowin Killer [18/03/2016 11:23:43] - |HD| - [0] - C:\Program Files (x86)\Temp [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [31/05/2016 12:08:32] - |D| - [0] - C:\Program Files (x86)\VideoLAN [26/02/2016 20:51:05] - |D| - [6840319] - C:\Program Files (x86)\VS Revo Group [30/10/2015 09:24:24] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [30/10/2015 09:24:24] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [30/10/2015 09:24:24] - |D| - [3682895] - C:\Program Files (x86)\Windows Media Player [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [30/10/2015 09:24:24] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [30/10/2015 09:24:24] - |SD| - [2685232] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [15/07/2016 22:18:38] - |D| - [12623096] - C:\Program Files\ASRock Utility [16/07/2016 02:05:30] - |D| - [19202488] - C:\Program Files\CCleaner [22/07/2016 06:44:22] - |D| - [13205134] - C:\Program Files\Classic Shell [18/07/2016 07:39:38] - |D| - [215040] - C:\Program Files\CMAK [30/10/2015 08:28:30] - |D| - [51219009] - C:\Program Files\Common Files [11/04/2016 08:53:35] - |D| - [3110772] - C:\Program Files\CPUID [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files\desktop.ini [28/05/2016 11:33:27] - |D| - [930272] - C:\Program Files\DIFX [26/02/2016 19:57:20] - |SHD| - [51219009] - C:\Program Files\Fichiers communs [17/07/2016 01:50:42] - |D| - [45806313] - C:\Program Files\Intel [30/10/2015 09:24:24] - |D| - [2776452] - C:\Program Files\Internet Explorer [16/07/2016 01:49:57] - |D| - [253474445] - C:\Program Files\Java [17/07/2016 02:36:31] - |D| - [25757] - C:\Program Files\MSBuild [27/07/2016 11:06:09] - |D| - [2589711] - C:\Program Files\QTTabBar [23/07/2016 21:56:20] - |D| - [6268006] - C:\Program Files\Rainmeter [17/07/2016 01:50:53] - |D| - [42726992] - C:\Program Files\Realtek [17/07/2016 02:36:31] - |D| - [36850857] - C:\Program Files\Reference Assemblies [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [16/07/2016 01:57:12] - |D| - [134538777] - C:\Program Files\VideoLAN [30/10/2015 09:24:24] - |D| - [11400666] - C:\Program Files\Windows Defender [30/10/2015 21:03:12] - |D| - [8974456] - C:\Program Files\Windows Journal [30/10/2015 09:24:24] - |D| - [6322176] - C:\Program Files\Windows Mail [30/10/2015 09:24:24] - |D| - [5734515] - C:\Program Files\Windows Media Player [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7862330] - C:\Program Files\Windows NT [30/10/2015 09:24:24] - |D| - [6381248] - C:\Program Files\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files\Windows Sidebar [30/10/2015 09:24:24] - |HD| - [1046406485] - C:\Program Files\WindowsApps [30/10/2015 09:24:24] - |SD| - [2856133] - C:\Program Files\WindowsPowerShell [26/02/2016 20:50:01] - |D| - [6012952] - C:\Program Files\WinRAR [25/03/2016 03:39:20] - |D| - [111262720] - C:\Program Files\Zune ---------- | C:\Program Files (x86)\Common Files [18/03/2016 11:39:25] - |D| - [2106564] - C:\Program Files (x86)\Common Files\InstallShield [17/07/2016 01:50:37] - |D| - [68094787] - C:\Program Files (x86)\Common Files\Intel [23/07/2016 03:10:49] - |D| - [1973320] - C:\Program Files (x86)\Common Files\Java [30/10/2015 09:24:24] - |D| - [13911825] - C:\Program Files (x86)\Common Files\Microsoft Shared [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [17/07/2016 01:54:41] - |D| - [41095079] - C:\Program Files (x86)\Common Files\SpeechEngines [30/10/2015 09:24:24] - |D| - [9676683] - C:\Program Files (x86)\Common Files\System [04/05/2016 18:22:17] - |D| - [0] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [24/05/2016 15:05:08] - |D| - [0] - C:\Program Files\Common files\LogiShrd [30/10/2015 09:24:24] - |D| - [40111656] - C:\Program Files\Common files\microsoft shared [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files\Common files\Services [17/07/2016 01:54:38] - |D| - [599040] - C:\Program Files\Common files\SpeechEngines [30/10/2015 09:24:24] - |D| - [10505611] - C:\Program Files\Common files\System ---------- | Tasks [MD5.2FDBE563097AE6AB0D14EB70A2C7E7DA] - [26/02/2016 20:49:21] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [MD5.445C5373CC4A9DB138728A7AD00DA0E4] - [29/07/2016 01:12:56] - |A| - [1086] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [MD5.227F7F3933F700A5D1585CFA15CC4D47] - [29/07/2016 01:12:56] - |A| - [1090] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.00000000000000000000000000000000] - [06/03/2016 08:54:46] - |D| - [0] - C:\WINDOWS\Tasks\ImCleanDisabled [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [17/07/2016 02:01:19] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.30CD18B24DEDE265BA8FB597662C1761] - [26/02/2016 20:49:21] - |A| - [4050] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.21E9067451EC6CE03069DCF444691632] - [30/07/2016 23:20:33] - |A| - [3026] - C:\WINDOWS\System32\Tasks\AsrSP.exe : C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [MD5.E1A81A5078FB9E1B45E7FF03BCC45A67] - [10/06/2016 01:49:00] - |A| - [3544] - C:\WINDOWS\System32\Tasks\Avira Browser Safety Updater Task : "C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe" [MD5.5B1A45F0CD7C64AC17A16419B48A60FA] - [16/07/2016 02:05:32] - |A| - [2896] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.29B9EE4014151BC2C5BF1108592B3A48] - [19/07/2016 17:37:07] - |A| - [3638] - C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask : C:\WINDOWS\explorer.exe [MD5.9F937D128D61619ECFE4D0634D3E4478] - [23/06/2016 09:01:46] - |A| - [3916] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.1196D67B557F0B5AF1E50FA45BB4F65D] - [23/06/2016 09:01:47] - |A| - [4148] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [546382] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.D2C97D1BEA7E1E94FC6413D77D076941] - [23/07/2016 04:58:29] - |A| - [4158] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A9524E2B-7606-473D-AF02-85E673A18B9F} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4474] - C:\WINDOWS\System32\Tasks\WPD [MD5.167EFE289C664C6F035BD85EA8BADDA0] - [18/03/2016 11:24:18] - |A| - [3324] - C:\WINDOWS\System32\Tasks\{AB80BEF9-895A-42B8-BB55-4408E429E58D} : C:\Windows\system32\pcalua.exe [MD5.ACF886871D042DC9BB392F9E202C3C21] - [17/07/2016 05:20:34] - |A| - [3228] - C:\WINDOWS\System32\Tasks\{E4E14FF5-0E0A-45D3-850D-77BDA5A8A037} : C:\WINDOWS\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "DeliveryOptimization-TCP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "MDNS-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MSMQ-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\mqsvc.exe|Name=@mqutil.dll,-11189|Desc=@mqutil.dll,-11189|EmbedCtxt=@mqutil.dll,-6102| "MSMQ-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\mqsvc.exe|Name=@mqutil.dll,-11190|Desc=@mqutil.dll,-11190|EmbedCtxt=@mqutil.dll,-6102| "MSMQ-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=%systemroot%\system32\mqsvc.exe|Name=@mqutil.dll,-11191|Desc=@mqutil.dll,-11191|EmbedCtxt=@mqutil.dll,-6102| "MSMQ-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\mqsvc.exe|Name=@mqutil.dll,-11192|Desc=@mqutil.dll,-11192|EmbedCtxt=@mqutil.dll,-6102| "IIS-WebServerRole-HTTP-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|App=System|Name=@%windir%\system32\inetsrv\iisres.dll,-30500|Desc=@%windir%\system32\inetsrv\iisres.dll,-30510|EmbedCtxt=@%windir%\system32\inetsrv\iisres.dll,-30501| "IIS-WebServerRole-HTTPS-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=443|App=System|Name=@%windir%\system32\inetsrv\iisres.dll,-30502|Desc=@%windir%\system32\inetsrv\iisres.dll,-30512|EmbedCtxt=@%windir%\system32\inetsrv\iisres.dll,-30503| "WCF-NetTcpActivator-In-TCP-64bit"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|Svc=NetTcpActivator|Name=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2000|Desc=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2001|EmbedCtxt=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2002| "{6749B820-00AD-4EAF-9949-B97C80605102}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{7E74333A-DA0F-4268-9BC7-1B0AB9EDA280}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=upnphost|Name=@C:\Program Files\Zune\zuneresources.dll,-299|Desc=@C:\Program Files\Zune\zuneresources.dll,-300|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{9189557F-7773-41C8-8D26-148EBE4B541B}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-297|Desc=@C:\Program Files\Zune\zuneresources.dll,-298|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{4FE66609-02BA-4DF4-BE6A-BC0E116F6813}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-295|Desc=@C:\Program Files\Zune\zuneresources.dll,-296|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{33EF54FB-0CF2-4193-B241-209B1B63EE0D}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-293|Desc=@C:\Program Files\Zune\zuneresources.dll,-294|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{2939F03D-ACCE-4C1B-8167-EDABFC12557C}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-291|Desc=@C:\Program Files\Zune\zuneresources.dll,-292|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{1E63335E-44AA-4FB0-8143-286FAF5F83D4}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-289|Desc=@C:\Program Files\Zune\zuneresources.dll,-290|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{EEA346F3-00B4-4D6E-BF06-1DD8DB6C8907}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=10243|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-287|Desc=@C:\Program Files\Zune\zuneresources.dll,-288|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{949FCBF8-A3FF-46AE-8A1B-6A1DACC28EEC}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-285|Desc=@C:\Program Files\Zune\zuneresources.dll,-286|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{C33C3215-8531-4FD0-BA0A-9E08C1BCD28D}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-283|Desc=@C:\Program Files\Zune\zuneresources.dll,-284|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{90A092F4-9DCD-416C-8564-D77C78A01720}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=ssdpsrv|Name=@C:\Program Files\Zune\zuneresources.dll,-281|Desc=@C:\Program Files\Zune\zuneresources.dll,-282|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{B9B3B8EF-086D-48B1-B5A1-641207C1EE4F}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=ssdpsrv|Name=@C:\Program Files\Zune\zuneresources.dll,-279|Desc=@C:\Program Files\Zune\zuneresources.dll,-280|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{37C5A22F-E9B6-4918-8098-12E65F8D892B}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-277|Desc=@C:\Program Files\Zune\zuneresources.dll,-278|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{7D6AB01D-073A-4A8E-B434-D04CE7D655E2}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-275|Desc=@C:\Program Files\Zune\zuneresources.dll,-276|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{A2451654-7295-466A-91DB-FF86B701504B}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-273|Desc=@C:\Program Files\Zune\zuneresources.dll,-274|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{5A40C919-3D45-43FE-8BFF-B29BE1CFFF1C}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-271|Desc=@C:\Program Files\Zune\zuneresources.dll,-272|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{6ACE49B3-6964-4A26-AC72-4E15EC3046FF}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-297|Desc=@C:\Program Files\Zune\zuneresources.dll,-298|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{B99E6EAA-F704-4E41-B62C-4FA4AF0F9BC5}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-295|Desc=@C:\Program Files\Zune\zuneresources.dll,-296|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{E70C35D9-62B2-420A-B429-262D68CAB4FB}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-293|Desc=@C:\Program Files\Zune\zuneresources.dll,-294|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{31C2C3AF-DEC4-483F-9979-8751FEA05E78}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|App=%ProgramFiles%\Zune\ZuneNSS.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-291|Desc=@C:\Program Files\Zune\zuneresources.dll,-292|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{C903DFDC-0E7F-425E-B434-C078D2E1ACA4}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=10243|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-289|Desc=@C:\Program Files\Zune\zuneresources.dll,-290|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{56DAE0E6-E41A-4CE8-9DB4-AEC90C0DC409}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=10243|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-287|Desc=@C:\Program Files\Zune\zuneresources.dll,-288|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{2FD991A6-ECAD-4596-B014-F086D8203EC6}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-285|Desc=@C:\Program Files\Zune\zuneresources.dll,-286|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{DEA969CD-3893-40C1-AE1D-CBA27D9B9775}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2869|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-283|Desc=@C:\Program Files\Zune\zuneresources.dll,-284|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{19770BD5-B190-4940-8283-60E328CC0760}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|RPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-277|Desc=@C:\Program Files\Zune\zuneresources.dll,-278|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{78EA1C57-7BB0-4E54-B46C-9D93034C1FCA}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-275|Desc=@C:\Program Files\Zune\zuneresources.dll,-276|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{D8D4E1CD-BC87-4AC9-AF90-7449A34035ED}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-273|Desc=@C:\Program Files\Zune\zuneresources.dll,-274|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{2D52E3DD-67FF-48C8-AFE5-4399ADEA212A}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Domain|LPort=2177|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@C:\Program Files\Zune\zuneresources.dll,-271|Desc=@C:\Program Files\Zune\zuneresources.dll,-272|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-270| "{00151BA2-9BCA-411D-A89A-946D0F577931}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\wudfhost.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-312|Desc=@C:\Program Files\Zune\zuneresources.dll,-313|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{5A0EFCE5-506E-443D-BB39-74192BB7DAC7}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\wudfhost.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-312|Desc=@C:\Program Files\Zune\zuneresources.dll,-313|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{3B834E9F-9F7E-450A-B96F-C4BC032D1F7A}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=upnphost|Name=@C:\Program Files\Zune\zuneresources.dll,-310|Desc=@C:\Program Files\Zune\zuneresources.dll,-311|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{31C57CDA-8555-4E2C-B2AE-7E5705BB82BC}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-308|Desc=@C:\Program Files\Zune\zuneresources.dll,-309|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{F48FB835-41B4-424E-9150-7A9670A50CD9}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-306|Desc=@C:\Program Files\Zune\zuneresources.dll,-307|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{F6AADA57-09B0-428B-AA23-A09F15473403}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-308|Desc=@C:\Program Files\Zune\zuneresources.dll,-309|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{6631AA52-42A1-401A-9CC0-A54D57DA6B1D}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=2869|App=System|Name=@C:\Program Files\Zune\zuneresources.dll,-306|Desc=@C:\Program Files\Zune\zuneresources.dll,-307|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{E88C1210-9D75-4DC1-96C9-884F78D0884C}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%ProgramFiles%\Zune\Zune.exe|Name=@C:\Program Files\Zune\zuneresources.dll,-302|Desc=@C:\Program Files\Zune\zuneresources.dll,-303|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{0509F8B0-8C37-4138-AE4B-FBC8CFB564CB}"=v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=ssdpsrv|Name=@C:\Program Files\Zune\zuneresources.dll,-304|Desc=@C:\Program Files\Zune\zuneresources.dll,-305|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{CE24C1D0-FEA6-4D28-87CB-4A767FD61A00}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=ssdpsrv|Name=@C:\Program Files\Zune\zuneresources.dll,-302|Desc=@C:\Program Files\Zune\zuneresources.dll,-303|EmbedCtxt=@C:\Program Files\Zune\zuneresources.dll,-301| "{92FCE4DE-2F97-4B0F-8DDD-C167D7B44607}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{4A8DE1DD-A7FD-44E6-AE86-738340008457}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{72840CDD-9902-4821-8FFB-DA5E35C29ED4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C2BEC945-BA53-4D51-ACA4-2A2D4CC91A94}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{1CFC94F4-9E5C-46B6-B401-199D9A2092AC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{B90A6ADC-F415-48A8-B12A-B9C539939918}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F73F1CDC-E4DD-4BFF-9D34-E2BDD6044420}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B41E679D-A239-4DEF-93DB-1E09226EF086}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{B7E02A35-99AB-41EA-9BE1-75794CCFF9FE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{0269F283-FBC1-47E7-9C76-874EE41B23A8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{4086413F-BF39-4A02-B684-B8C57863BE98}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{BA97F3EC-BFEE-4B9D-A80B-C2471EDDBBB0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{8D70EEAC-2A8F-4D2F-97CA-5D6644006897}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F884CAD4-86DF-4549-8BA1-1DBAE1990BCA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{DBE88982-2E62-44D9-9646-2F6A70B38F32}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{55A8EE76-75B3-458D-A768-C54AD510A062}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{BF7DFDFA-8A8E-47D8-AA94-E5F995DF7A38}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{90F7B91B-5E01-42F0-97BC-F34345C90517}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B9344AB2-A1B3-4B06-93EB-8F7567A004FA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{BFBBB4E1-7FE0-48F5-B4DA-2D2CE92D514B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{0A18ED23-C268-4187-9BD2-1E3C14FDE8B0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F8FF1F14-BAA8-4DC4-A318-99E242E10534}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{44EAC0A7-025A-4658-AAB3-7792CF1114EC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{80516C8A-F328-4A67-8789-76E5D2D5CC7C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{FBC06497-17AF-49B1-B044-53E5E51AFCBF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{6AD171EB-2C4A-49D0-9C8B-D6238CF70196}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{51A0BE1E-DFAE-4902-B011-E31735717D55}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{A20D91C3-B771-4808-8D5D-B7B3E8863ECA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{0AA12883-FF01-4961-8FFC-32B2653C3CE6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{3871F6B5-7F2C-4F21-9729-60D29F036894}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{56D3F87D-FF65-461B-AA54-AA404711B58A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{3309BCB8-C321-4E7F-B056-1E83ABF1C6A0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{6C3EF93D-985E-4E86-A47B-5B5483509623}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F0B715F4-45E7-455C-9B5F-EE873F1F08F5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{3EDD5570-565D-402C-AE05-02928AA9B415}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{1E44DC46-D83D-47B6-B5EC-998893DF9B9C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{1C7846B6-A5EF-44BA-A445-B3ECB1A5A0EF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{A9AE3975-748A-4493-8944-855581AB11DB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C9322D55-7595-4B5B-A139-71061CD4CBA3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{44BE4255-2294-455D-8D84-B0656FE390C3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C8F61E29-E0B9-4E1D-AD9C-5C28D404E796}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{42941573-2074-476D-8D5E-0CF65EA1CBFB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{8573C723-A3DF-438B-A019-99343519CC13}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{4E69C73C-5A0E-43DF-A88A-B93239BD8381}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{91C37169-F401-4485-9D73-80FD0B845906}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{95F3BEFC-5DCF-4454-BE85-A36B4AA5C521}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{FBB003C4-BE2D-4993-8B34-E3968553DAC4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{F12F458A-04BE-4254-944E-A2864F7B7AFF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{C7A70DF7-7792-41A3-8BB4-442328DF6666}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{18C35C7D-4BEE-425D-AD8D-CFA9E76402EB}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1F820C70-2E1F-4100-9252-E7B43C2D8AB7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{E39D595A-1089-425D-8C71-CDB7A5729CDA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{2816755A-5B0D-4F81-A759-CAECD52F9257}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{BAC5DD54-DAA3-4BC2-95E0-EA008B176727}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{3E1B4750-33DD-4641-85BF-31C61A23A64C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{03EC9C4E-4A31-49FD-911B-9E1E6DD83B05}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{07199295-1A18-4432-8231-A6A6BD3F1B94}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{2B67F417-9CFC-471E-BBB7-ABDE2E355879}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{4FF78C95-CA0D-4823-807F-906B8BFB0D73}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{01A941C7-FEDA-48CF-9C98-79538EBCA3FF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B3745FCA-973E-43C8-A045-DB5063092208}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{EE00CCEF-3CE6-4E01-A8E2-9DDA1745FC4F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{458D3941-32BF-4BEE-BAF4-8F6D848334C2}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{1E3D1FB8-F400-4E8A-9D1E-EAEF52DEB541}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{02E3C138-CAE2-4021-B29C-C497DF2079BC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{F0305BF0-F3BB-4B49-BBBE-69FC36C248ED}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{97859AD9-C62A-4862-898A-5AAF82FBD699}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{FD3E86F3-780E-42AA-8BFD-A67213CF252C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{F45AE104-C3DC-4947-9FA3-7503D1FC2297}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{E2F4A92B-89D9-4C62-944D-8CF2B11FE4F7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=WindowsDVDPlayer|Desc=@{Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsDVDPlayer/resources/IDS_DVDPLAYER_APP_DESCRIPTION}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-494306191-403223751-685396099-4274694484-3538043412-2548233107-2872311217|EmbedCtxt=WindowsDVDPlayer|Platform=2:6:2|Platform2=GTEQ| "{44283E79-930C-484B-9051-E0F85692F84B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{52F829D9-1443-4B37-8489-100F5E2DE2D4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{C6AFD9AF-8374-4157-A4BB-500FD2CA857A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{DD43B649-3538-4EB1-B1BA-947B26728F2D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{0C270B5E-7916-41E4-892B-06C00425A207}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F967D25C-0A65-42F4-A052-ED95CDAC7071}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A3DD8E39-074B-4588-B39D-3BCD16E55EEC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{5605D9BE-0A4F-4806-8A72-51AFDFB8F027}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{ED599B35-D94C-4FB1-B5B6-84371D77731D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{CD54DACA-69A6-4560-9498-3D769D030FCD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{93A26839-2CD9-4DB6-849C-4CDEB316FEEC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{F68C4966-F224-45DD-83F8-AB1CCE25B419}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{06496A54-2594-4988-BF6D-C4E11B9F9C72}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{5107BAC7-0E6F-437A-97C1-8C0ED660D66E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A884D153-8C98-4E1C-BCBC-76CE292A1FAE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{2CA3D0F8-C047-43C4-9A5B-598F7BD89210}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{A6E279BA-DA9C-4A6C-B2AC-DFC564A38DD5}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{6BDD185E-AFB3-4CC0-82D4-849EACA5DAF3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{685154BD-D83F-4AE5-993A-04A5F3535BE2}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-500|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{43E96446-9133-43C0-8769-A90534C3B92C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{539906EE-9234-4166-860D-F68E50618311}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2602208218-2662133878-2470281216-1000|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Stef\Desktop\quickdiag_2_17.07.2016.1.exe"=C:\Users\Stef\Desktop\quickdiag_2_17.07.2016.1.exe:*:Enabled:quickdiag_2_17.07.2016.1 "C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe"=C:\Users\Stef\Desktop\quickdiag_2_28.07.2016.1.exe:*:Enabled:quickdiag_2_28.07.2016.1 ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1169ec26-0cff-41fb-8d18-1d0ec75d68b0}] : (WMZUNEUSBSER) [] -> @oem4.inf,%DeviceClass%;Windows Phone USB Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{76F9ABD8-2CB5-4D55-B2DD-1082752E0D32}] : (uxstyle) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9a6a2017-f06c-4343-891c-abd77befa30b}] : (IWB) [] -> @oem2.inf,%INTERACTIVE_WHITEBOARD%;Interactive Whiteboards [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [10/06/2016 01:46:19] - (15.0.15.46) - (Avira Operations GmbH & Co. KG - Avira Manager Driver) - C:\WINDOWS\system32\DRIVERS\avkmgr.sys [10/06/2016 01:46:18] - (15.0.18.304) - (Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement) - C:\WINDOWS\system32\DRIVERS\avipbb.sys [08/12/2014 11:24:36] - (5.1.20.0) - (MediaTek Inc. - MediaTek 802.11n Wireless Adapter Driver) - C:\WINDOWS\system32\DRIVERS\WNDA3100v3.sys [18/07/2016 07:28:45] - (5.1.2.248) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\WINDOWS\System32\ATMFD.DLL [10/06/2016 01:46:18] - (15.0.18.303) - (Avira Operations GmbH & Co. KG - Avira Minifilter Driver) - C:\WINDOWS\system32\DRIVERS\avgntflt.sys [10/06/2016 01:46:19] - (15.0.17.269) - (Avira Operations GmbH & Co. KG - Avira WFP Network Driver) - C:\WINDOWS\system32\DRIVERS\avnetflt.sys [15/07/2016 22:18:48] - (1.0.0.0) - (ASRock Incorporation - ASRock IO Driver) - C:\Windows\SysWOW64\Drivers\AsrDrv101.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys S0 - ADP80XX () -> System32\drivers\ADP80XX.SYS S0 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys S0 - amdsata () -> System32\drivers\amdsata.sys S0 - amdsbs () -> System32\drivers\amdsbs.sys S0 - amdxata () -> System32\drivers\amdxata.sys S0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys S0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys S0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys S0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys S0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys S0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys S0 - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys S0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys S0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys S0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys S0 - intelide () -> System32\drivers\intelide.sys S0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys S0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys S0 - LSI_SAS () -> System32\drivers\lsi_sas.sys S0 - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys S0 - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys S0 - LSI_SSS () -> System32\drivers\lsi_sss.sys S0 - megasas () -> System32\drivers\megasas.sys S0 - megasr () -> System32\drivers\megasr.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys S0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys S0 - nvraid () -> System32\drivers\nvraid.sys S0 - nvstor () -> System32\drivers\nvstor.sys S0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys S0 - pciide () -> System32\drivers\pciide.sys S0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys S0 - percsas2i () -> System32\drivers\percsas2i.sys S0 - percsas3i () -> System32\drivers\percsas3i.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys S0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys S0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys S0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys S0 - stexstor () -> System32\drivers\stexstor.sys R0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys S0 - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys S0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys S0 - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys S0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys S0 - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys S0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys S0 - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys S0 - vsmraid () -> System32\drivers\vsmraid.sys S0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys R0 - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys R0 - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - avipbb (avipbb) -> \SystemRoot\system32\DRIVERS\avipbb.sys R1 - avkmgr (avkmgr) -> \SystemRoot\system32\DRIVERS\avkmgr.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - Beep (Beep) -> (?) R1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys R1 - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys R1 - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys R1 - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys S2 - AntiVirMailService (Avira Protection e-mail) -> C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe R2 - AntiVirSchedulerService (Avira Planificateur) -> "C:\Program Files (x86)\Avira\Antivirus\sched.exe" R2 - AntiVirService (Avira Protection temps réel) -> "C:\Program Files (x86)\Avira\Antivirus\avguard.exe" S2 - AntiVirWebService (Avira Protection Web) -> C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe R2 - AppHostSvc (@%windir%\system32\inetsrv\iisres.dll,-30011) -> %windir%\system32\svchost.exe -k apphost R2 - ASRockIOMon (ASRock IO Monitor Service) -> C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe R2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avgntflt (avgntflt) -> system32\DRIVERS\avgntflt.sys R2 - Avira.ServiceHost (Avira Service Host) -> "C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe" R2 - avnetflt (avnetflt) -> \SystemRoot\system32\DRIVERS\avnetflt.sys R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - CoreMessagingRegistrar (@%SystemRoot%\system32\coremessaging.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService S2 - DoSvc (@%systemroot%\system32\dosvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - DPS (Service de stratégie de diagnostic) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService S2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) -> %SystemRoot%\system32\igfxCUIService.exe R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MapsBroker (@%SystemRoot%\System32\moshost.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys R2 - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys R2 - MSMQ (@mqutil.dll,-6102) -> %systemroot%\system32\mqsvc.exe R2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys S2 - Netlogon (Netlogon) -> %systemroot%\system32\lsass.exe R2 - NetMsmqActivator (@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195) -> "%systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator R2 - NetPipeActivator (@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197) -> %systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe R2 - netprofm (Service Liste des réseaux) -> %SystemRoot%\System32\svchost.exe -k LocalService S2 - NetTcpActivator (@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199) -> %systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService S2 - OneSyncSvc (@%SystemRoot%\system32\APHostRes.dll,-10002) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup R2 - OneSyncSvc_2263cc (Hôte de synchronisation_2263cc) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_22d18a (Hôte de synchronisation_22d18a) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_24d5fe (Hôte de synchronisation_24d5fe) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_29dccb (Hôte de synchronisation_29dccb) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2f3dbb (Hôte de synchronisation_2f3dbb) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3a28da (Hôte de synchronisation_3a28da) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_42d526 (Hôte de synchronisation_42d526) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_51d5b3e (Hôte de synchronisation_51d5b3e) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_67fa3c (Hôte de synchronisation_67fa3c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_df1e9 (Hôte de synchronisation_df1e9) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_ec7aabf (Hôte de synchronisation_ec7aabf) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys R2 - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - tiledatamodelsvc (@%SystemRoot%\system32\tileobjserver.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel R2 - UserManager (@%systemroot%\system32\usermgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - VSS (Cliché instantané des volumes) -> %systemroot%\system32\vssvc.exe R2 - W3SVC (@%windir%\system32\inetsrv\iisres.dll,-30003) -> %windir%\system32\svchost.exe -k iissvcs R2 - wanarp (@%systemroot%\system32\rascfg.dll,-32011) -> System32\DRIVERS\wanarp.sys R2 - Wcmsvc (Gestionnaire des connexions Windows) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - Wecsvc (Collecteur d’événements de Windows) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - WerSvc (Service de rapport d’erreurs Windows) -> %SystemRoot%\System32\svchost.exe -k WerSvcGroup R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - WlanSvc (Service de configuration automatique WLAN) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted S2 - wlidsvc (Assistant Connexion avec un compte Microsoft) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted S2 - wuauserv (Windows Update) -> %systemroot%\system32\svchost.exe -k netsvcs ---------- | System files (Microsoft Files whitelisted) [MD5.2C5B3035B86770ADD2FE9BFBAF5B35A4] - [30/10/2015 09:17:22] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.F7D0CD345D2DA42E7042ABCD73662403] - [30/10/2015 09:17:22] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.5B30BCFE6E02E45D3EE268FF001BC5E0] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.F20B30F35A5C7888441B4DCA001ECF8E] - [30/10/2015 09:17:22] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.AFE838D7576C581D6483529621AB10CC] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E3FE8F610B1CC12BC3B2E6BC43DC97E2] - [30/10/2015 09:17:22] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.AA0F13E719C3C527287AD87E9205F4D9] - [10/06/2016 01:46:18] - (.Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors - Avira Minifilter Driver.) - [141.27 Ko] - (15.0.18.303) - C:\WINDOWS\System32\Drivers\avgntflt.sys [MD5.9039B209BA877AF088288DB83C18D3D8] - [10/06/2016 01:46:18] - (.Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors - Avira Driver for Security Enhancement.) - [150.77 Ko] - (15.0.18.304) - C:\WINDOWS\System32\Drivers\avipbb.sys [MD5.79F7741A773FF194EEC64A8161AE26D5] - [10/06/2016 01:46:19] - (.Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors - Avira Manager Driver.) - [34.66 Ko] - (15.0.15.46) - C:\WINDOWS\System32\Drivers\avkmgr.sys [MD5.899D89FDF015BBAF628076987D74C295] - [10/06/2016 01:46:19] - (.Copyright © 2016 Avira Operations GmbH & Co. KG and its Licensors - Avira WFP Network Driver.) - [76.38 Ko] - (15.0.17.269) - C:\WINDOWS\System32\Drivers\avnetflt.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.6447BA6FA709514B6C803D159B4C7D1E] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.491275B864B704B54EC08168344E0F38] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2014-2015 QLogic Corporation - QLogic 10 GigE VBD.) - [3356.34 Ko] - (7.12.2.3) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.2BB3EAE2EA641515D4B205CAB29E1624] - [11/01/2013 20:02:34] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [63.11 Ko] - (9.0.0.1287) - C:\WINDOWS\System32\Drivers\HECIx64.sys [MD5.FF442DCDCE1F6E9FAA9C8AD0CD1D199B] - [30/10/2015 09:17:22] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [30/10/2015 09:17:18] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.59A20F5AD9F4AE54098154359519408E] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [162 Ko] - (30.63.1519.7) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.6B0029A0253098CCE28EACCFDB9E7208] - [30/10/2015 09:17:22] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.9652E1E35A92D8C75710C17A63B15796] - [30/10/2015 09:17:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.FFADF691F7BF727AF5C863454A372723] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [414.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.DCADFA880DF77BB103F7A034A4B33577] - [27/05/2016 15:50:52] - (.Copyright (c) 1998-2014 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [7750.59 Ko] - (20.19.15.4444) - C:\WINDOWS\System32\Drivers\igdkmd64.sys [MD5.961F28D879D345BFA50AF51285C90F2E] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.6BFB8D1B3407518BE06B6F81F92FA0F5] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [102.34 Ko] - (2.0.76.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.BE0E47988D78F731DEC2C0CB03E765CB] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [96.84 Ko] - (2.50.96.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.F99BF02BE9219986817BF094981EEB18] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.2ED29B635F35E31A1C0D3DDB7DD2AD03] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.22E3CB85870879CBAE13C5095A8B12E3] - [30/10/2015 09:17:23] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.D41920FBFFF2BBCBBC69A5B383AD022E] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [688.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.218705233D02776AE4D19CC37D985C1B] - [30/10/2015 09:17:23] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.B57CE307DA101C739885B7CC0678077F] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [74.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.604D27CC38CC23493F218D0BB834B3FF] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.8B50D897657AB4A15FD9E251BBF7D107] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.1398A85E59698067CBBE1D66A9C13ADF] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2014 - MEGASAS RAID Controller Driver for Windows.) - [56.84 Ko] - (6.803.21.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.35F7C7AD709D909D618D9EDF987FC3ED] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.602.12.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.49DAA2790DA0276FBAE738532E9894E0] - [30/05/2016 08:43:20] - (.Copyright (C) 2016 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver .) - [1004.25 Ko] - (7.99.311.2016) - C:\WINDOWS\System32\Drivers\Rt64win7.sys [MD5.3A2D6740F51BE48C0FD01AD907329DEE] - [29/05/2016 22:44:31] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [4391.21 Ko] - (6.0.1.7541) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.ABBE803FE0BDAE0E5BE74DDEFBE62F23] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.6043DF55CFE3C7ACF477645FA64DEA98] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.CCDA497C880AD16D87EDFAEFCFB2EDF5] - [30/10/2015 09:17:23] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [16/07/2016 01:12:12] - (.-.) - [27.61 Ko] - (2.0.2.0) - C:\WINDOWS\System32\Drivers\TrueSight.sys [MD5.D48ED0A08BD2FD25A833E6AC99623091] - [30/10/2015 09:17:23] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.6990D4AFDF545669D4E6C232F26DE1FB] - [30/10/2015 09:17:23] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.4A53441C1C4D2878BEF27E381138BB2D] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [26.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.40A3E8D729F458B2C9A8BD9380FF83D5] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [57.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winverbs.sys [MD5.099E476B28B6BAA4B8209155564472AA] - [08/12/2014 11:24:36] - (.MediaTek Inc. (C)2014. - MediaTek 802.11n Wireless Adapter Driver.) - [2170.64 Ko] - (5.1.20.0) - C:\WINDOWS\System32\Drivers\WNDA3100v3.sys [MD5.1A234F4643F5658BAB07BFA611282267] - [15/07/2016 22:18:48] - (.Copyright (C) 2012 ASRock Incorporation - ASRock IO Driver.) - [21.76 Ko] - (1.0.0.0) - C:\WINDOWS\Syswow64\Drivers\AsrDrv101.sys ---------- | Uninstall [HKU\S-1-5-21-2602208218-2662133878-2470281216-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PhotoFiltre 7] : (PhotoFiltre 7.-.) -> "C:\Program Files (x86)\PhotoFiltre 7\Uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\376CE0557162AC1F5761974A89A98C28B707E008] : (Package de pilotes Windows - Virtual Ink (WinUSB) IWB (03/12/2007 2.0.0.1).-.Virtual Ink) -> C:\PROGRA~1\DIFX\0169CE~1\DPInst64.exe /u C:\Windows\System32\DriverStore\FileRepository\mimio.inf_amd64_neutral_4527139688c87e5d\mimio.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.40 beta 3 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180101F0}] : (Java 8 Update 101 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180101F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180102F0}] : (Java 8 Update 102 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180102F0} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D81CC3B6-4A88-4617-9E95-1EDF81984F90}] : (Classic Shell.-.IvoSoft) -> MsiExec.exe /X{D81CC3B6-4A88-4617-9E95-1EDF81984F90} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 22 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Audacity®_is1] : (Audacity 2.1.1.-.Audacity Team) -> "C:\Program Files (x86)\Audacity\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avira Antivirus] : (Avira Antivirus.-.Avira Operations GmbH & Co. KG) -> C:\Program Files (x86)\Avira\Antivirus\setup.exe /REMOVE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FastStone Capture] : (FastStone Capture 5.3 (French).-.FastStone Soft) -> C:\Program Files (x86)\FastStone Capture\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{60C50FCC-545B-4D5D-B0D1-4A773143BCE7}] : (NETGEAR WNDA3100v3 Genie.-.NETGEAR) -> "C:\Program Files (x86)\InstallShield Installation Information\{60C50FCC-545B-4D5D-B0D1-4A773143BCE7}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rainmeter] : (Rainmeter.-.) -> C:\Program Files\Rainmeter\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Revo Uninstaller] : (Revo Uninstaller 1.95.-.VS Revo Group) -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{10CD364B-FFCC-48BE-B469-B9622A033075}] : (.-.) -> C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}\UE4PrereqSetup_x64.exe" /uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60C50FCC-545B-4D5D-B0D1-4A773143BCE7}] : (NETGEAR WNDA3100v3.-.NETGEAR) -> MsiExec.exe /I{60C50FCC-545B-4D5D-B0D1-4A773143BCE7} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92a7fd6b-31e5-472f-862e-79214c5032ef}] : (Avira Launcher.-.Avira Operations GmbH & Co. KG) -> "C:\ProgramData\Package Cache\{92a7fd6b-31e5-472f-862e-79214c5032ef}\Avira.OE.Setup.Bundle.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}] : (Avira Browser Safety.-.Avira Operations GmbH & Co KG) -> MsiExec.exe /I{9E10EA90-5E97-43B7-A246-FC7B4F5E9493} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A6634D1D-EA57-45DE-AF8F-0EDD35B912C3}] : (Avira Launcher.-.Avira Operations GmbH & Co. KG) -> MsiExec.exe /X{A6634D1D-EA57-45DE-AF8F-0EDD35B912C3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 ---------- | Installer [HKCR\Installer\Products\09AE01E979E57B342A64CFB7F4E54939] : Avira Browser Safety -> C:\Windows\Installer\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}\icon.ico [HKCR\Installer\Products\0BCB047636854F74084F443F49EDF42E] : Zune Language Pack (NLD) [HKCR\Installer\Products\192E39C5CC1A15E4586C1E4902F9DC4B] : Zune Language Pack (PTG) [HKCR\Installer\Products\1A0A0698A5BBE97429FC56BAD986B434] : Zune Language Pack (PLK) [HKCR\Installer\Products\1B33D86C4020EBE4CB546A4E231B1DA3] : Zune Language Pack (FRA) [HKCR\Installer\Products\1E938C154EB277E41AABCCAED5FA7A14] : Zune Language Pack (KOR) [HKCR\Installer\Products\4770784BA3F59D64D9EF60BF55992EB6] : Zune Language Pack (FIN) [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110100F] : Java 8 Update 101 (64-bit) -> C:\Program Files\Java\jre1.8.0_101\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110200F] : Java 8 Update 102 (64-bit) -> C:\Program Files\Java\jre1.8.0_102\\bin\javaws.exe [HKCR\Installer\Products\65D15C75782B11C41929CEC364FE674A] : Zune Language Pack (RUS) [HKCR\Installer\Products\6B3CC18D88A47164E959E1FD1889F409] : Classic Shell -> C:\WINDOWS\Installer\{D81CC3B6-4A88-4617-9E95-1EDF81984F90}\icon.ico [HKCR\Installer\Products\6C91EB6C201B83042B6AC1138327BD4B] : Zune Language Pack (HUN) [HKCR\Installer\Products\793DFED521043C646BAD8E10E3667027] : Zune Language Pack (NOR) [HKCR\Installer\Products\833211B880B21584FA487EAC7DC4BE23] : Zune Language Pack (DAN) [HKCR\Installer\Products\895EEE7012F575B44BB0649562523B9D] : Zune Language Pack (PTB) [HKCR\Installer\Products\8AE35A5AE11A0F94DB5FEA3546623AA1] : Zune Language Pack (CHT) [HKCR\Installer\Products\8DFFD9A290E419B49B755484500B7D4C] : Zune Language Pack (CHS) [HKCR\Installer\Products\956A9853237F56E48AA945833C235ED9] : Zune Language Pack (ELL) [HKCR\Installer\Products\9C187A8D2983E2E4390284C08F69FCBB] : Zune Language Pack (JPN) [HKCR\Installer\Products\9F3ECE29E19521C4A8269BCF3EB86F64] : Zune Language Pack (IND) [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A9D632EBCE2571A428AD485BAE3DE1E3] : Zune Language Pack (DEU) [HKCR\Installer\Products\AFF73D5C3847B01489B2199EF33D7BAD] : Zune Language Pack (ITA) [HKCR\Installer\Products\B05E2F8A2E6869D4B92D7985CB6C9F3B] : Zune Language Pack (CSY) [HKCR\Installer\Products\B603AB670AA20C74BAB63F31BA651C63] : Zune Language Pack (MSL) [HKCR\Installer\Products\B84657B903C6D0A4D96ED0902DA05F5A] : Zune [HKCR\Installer\Products\C3C8BC2FE9C9BAF409765665105C7F84] : Windows Mobile Device Updater Component [HKCR\Installer\Products\CCF05C06B545D5D40B1DA4771334CB7E] : NETGEAR WNDA3100v3 -> C:\WINDOWS\Installer\{60C50FCC-545B-4D5D-B0D1-4A773143BCE7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D1D4366A75AEED54FAF8E0DD539B213C] : Avira Launcher [HKCR\Installer\Products\DC139BE6AD7A44A47BA4988CBE0580F6] : Zune Language Pack (SVE) [HKCR\Installer\Products\E29433B6CBBF3CE47883901EE693A501] : Zune Language Pack (ESP) [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FC5DAE63FE44FCF4B81E9DC684537D4A] : UE4 Prerequisites (x64) -> C:\Windows\Installer\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}\Setup.ico ---------- | ADS @C:\ProgramData\Microsoft:Win32App_1 ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 100M Yes No 2,048 204,800 1 1 07-NTFS 953G No No 206,848 952,391,168 2 2 27-UNKNWN 450M No No 952,598,016 921,600 ---------- | MBR Windows Version: Professional Windows Information: (build 9200), 64-bit Base Board Manufacturer: ASRock BIOS Manufacturer: American Megatrends Inc. System Manufacturer: To Be Filled By O.E.M. System Product Name: To Be Filled By O.E.M. Logical Drives Mask: 0x000000cc Analysis of file "C:\QuickDiag\MBR.bin": Windows 7 MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog svchost (1196) SRUJet: L’erreur -1811 (0xfffff8ed) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\SRU\SRU00013.log. ------------ Nom de l’application défaillante ShellExperienceHost.exe, version : 10.0.10586.494, horodatage : 0x5775e94c Nom du module défaillant : Windows.UI.Xaml.dll, version : 10.0.10586.494, horodatage : 0x5775e900 Code d’exception : 0xc000027b Décalage d’erreur : 0x00000000006fd01b ID du processus défaillant : 0x27c Heure de début de l’application défaillante : 0x01d1ea661ce72461 Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Chemin d’accès du module défaillant: C:\Windows\System32\Windows.UI.Xaml.dll ID de rapport : 2e0996b2-85e9-45e7-b98e-6164c845434f Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Nom de l’application défaillante dwm.exe, version : 10.0.10586.0, horodatage : 0x5632d756 Nom du module défaillant : dwmcore.dll, version : 10.0.10586.494, horodatage : 0x5775e327 Code d’exception : 0xc0000602 Décalage d’erreur : 0x00000000000d04ff ID du processus défaillant : 0x3f4 Heure de début de l’application défaillante : 0x01d1ea3b9db252c7 Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\dwm.exe Chemin d’accès du module défaillant: C:\WINDOWS\system32\dwmcore.dll ID de rapport : e60aa0fa-3a12-4075-bed2-0e6f98d6c424 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Le programme ShellExperienceHost.exe version 10.0.10586.494 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : cc4 Heure de début : 01d1e8d65cb1dff9 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe ID de rapport : 8d17dcad-54e9-11e6-a3c1-ee8ba27d0728 Nom complet du package défaillant : Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy ID de l'application relative au package défaillant : App ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ svchost (1308) SRUJet: L’erreur -1811 (0xfffff8ed) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\SRU\SRU00005.log. ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Le fichier de clé ne contient pas de licence valide. Le service va être arrêté. ------------ Le fichier de clé ne contient pas de licence valide. Le service va être arrêté. ------------ Le fichier de clé ne contient pas de licence valide. Le service va être arrêté. ------------ Le fichier de clé ne contient pas de licence valide. Le service va être arrêté. ------------ Le fichier de clé ne contient pas de licence valide. Le service va être arrêté. ------------ ----------( EOF)---------- - 3741 | 00:23:20