--------------- QuickDiag | g3n-h@ckm@n | V3_22.01.17.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 22/01/2017 11:04:25

Updated 22/01/2017 | 03.15 by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[F-cay (Administrator)] - [FCAY] (S-1-5-21-2223247258-1722811853-2886010316-1001)

System: Microsoft Windows 10 Famille - - (10.0.14393) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4
Boot : Normal boot
PC: CM6330_CM6630_CM6730_CM6830-8 - ASUSTeK Computer INC. - IdNumber: D1PDCG001AU8 - UUID: 306D1CA0-D7DA-11DD-971B-60A44C242B73
Processor : X64 - 3093 Mhz - Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
0404 - en|US|iso8859-1 - American Megatrends Inc. - S/N: D1PDCG001AU8 - 0404 - ALASKA - 1072009
CoreTemp : 29.8 Celsius

----------| Quick


---------- | SoundDevice

Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_10438444&REV_1003\4&C43E6D5&0&0001
NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0042&SUBSYS_104383E2&REV_1001\5&10078B98&0&0001

---------- | Video

NVIDIA GeForce GT 630 - Resolution: 1680x1050 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvd3dumx,C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvwgf2umx,C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvwgf2umx,C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvwgf2umx,C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvd3dum,C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvwgf2um,C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvwgf2um,C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_0FC2&SUBSYS_83E21043&REV_A1\4&10698843&0&0008 - AdapterCompatibility: NVIDIA - RAM: -2147483648
Inegrated Video Chipset DeviceName: NVIDIA GeForce GT 630 - DriverVersion: 21.21.13.6909 - SpecificationVersion: 1025

---------- | Codecs

c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25352 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34640 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 -  Manufacturer: Microsoft Corporation - Status: OK

---------- | CPU

CPU #1 value:20 %
CPU #2 value:44 %
CPU #3 value:1 %
CPU #4 value:44 %
Total Overall CPU Usage value:27 %

---------- | Network

ContrÃ´leur Realtek PCIe GBE Family : SENT:0 bytes/sec / RECVD:0 bytes/sec
Carte rÃ©seau sans fil 802.11n : SENT:0 bytes/sec / RECVD:0 bytes/sec
Realtek RTL8187 Wireless 802.11b_g 54Mbps USB 2.0 Network Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec
isatap.{E8EC74F2-0B6B-4451-8247-B14F6A8D70CC} : SENT:0 bytes/sec / RECVD:0 bytes/sec
isatap.orange-hotspot.com : SENT:0 bytes/sec / RECVD:0 bytes/sec

Overall -> SEND Maxium:27 bytes/sec,  /  RECEIVE Maximum:0 bytes/sec

Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter - Ethernet 802.3 - Realtek Semiconductor Corp. - Status: - PnPID : USB\VID_0BDA&PID_8187\00C0CA6CE9B6
Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000
ContrÃ´leur Realtek PCIe GBE Family - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_84321043&REV_06\4&1D7623A1&0&00E2
Carte rÃ©seau sans fil 802.11n - Ethernet 802.3 - Ralink Technology, Corp. - Status: - PnPID : PCI\VEN_1814&DEV_3090&SUBSYS_760111AD&REV_00\4&DDEC341&0&00E1
RAS Async Adapter - - - Status: - PnPID : 
Microsoft Hosted Network Virtual Adapter #2 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_SAP\7&29439D5A&1&17
Microsoft Hosted Network Virtual Adapter - - - Status: - PnPID : 
Microsoft ISATAP Adapter - - - Status: - PnPID : 
WAN Miniport (SSTP) - - - Status: - PnPID : 
WAN Miniport (IKEv2) - - - Status: - PnPID : 
WAN Miniport (L2TP) - - - Status: - PnPID : 
WAN Miniport (PPTP) - - - Status: - PnPID : 
WAN Miniport (PPPOE) - - - Status: - PnPID : 
WAN Miniport (IP) - - - Status: - PnPID : 
WAN Miniport (IPv6) - - - Status: - PnPID : 
WAN Miniport (Network Monitor) - - - Status: - PnPID : 
Microsoft ISATAP Adapter - - - Status: - PnPID : 
Microsoft ISATAP Adapter #3 - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\ISATAP_2
Microsoft ISATAP Adapter #4 - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\ISATAP_3
Microsoft Wi-Fi Direct Virtual Adapter - - - Status: - PnPID : 

---------- | Memory

RAM = Total (MB) : 8340 | Free (MB) : 4951
Pagefile = Total (MB) : 9650 | Free (MB) : 6154
Virtual = Total (MB) : 4194 | Free (MB) : 3956

Physical Memory 0 : Capacity: 8589934592 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: Kingston - PartNumber: ASU16D3LU1KBG/8G  - S/N: 2A28B0CE

---------- | SID Users

Administrateur : [S-1-5-21-2223247258-1722811853-2886010316-500]
DefaultAccount : [S-1-5-21-2223247258-1722811853-2886010316-503]
F-cay : [S-1-5-21-2223247258-1722811853-2886010316-1001]
HomeGroupUser$ : [S-1-5-21-2223247258-1722811853-2886010316-1018]
InvitÃ© : [S-1-5-21-2223247258-1722811853-2886010316-501]
UpdatusUser : [S-1-5-21-2223247258-1722811853-2886010316-1014]
Administrateurs : [S-1-5-32-544]
IIS_IUSRS : [S-1-5-32-568]
InvitÃ©s : [S-1-5-32-546]
Lecteurs des journaux dâÃ©vÃ©nements : [S-1-5-32-573]
System Managed Accounts Group : [S-1-5-32-581]
Utilisateurs : [S-1-5-32-545]
Utilisateurs de gestion Ã  distance : [S-1-5-32-580]
Utilisateurs de lâAnalyseur de performances : [S-1-5-32-558]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modÃ¨le COM distribuÃ© : [S-1-5-32-562]
HomeUsers : [S-1-5-21-2223247258-1722811853-2886010316-1017]
WinRMRemoteWMIUsers__ : [S-1-5-21-2223247258-1722811853-2886010316-1000]
__vmware__ : [S-1-5-21-2223247258-1722811853-2886010316-1002]

---------- | SystemAccounts

Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: DROITS DU PROPRIÃTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: SystÃ¨me - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Utilisateurs authentifiÃ©s - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: SERVICE RÃSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK

---------- | Drives

C:\ -> [Fixed] | [Windows] | Total : 149.56 Go | Free : 63.42 Go -> NTFS [SATA]
D:\ -> [Fixed] | [Data] | Total : 764.35 Go | Free : 712.5 Go -> NTFS [SATA]
E:\ -> [CDROM] | [Audio CD]

Disk Usage Information [1 total Physical Disks]

Physical Drive #0 [C:, D:] : Read:149,838 bytes/sec, Written:17,124 bytes/sec Max Read:149,838 bytes/sec, Max Write:17,124 bytes/sec 

Overall - Read Maximum:149,838 bytes/sec, Write Maximum:17,124 bytes/sec

DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 6 Part. - PnPID : SCSI\DISK&VEN_TOSHIBA&PROD_DT01ACA100\5&96B5FC1&0&000000

---------- | Windows updates

No detected update !!! 

Windows Is Activated

---------- | Browsers

IE : 11.0.14393.0     (Â© Microsoft Corporation. Tous droits rÃ©servÃ©s.)
FF : 50.1.0.6186     (Â©Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 55.0.2883.87     (Copyright 2016 Google Inc.)

Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1"

---------- | FlashPlayer

FlashPlayer ActiveX : 24.0.0.194
FlashPlayer Plugin : 23.0.0.207

---------- | Security

AV : Windows Defender Disabled
AS : Spybot - Search and Destroy Enabled
AM : Malwarebytes' Anti-Malware   ( 2.3.173.0)     [Update : 20/09/2014 14:55:45]
FW : WINDOWS Firewall
WMI : OK
WU: Windows Update Service [Manual(3)] = Running
AS: Windows Defender [Manual(3)] = stopped
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

372 | [Owner : SystÃ¨me | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.14393.0) = C:\Windows\System32\smss.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
648 | [Owner :  | Parent : 540() | ?????] - (.Microsoft Corporation - Application de dÃ©marrage de Windows.) - (10.0.14393.0) = C:\Windows\System32\wininit.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
744 | [Owner :  | Parent : 640() | ?????] - (.Microsoft Corporation - Application dâouverture de session Windows.) - (10.0.14393.594) = C:\Windows\System32\winlogon.exe     [11/01/2017 19:43:59]    CPU Usage:0 %
780 | [Owner :  | Parent : 648(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et ContrÃ´leur.) - (10.0.14393.479) = C:\Windows\System32\services.exe     [10/12/2016 08:53:18]    CPU Usage:0 %
788 | [Owner :  | Parent : 648(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.14393.187) = C:\Windows\System32\lsass.exe     [16/10/2016 07:36:55]    CPU Usage:0 %
892 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
956 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
556 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1052 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1160 | [Owner :  | Parent : 780(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 369.09.) - (8.17.13.6909) = C:\Windows\System32\nvvsvc.exe     [16/10/2016 06:43:54]    CPU Usage:0 %
1176 | [Owner :  | Parent : 780(services.exe) | ?????] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.2702) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe     [29/08/2013 18:27:28]    CPU Usage:0 %
1240 | [Owner :  | Parent : 1160(nvvsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.6909) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe     [16/10/2016 06:43:54]    CPU Usage:0 %
1332 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1328 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1400 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1444 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1892 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1940 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1928 | [Owner :  | Parent : 1892(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de pÃ©riphÃ©rique audio Windows.) - (10.0.14393.0) = C:\Windows\System32\audiodg.exe     [16/07/2016 12:42:22]    CPU Usage:0 %
2088 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
2360 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Application sous-systÃ¨me spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe     [28/10/2016 18:55:10]    CPU Usage:0 %
2636 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Update Service.) - (3.4.0.175) = C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe     [16/11/2015 17:43:30]    CPU Usage:0 %
2644 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Nuance Communications, Inc. - PDFPro IFilter Service.) - (12.1.11402.100) = C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe     [02/08/2011 15:47:26]    CPU Usage:0 %
2664 | [Owner :  | Parent : 780(services.exe) | ?????] - (.ASUSTeK Computer Inc. -.) - (0.1.0.18) = C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe     [11/12/2012 11:41:37]    CPU Usage:0 %
2672 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Apple Inc. - MobileDeviceService.) - (17.364.0.34) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe     [07/10/2015 11:45:40]    CPU Usage:0 %
2680 | [Owner :  | Parent : 780(services.exe) | ?????] - (.ASUSTeK Computer Inc. - AsSysCtr Application.) - (1.0.0.1) = C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe     [11/12/2012 11:41:47]    CPU Usage:0 %
2688 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Realtek - RtlService MFC Application.) - (500.1003.630.2009) = C:\Program Files (x86)\AWUS036H Wireless LAN Utility\RtlService.exe     [18/04/2013 19:30:50]    CPU Usage:0 %
2700 | [Owner :  | Parent : 780(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe     [11/12/2012 11:41:35]    CPU Usage:0 %
2708 | [Owner :  | Parent : 780(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe     [16/10/2016 13:05:27]    CPU Usage:0 %
2892 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Atheros Communications, Inc. - JumpStart PushButton Service.) - (2.1.0.18) = C:\Program Files (x86)\Jumpstart\jswpbapi.exe     [12/10/2014 21:36:16]    CPU Usage:0 %
2940 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
2948 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - (3.4.0.378) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe     [20/08/2015 17:04:56]    CPU Usage:0 %
2980 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (8.1.0.1252) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe     [25/01/2013 13:27:33]    CPU Usage:0 %
2996 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.4.40.77) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe     [01/01/2017 11:49:21]    CPU Usage:0 %
3044 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - (2.4.40.217) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe     [01/01/2017 11:49:18]    CPU Usage:0 %
3052 | [Owner :  | Parent : 780(services.exe) | ?????] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.8.0) = C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe     [27/12/2016 18:29:25]    CPU Usage:0 %
3060 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
1800 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
2124 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Wondershare - Wondershare AppService.) - (2.3.2.219) = C:\Program Files (x86)\Wondershare\WAF\2.3.2.219\WsAppService.exe     [27/12/2016 19:28:57]    CPU Usage:25 %
1788 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.24.388.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe     [20/04/2012 23:16:12]    CPU Usage:0 %
3252 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
3388 | [Owner :  | Parent : 2688(RtlService.exe) | ?????] - (.Realtek Semiconductor Corp. - RtWLan ( For Vista / Win7) Application(External Registrar).) - (700.1579.715.2009) = C:\Program Files (x86)\AWUS036H Wireless LAN Utility\RtWLan.exe     [18/04/2013 19:30:50]    CPU Usage:0 %
3508 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Safer-Networking Ltd. - Windows Security Center integration..) - (2.3.39.2) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe     [01/01/2017 11:19:47]    CPU Usage:0 %
4276 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
4888 | [Owner : F-cay | Parent : 556(svchost.exe) | 22.79 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.14393.0) = C:\Windows\System32\sihost.exe     [16/07/2016 12:42:09]    CPU Usage:0 %
4916 | [Owner : F-cay | Parent : 780(services.exe) | 28.55 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
4956 | [Owner : F-cay | Parent : 556(svchost.exe) | 0.14 Mo] - (.ASUSTeK Computer Inc. - ASUS Routine Controller.) - (1.0.0.1) = C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe     [11/12/2012 11:41:48]    CPU Usage:0 %
4964 | [Owner : F-cay | Parent : 556(svchost.exe) | 17.65 Mo] - (.Microsoft Corporation - Processus hÃ´te pour TÃ¢ches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe     [16/07/2016 12:42:36]    CPU Usage:0 %
4660 | [Owner : F-cay | Parent : 892(svchost.exe) | 50.39 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe     [16/07/2016 12:42:05]    CPU Usage:0 %
4796 | [Owner : F-cay | Parent : 3736() | 110.39 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.14393.479) = C:\Windows\explorer.exe     [10/12/2016 08:52:51]    CPU Usage:0 %
4304 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
5312 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.14393.206) = C:\Windows\System32\SearchIndexer.exe     [16/10/2016 12:56:57]    CPU Usage:0 %
5336 | [Owner : F-cay | Parent : 892(svchost.exe) | 45.98 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.14393.447) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe     [09/11/2016 08:13:14]    CPU Usage:0 %
5600 | [Owner : F-cay | Parent : 892(svchost.exe) | 55.07 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.14393.693) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe     [11/01/2017 19:43:34]    CPU Usage:0 %
5912 | [Owner :  | Parent : 5312(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.14393.206) = C:\Windows\System32\SearchProtocolHost.exe     [16/10/2016 12:56:53]    CPU Usage:0 %
6004 | [Owner : SystÃ¨me | Parent : 5312(SearchIndexer.exe) | 6.25 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.14393.206) = C:\Windows\System32\SearchFilterHost.exe     [16/10/2016 12:56:47]    CPU Usage:0 %
6104 | [Owner : F-cay | Parent : 892(svchost.exe) | 9.5 Mo] - (.-.) - (11.10.145.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe     [14/12/2016 12:08:33]    CPU Usage:0 %
6348 | [Owner : F-cay | Parent : 892(svchost.exe) | 15.56 Mo] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe     [16/07/2016 12:42:09]    CPU Usage:0 %
6372 | [Owner : F-cay | Parent : 1240(nvxdsync.exe) | 10.08 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.6909) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe     [16/10/2016 06:43:54]    CPU Usage:0 %
6556 | [Owner : F-cay | Parent : 892(svchost.exe) | 19.8 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.594) = C:\Windows\System32\SettingSyncHost.exe     [11/01/2017 19:43:39]    CPU Usage:0 %
6656 | [Owner : F-cay | Parent : 892(svchost.exe) | 14.79 Mo] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe     [16/10/2016 12:58:09]    CPU Usage:0 %
6712 | [Owner : F-cay | Parent : 4796(explorer.exe) | 12.9 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.311) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe     [01/10/2013 13:23:20]    CPU Usage:0 %
6784 | [Owner : F-cay | Parent : 4796(explorer.exe) | 9.65 Mo] - (.Acresso Corporation - Acresso Software Manager.) - (11.60.100.23865) = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe     [05/05/2009 15:06:06]    CPU Usage:0 %
6948 | [Owner : F-cay | Parent : 6836() | 25.39 Mo] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) - (2.4.40.129) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe     [01/01/2017 11:19:42]    CPU Usage:0 %
6936 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe     [16/07/2016 12:42:27]    CPU Usage:0 %
2200 | [Owner : F-cay | Parent : 4956(AsRoutineController.exe) | 0.04 Mo] - (.ASUSTeK Computer Inc. - EPUHelp.) - (1.0.0.31) = C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe     [11/12/2012 11:42:08]    CPU Usage:0 %
2760 | [Owner :  | Parent : 780(services.exe) | ?????] - (.MAGIX AG - VerzeichnisÃ¼berwachung und Hilfsaufgaben fÃ¼r die Medienbibliothek.) - (2.1.31.0) = C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe     [24/05/2011 19:33:30]    CPU Usage:0 %
2816 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Intel Corporation - Local Manageability Service.) - (8.1.0.1252) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe     [25/01/2013 13:27:11]    CPU Usage:0 %
6892 | [Owner :  | Parent : 780(services.exe) | ?????] - (.- ducservice.) - (1.0.0.0) = C:\Program Files (x86)\No-IP\ducservice.exe     [20/07/2015 16:34:14]    CPU Usage:0 %
7820 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Nero AG - NeroUpdate.) - (11.2.0.5) = C:\Program Files (x86)\Nero\Update\NASvc.exe     [14/07/2014 15:26:54]    CPU Usage:0 %
8000 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Intel Corporation - User Notification Service.) - (8.1.0.1252) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe     [25/01/2013 13:27:28]    CPU Usage:0 %
5080 | [Owner :  | Parent : 780(services.exe) | ?????] - (.Microsoft Corporation - Service Partage rÃ©seau du Lecteur Windows Media.) - (12.0.14393.187) = C:\Program Files\Windows Media Player\wmpnetwk.exe     [16/10/2016 07:36:56]    CPU Usage:0 %
8068 | [Owner : F-cay | Parent : 4796(explorer.exe) | 30.69 Mo] - (.SosVirus - QuickDiag.) - (21.1.17.1) = C:\Users\F-cay\Desktop\QuickDiag.exe     [22/01/2017 10:12:57]    CPU Usage:0 %

---------- | MD5

[MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [10/12/2016 08:52:51] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Explorateur Windows.) - [4563.77 Ko] - (10.0.14393.479) : C:\WINDOWS\Explorer.exe
[MD5.F4F684066175B77E0C3A000549D2922C] - [16/07/2016 12:42:36] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - InterprÃ©teur de commandes Windows.) - [227.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\cmd.exe
[MD5.77DBC745D957B4F0404ABABC10696784] - [16/07/2016 12:42:27] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Processus dâexÃ©cution client-serveur.) - [17.72 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\csrss.exe
[MD5.DA63852A2B0340E94D74EAF0CD444979] - [16/07/2016 12:42:27] - (.Â© Microsoft Corporation. - COM Surrogate.) - [20.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\dllhost.exe
[MD5.6955067712F2F4752CA12192B08EF860] - [16/07/2016 12:42:16] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - DLL du client API BASE Windows NT.) - [683.48 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Kernel32.dll
[MD5.6F8E95716C1A27FF2FE96D30B147F1C1] - [16/10/2016 07:36:55] - (.Â© Microsoft Corporation. - Local Security Authority Process.) - [56.05 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\lsass.exe
[MD5.7BD259FC59CF9C2AE1B979564B374CC6] - [16/07/2016 12:42:27] - (.Â© Microsoft Corporation. - Distributed COM Services.) - [867.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rpcss.dll
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - [16/07/2016 12:42:42] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Processus hÃ´te Windows (Rundll32).) - [68 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rundll32.exe
[MD5.3C69CC28665854F1AAB4B4005005FA31] - [10/12/2016 08:53:18] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Applications Services et ContrÃ´leur.) - [443.94 Ko] - (10.0.14393.479) : C:\WINDOWS\System32\services.exe
[MD5.36F670D89040709013F6A460176767EC] - [16/07/2016 12:42:27] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Processus hÃ´te pour les services Windows.) - [43.45 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\svchost.exe
[MD5.C46EA86BF0E7C96235E9064CBAD6ED26] - [14/12/2016 06:06:04] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - DLL client de lâAPI uilisateur de Windows multi-utilisateurs.) - [1426.95 Ko] - (10.0.14393.576) : C:\WINDOWS\System32\user32.dll
[MD5.C1B1FFC800BE2F31EB2CF8CB40629C69] - [16/07/2016 12:42:27] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Application dâouverture de session Userinit.) - [32.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\userinit.exe
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - [16/07/2016 12:42:27] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Application de dÃ©marrage de Windows.) - [297.11 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Wininit.exe
[MD5.917F081E2AB667C44F7D96DE1D16DFAE] - [11/01/2017 19:43:59] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Application dâouverture de session Windows.) - [658 Ko] - (10.0.14393.594) : C:\WINDOWS\System32\Winlogon.exe
[MD5.323AA1953ED9C01E23F740FA891FE064] - [28/10/2016 18:54:31] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Pilote de fonction connexe pour WinSock.) - [570.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\afd.sys
[MD5.A10F989A812B57B9695F6C305907C9C6] - [16/07/2016 12:41:53] - (.Â© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\atapi.sys
[MD5.65DEB05FC234BFF207379F06F0754402] - [16/07/2016 12:41:53] - (.Â© Microsoft Corporation. - ATAPI Driver Extension.) - [187.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ataport.sys
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - [16/07/2016 12:42:35] - (.Â© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdfs.sys
[MD5.613D0137C269187FA298A157E3D14A18] - [16/07/2016 12:41:53] - (.Â© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdrom.sys
[MD5.0D1D392ED2597F295956D058D33BD7C3] - [16/10/2016 12:57:19] - (.Â© Microsoft Corporation. - DFS Namespace Client Driver.) - [141.5 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\dfsc.sys
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - [16/07/2016 12:41:52] - (.Â© Microsoft Corporation. - High Definition Audio Bus Driver.) - [81.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys
[MD5.B54B30992620C97230013A74461C8517] - [16/07/2016 12:41:54] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Pilote de port i8042.) - [111.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - [16/07/2016 12:42:39] - (.Â© Microsoft Corporation. - IP Network Address Translator.) - [207.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ipnat.sys
[MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - [16/10/2016 07:36:52] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Minirdr SMB Windows NT.) - [439.84 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\Drivers\mrxsmb.sys
[MD5.D5564FC81350458ED570528C4E3B1CCF] - [16/10/2016 12:56:51] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - NDIS (Network Driver Interface Specification).) - [1153.84 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\ndis.sys
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - [16/07/2016 12:42:35] - (.Â© Microsoft Corporation. - MBT Transport driver.) - [272.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\netbt.sys
[MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - [09/11/2016 08:12:51] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Pilote du systÃ¨me de fichiers NT.) - [2202.84 Ko] - (10.0.14393.447) : C:\WINDOWS\System32\Drivers\ntfs.sys
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - [16/07/2016 12:41:53] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Pilote de port parallÃ¨le.) - [94.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\parport.sys
[MD5.17E565710172ED71B8531D8822E1C5D1] - [16/07/2016 12:42:39] - (.Â© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rasl2tp.sys
[MD5.7135785C21CA79D270D11037C43D3F19] - [16/07/2016 12:44:03] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Redirecteur de pÃ©riphÃ©rique de Microsoft RDP.) - [173 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys
[MD5.4F25E481124059CC593B4C68BC485640] - [28/10/2016 18:54:44] - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Pilote TCP/IP.) - [2478.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\tcpip.sys
[MD5.9D2DD64A0B51C56285512DC9454340F6] - [16/07/2016 12:42:27] - (.Â© Microsoft Corporation. - TDI Translation Driver.) - [115.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\tdx.sys
[MD5.BF2546583BB75F01DDA60A7921DFB230] - [16/07/2016 12:42:35] - (.Â© Microsoft Corporation. - Volume Shadow Copy driver.) - [382.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\volsnap.sys

---------- | Locked Applications


---------- | Explorer.exe component call (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
(.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll
(.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 369.09.) - (21.21.13.6909) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvwgf2umx.dll
(..-.Core Sync.) - (2.0.0.734) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
(..-..) - (1.3.210.1) -- C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
(.Mediafour Corporation.-.MDShell.dll.) - (10.0.3.15) -- C:\Program Files\Mediafour\MacDrive 10\MDShell.dll
(.Mediafour Corporation.-.MacDrive API.) - (8.0.0.0) -- C:\Program Files\Mediafour\MacDrive 10\MACDRAPI.dll
(.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 369.09.) - (21.21.13.6909) -- C:\WINDOWS\system32\nvapi64.dll
(.Lavasoft Limited.-..) - (2.3.4.7) -- C:\WINDOWS\system32\LavasoftTcpService64.dll
(.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
(.Nero AG.-.Nero Burning ROM Shell Extension.) - (16.0.11.0) -- C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\NeroShellExt.dll
(.Nero AG.-.Nero Solution Explorer Dynamic Link Library.) - (16.0.0.9) -- C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\SolutionExplorer.dll
(.Alexander Roshal.-.WinRAR shell extension.) - (4.20.0.0) -- C:\Program Files\WinRAR\rarext.dll
(.Safer-Networking Ltd..-.Windows Explorer context menu integration.) - (2.3.39.113) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll
(.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.6909) -- C:\WINDOWS\system32\nv3dappshext.dll

---------- | Svchost.exe component call (Microsoft Files Whitelisted)

(.Lavasoft Limited.-..) - (2.3.4.7) -- C:\WINDOWS\system32\LavasoftTcpService64.dll
(.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll
(.Brother Industries, Ltd..-.Brother MFC WIA minidriver(for 64Bit).) - (3.16.3.3) -- C:\WINDOWS\system32\BrWi212a.dll
(.Brother Industries, Ltd..-.Brother Network Sti Interface DLL(for 64Bit).) - (2.0.13.6) -- C:\WINDOWS\system32\BrNetSti.dll
(..-..) - (0.0.0.0) -- C:\WINDOWS\system32\BrSNMP64.dll

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

SpybotPostWindows10UpgradeReInstall - ("C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [HKU\S-1-5-18\...\Run]) - User: AUTORITE NT\SystÃ¨me
OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL
OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÃSEAU
ISUSPM - (C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\...\Run]) - User: FCAY\F-cay
Web Companion - (C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize  [HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\...\Run]) - User: FCAY\F-cay
RESTART_STICKY_NOTES - (C:\Windows\System32\StikyNot.exe [HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\...\Run]) - User: FCAY\F-cay
Skype - ("C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\...\Run]) - User: FCAY\F-cay
SpybotPostWindows10UpgradeReInstall - ("C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [HKU\.DEFAULT\...\Run]) - User: .DEFAULT
BackupRemind - (C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Addins\AndroidBackupRestore\BackupRemind.exe  [Common Startup]) - User: Public
RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\...\Run]) - User: Public
AdobeAAMUpdater-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\...\Run]) - User: Public
iTunesHelper - ("C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\...\Run]) - User: Public
MacDrive 10 helper - ("C:\Program Files\Mediafour\MacDrive 10\MDHelper.exe" [HKLM\...\Run]) - User: Public

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler   
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize    
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe   
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"Optimizer Pro"=0x020000000000000000000000   
"hghjgkh"=0x020000000000000000000000   
"MsJYpToVi"=0x03000000BAFEA53E4749D001   
"RESTART_STICKY_NOTES"=0x03000000743092F44263D201   
"ISUSPM"=0x020000000000000000000000   
"Web Companion"=0x030000000F2C320E0A1CD201   
"Skype"=0x03000000E332810B0A1CD201   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s   
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"   
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"   
"MacDrive 10 helper"="C:\Program Files\Mediafour\MacDrive 10\MDHelper.exe"   

[HKLM\Software\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"RTHDVCPL"=0x060000000000000000000000   
"VizorHtmlDialog.exe"=0x040000000000000000000000   
"Trend Micro Client Framework"=0x040000000000000000000000   
"Trend Micro Titanium"=0x040000000000000000000000   
"Classic Start Menu"=0x020000000000000000000000   
"AdobeAAMUpdater-1.0"=0x030000007B72C99E091CD201   
"iTunesHelper"=0x03000000EFD53E010A1CD201   
"MacDrive 10 helper"=0x03000000217FD8FB4263D201   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"=C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe   [11/12/2012 11:41:55]
"ASUS Easy Update"=C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe   [11/12/2012 11:42:16]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"   
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"   
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe   [25/01/2013 13:38:21]
"jswtrayutil"="C:\Program Files (x86)\Jumpstart\jswtrayutil.exe"   
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun   
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN   
"IndexSearch"="C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"   
"PaperPort PTD"="C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"   
"PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe   [05/03/2010 19:11:30]
"PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe   [05/03/2010 18:11:04]
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true   
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   


---------- | Startings up registry Â¦ Folder


---------- | Other keys


[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"DeleteTempDirsOnExit"=1   
"fDenyTSConnections"=1   
"fSingleSessionPerUser"=1   
"NotificationTimeOut"=0   
"PerSessionTempDir"=0   
"ProductVersion"=5.1   
"RCDependentServices"=CertPropSvc
SessionEnv   
"SnapshotMonitors"=1   
"StartRCM"=0   
"TSUserEnabled"=0   
"InstanceID"=bed22b41-d4c9-4887-a596-0dcc170   
"GlassSessionId"=1   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"AutoChkTimeout"=8   
"BootExecute"=autocheck autochk *

sdnclean64.exe   
"BootShell"=%SystemRoot%\system32\bootim.exe   
"CriticalSectionTimeout"=2592000   
"ExcludeFromKnownDlls"=   
"GlobalFlag"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"InitConsoleFlags"=0   
"NumberOfInitialSessions"=2   
"ObjectDirectories"=\Windows
\RPC Control   
"ProcessorControl"=2   
"ProtectionMode"=1   
"ResourceTimeoutCount"=648000   
"RunLevelExecute"=WinInit
ServiceControlManager   
"RunLevelValidate"=ServiceControlManager   
"SETUPEXECUTE"=   

[HKLM\System\CurrentControlSet\Control]
"BootDriverFlags"=28   
"CurrentUser"=USERNAME   
"EarlyStartServices"=RpcSs
Power
BrokerInfrastructure
SystemEventsBroker
DcomLaunch
RpcEpMapper
LSM
AppIdSvc   
"PreshutdownOrder"=UsoSvc
gpsvc
trustedinstaller   
"WaitToKillServiceTimeout"=200   
"SystemStartOptions"= NOEXECUTE=OPTIN   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2)   
"LastBootSucceeded"=1   
"LastBootShutdown"=0   
"DirtyShutdownCount"=24   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbasedirectories"=0   
"auditbaseobjects"=0   
"Bounds"=0x0030000000200000   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Notification Packages"=scecli   
"Authentication Packages"=msv1_0   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"LsaPid"=788   
"ProductType"=3   
"restrictanonymous"=0   
"restrictanonymoussam"=1   
"SecureBoot"=1   
"Security Packages"=kerberos
msv1_0
schannel
wdigest
tspkg
pku2u
livessp   
"SamConnectedAccountsExist"=1   


---------- | .LNK


---------- | AppCertDlls | AppInit_DLLs


---------- | Dnsapi.dll

C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Control Panel\Desktop]
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=200000   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"MouseWheelRouting"=2   
"PaintDesktopVersion"=0   
"Pattern"=0   
"RightOverlapChars"=3   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallPaper"=c:\windows\web\wallpaper\windows\img0.jpg   [16/07/2016 12:43:10]
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WallpaperStyle"=10   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"ScreenSaveActive"=1   
"MouseMonitorEscapeSpeed"=0   
"UserPreferencesMask"=0x9E1E078012000000   
"AutoColorization"=1   
"MaxVirtualDesktopDimension"=2048   
"MaxMonitorDimension"=1680   
"TranscodedImageCount"=1   
"LastUpdated"=4294967295   
"TranscodedImageCache"=0x7AC301002B73030080070000B0040000C1AF623A57DFD10163003A005C00770069006E0064006F00770073005C007700650062005C00770061006C006C00700061007000650072005C00770069006E0064006F00770073005C0069006D00670030002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"ImageColor"=2940843252   
"Pattern Upgrade"=TRUE   
"Win8DpiScaling"=0   
"DpiScalingVer"=4096   
"WaitToKillAppTimeout"=200   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion\Explorer]
"EnableAutoTray"=0   
"ShellState"=0x240000003E28000000000000000000000000000001000000130000000000000062000000   
"ExplorerStartupTraceRecorded"=1   
"UserSignedIn"=1   
"SIDUpdatedOnLibraries"=1   
"LocalKnownFoldersMigrated"=1   
"TelemetrySalt"=4   
"GlobalAssocChangedCounter"=111   
"AppReadinessLogonComplete"=1   
"FirstRunTelemetryComplete"=1   
"SlowContextMenuEntries"=0x0114020000000000C000000000000046F80300006024B221EA3A6910A2DC08002B30309D784F00001A58CE57B60C66429CA019364C90A0B3F7030000ED1CEF9AE206D348B44596E689678431FF070000631A79D6E2E7EE4FBF525DED8E86E9B8A8060000   
"link"=0x16000000   
"Browse For Folder Width"=347   
"Browse For Folder Height"=336   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=2   
"ShowCompColor"=1   
"HideFileExt"=0   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"ShowSuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ShowStatusBar"=1   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"TaskbarAnimations"=1   
"StartMenuInit"=13   
"ReindexedProfile"=1   
"StoreAppsOnTaskbar"=1   
"TaskbarSizeMove"=0   
"RTStartMenuNotificationDisplayCount"=0   
"EnableStartMenu"=1   
"TaskbarStateLastRun"=0x98637E5800000000   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
"MRUListEx"=0x050000000400000003000000020000000100000000000000FFFFFFFF   
"0"=0x500072006F006700720061006D0044006100740061000000   
"1"=0x4D0061006300440072006900760065000000   
"2"=0x660069006C006D0073000000   
"3"=0x2F000000   
"4"=0x2F006D006E0074002F000000   
"5"=0x43003A005C00550073006500720073005C0046002D006300610079005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C00500072006F00660069006C00650073005C005700650072006D0075006300680070006500720066006500740079002E00640065006600610075006C0074005C00700072006500660073002E006A0073000000   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"SoftwareSASGeneration"=1   
"PromptOnSecureDesktop"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"SmartScreenEnabled"=RequireAdmin   
"GlobalAssocChangedCounter"=2   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"SoftwareSASGeneration"=1   
"PromptOnSecureDesktop"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"GlobalAssocChangedCounter"=10   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders   
"BuildNumber"=14393   
"FirstLogon"=0   
"PUUActive"=0xD477515A07000B001B00260095620000D862000080AA0300D100000032004F00FAAFDFD1321C0400311C0400BA22000043210000AB010000000000006CA5030066030000810000004A4AC67F9674D2015CAC0500000000000100000000000000   
"ParseAutoexec"=1   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"DefaultDomainName"=   
"DefaultUserName"=   
"DisableBackButton"=1   
"EnableSIHostIntegration"=1   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"ReportBootOk"=1   
"Shell"=explorer.exe   
"ShellCritical"=0   
"ShellInfrastructure"=sihost.exe   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"WinStationsDisabled"=0   
"LastLogOffEndTimePerfCounter"=1093184441   
"ShutdownFlags"=2147483687   
"Userinit"=C:\Windows\system32\userinit.exe,   
"scremoveoption"=0   
"DisableCad"=1   
"ShutdownWithoutLogon"=0   
"EnableFirstLogonAnimation"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultDomainName"=   
"DefaultUserName"=   
"EnableSIHostIntegration"=1   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Shell"=explorer.exe   
"ShellCritical"=0   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   
"Userinit"=C:\WINDOWS\system32\userinit.exe,   


---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\Classes\Folder]
""=Folder   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\WOW6432Node\Classes\Folder]
""=Folder   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe"   
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe"   
[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [16/07/2016 12:43:06]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"   
[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [16/07/2016 12:43:06]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser


---------- | AppcompatFlags

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\F-cay\AppData\Local\Temp\DIQ\winrar_027\Software\Delta Babylon.exe"=1

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe"=0x5341435001000000000000000700000028000000802C1300BFD813000100000000000000000001060021000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000004D537F08000000005900000059000000
"C:\Users\F-cay\Downloads\Firefox Setup 20.0.exe"=0x5341435001000000000000000700000028000000A870430100000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000287E3800000000000100000001000000
"C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe"=0x5341435001000000000000000700000028000000D859560072F3560001000000000000000000020600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000541B0100000000000300000003000000
"C:\Program Files\Trend Micro\Titanium\Remove.exe"=0x5341435001000000000000000700000028000000D8EE1400D0EC150001000000000000000000010600210000647CA60EA56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000001B9F0400000000000100000001000000
"C:\Users\F-cay\AppData\Local\Temp\TiUninst\WSCTool.exe"=0x534143500100000000000000070000002800000058E805009867060001000000000000000000010600210000647CA60EA56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000013240000000000000100000001000000
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe"=0x53414350010000000000000005000000100000000000000000000000000000000000000007000000280000000030020015AD02000100000000000000000002067102000033504C2B57DFD101000000000000000002000000500000000000000000000010000000000000000000000000000000007F6A3200000000001200000012000000000000000000000000000000000000000000000000000000D75B0100000000000300000000000000
"C:\Users\F-cay\Downloads\Programmes\avast_antivirus_gratuit_avast_antivirus_gratuit_8_0_1483_72_fr_11113.exe"=0x5341435001000000000000000700000028000000B848A80600000000010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000034280100000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\mbam-setup-1.70.0.1100.exe"=0x534143500100000000000000070000002800000038F99A0046CA9B00010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000008ED80000000000000100000001000000
"SIGN.MEDIA=2769FF8 crypter\VuzeInstaller.exe"=0x5341435001000000000000000700000028000000481901004F290100010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000BDB10D00000000000100000001000000
"C:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exe"=0x534143500100000000000000070000002800000000300A000000000001000000000000000000010600210000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000BE0A0000000000000A0000000A000000
"SIGN.MEDIA=2769FF8 crypter\ccsetup400.exe"=0x534143500100000000000000070000002800000078DC41002B114200010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000C1840000000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\winrar_winrar_4.2_32_bits_francais_9632.exe"=0x5341435001000000000000000700000028000000466918002D9F0100010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000004000000000000000000000000000000000C44A0000000000000100000001000000
"C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000000B01100CDE11100010000000000000000000106002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000C4090000000000000200000002000000
"C:\Program Files (x86)\WinRAR\Uninstall.exe"=0x534143500100000000000000070000002800000000E4010000000000030000000000000000000106002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000450C0000000000000200000002000000
"C:\Users\F-cay\Downloads\Programmes\winrar.exe"=0x534143500100000000000000070000002800000048000D0000000000010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000077810600000000000100000001000000
"C:\Program Files (x86)\Delta\delta\1.8.16.16\GUninstaller.exe"=0x5341435001000000000000000700000028000000480406003A640600030000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000458E0000000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\SpybotSD2.exe"=0x5341435001000000000000000700000028000000002B4E039F094F030100000000000000000002060021000033504C2B57DFD101000000000000000002000000280000000000000000000010000000000000000000000000000000008D000000000000000100000001000000
"C:\Program Files (x86)\ASUS\eManual\eManual.exe"=0x534143500100000000000000070000002800000000FA09000000000001000000000000000000010671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E3482802000000000300000003000000
"C:\Users\F-cay\Downloads\036_WindowsDriver_Win7_6.1316.1209.2009_UI_1.00.0145.L.zip.exe"=0x5341435001000000000000000700000028000000A06C0400FDA30400010000000000000000000206712200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000500000000000000000000000000000000088BE0100000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\winrar_winrar_4.2_64_bits_francais_9632.exe"=0x5341435001000000000000000700000028000000A87F1A000000000001000000000000000000010600010000647CA60EA56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000152E0000000000000100000001000000
"C:\Program Files\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000000C812000000000001000000000000000000010600210000D5B3B31A57DFD101000000000000000002000000500000000000000000000000000000000000000000000000000000008BE4020000000000380000000C00000000000000000000100000000000000000000000000000000074897300000000008C00000000000000
"C:\Users\F-cay\Desktop\Nouveau dossier\036_WindowsDriver_Win7_6.1316.1209.2009_UI_1.00.0145.L\setup.exe"=0x534143500100000000000000070000002800000068150600561A0600010000000000000000000006710200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000005000000000000000000000000000000000B6280000000000000100000001000000
"C:\Users\F-cay\AppData\Local\Temp\fp_pl_pfs_installer.exe"=0x534143500100000000000000070000002800000088A30C015F8E0D01010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000B4380000000000000100000001000000
"SIGN.MEDIA=8D3989B USB adapter\RTL8187_Vista_6.1281_WHQL_installshield\RTL8187_Vista_6.1281_WHQL_installshield\setup.exe"=0x5341435001000000000000000700000028000000B0F3060023200700010000000000000000000006710200002EF6C8A3A56ACD010000000000000000
"SIGN.MEDIA=40804115 autorun.exe"=0x53414350010000000000000007000000280000005CC8140000000000010000000000000000000006612000002EF6C8A3A56ACD0100000000000000000100000004000000010000000500000010000000000000000000000000020006800000000200000050000000000200068000002000102000000000000000200000000000E59F01000000000001000000010000000000000080000000001020000000000000002000000000005E6A0100000000000100000000000000
"SIGN.MEDIA=1CAA0EC USB adapter\rtlsetup-8187(1273)(0111)\RTL8187_WindowsDriver_5.1273.0111.2007_RtlWlan_402.1190.0801.2006\RTL8187\Setup.exe"=0x53414350010000000000000007000000280000000092020000000000010000000000000000000105712000002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000800000200000028000000000000000008005000000000000000000000000000000000250C0000000000000100000001000000
"C:\Users\F-cay\Documents\Driver Alfa network 036H\036_WindowsDriver_Win7_6.1316.1209.2009_UI_1.00.0145.L\setup.exe"=0x534143500100000000000000070000002800000068150600561A0600010000000000000000000006710200002EF6C8A3A56ACD010000000000000000
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"=0x53414350010000000000000002000000280000000000000000000040000000000000000000000000000000000E7007000000000006000000060000000700000028000000888A0D007B410E0001000000000000000000020671220000975FD891C99ECE010000000000000000
"C:\Users\F-cay\Desktop\VirtualBox-4.2.6-82870-Win.exe"=0x5341435001000000000000000700000028000000A825CF05AC58CF05010000000000000000000106710000002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000537E0100000000000400000004000000
"C:\Program Files (x86)\Nero\Nero 12\Nero Express\NeroExpress.exe"=0x53414350010000000000000007000000280000009875DA0146EBDA0101000000000000000000010671220000975FD891C99ECE0100000000000000000200000050000000000000000000001000000000000000000000000000000000D9A83000000000000100000001000000000000000000000000000000000000000000000000000000E4F10600000000000100000000000000
"C:\Users\F-cay\Downloads\Programmes\VirtualBox-4.2.6-82870-Win.exe"=0x5341435001000000000000000700000028000000A825CF05AC58CF05010000000000000000000106710000002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000093F90000000000000100000001000000
"C:\Users\F-cay\Documents\setup.exe"=0x534143500100000000000000070000002800000058B4BE01C34DBF01010000000000000000000206002100002EF6C8A3A56ACD010000000000000000
"C:\Users\F-cay\Downloads\commview for wifi + crack + wep key recovery [wepkr] updated-fixed release 09-2007.exe"=0x534143500100000000000000070000002800000070790A00A5840A00010000000000000000000206712200002EF6C8A3A56ACD0100000080000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000A3740000000000000100000001000000
"C:\Users\F-cay\Downloads\TamoSoft_CommView_for_WiFi_6.3.exe"=0x5341435001000000000000000700000028000000F85404002AFF0400010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000009DF90100000000000100000001000000
"C:\Program Files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe"=0x534143500100000000000000070000002800000040270D00686E0D00030000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000048570000000000000100000001000000
"C:\Program Files (x86)\TornTV.com\uninst.exe"=0x53414350010000000000000007000000280000009AD100002AFF0400030000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000099180000000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\VirtualBox-4.2.12-84980-Win.exe"=0x534143500100000000000000070000002800000010CFE70521CBE805010000000000000000000206712000002EF6C8A3A56ACD0100000000000000000200000050000000000000000000000000000000000000000000000000000000DAB9000000000000020000000200000000000000000000400000000000000000000000000000000008E90000000000000100000000000000
"C:\Users\F-cay\Downloads\MAZE\Keymaker-maze.exe"=0x53414350010000000000000007000000280000000032010000000000010000000000000000000106612000002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000CE270600000000000200000002000000
"C:\Program Files (x86)\CommViewWiFi\CV.CHM"=0x534143500100000000000000050000001000000001000000000000000000000000000000
"C:\Program Files (x86)\CommViewWiFi\CV.EXE"=0x5341435001000000000000000700000028000000B05F4400B2974400010000000000000000000106712200002EF6C8A3A56ACD01000000000000000002000000500000000003010500000060000000000000000000000000000000005D2F0000000000000100000001000000000000000000004004100000000000000000000000000000BD850600000000000700000000000000
"C:\Program Files (x86)\CommViewWiFi\Uninst_CommViewWiFi.exe"=0x53414350010000000000000007000000280000006890040004270500030000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000020270000000000000100000001000000
"SIGN.MEDIA=19B7BA7 driver n document\Windows Driver\11G\Power Control Driver\8187_PWRC.EXE"=0x5341435001000000000000000700000028000000CBBDCD0000000000010000000000000000000106002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000050B60000000000000100000001000000
"C:\Program Files (x86)\AWUS036H Wireless LAN Utility\ReStart.exe"=0x53414350010000000000000007000000280000000070000000000000010000000000000000000006712000002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000000000000000000000000000000000000048010000000000000700000001000000000000000000004000000000000000000000000000000000DB000000000000000500000000000000
"SIGN.MEDIA=1ED371D autorun.exe"=0x5341435001000000000000000700000028000000001E200000000000010000000000000000000106612000002EF6C8A3A56ACD010000000000000000020000002800000000000000800000000000000000000000000000000000000057370100000000000200000002000000
"C:\Users\F-cay\Desktop\8187_PWRC.exe"=0x5341435001000000000000000700000028000000CBBDCD0000000000010000000000000000000106002100002EF6C8A3A56ACD01000000000000000002000000500000000000000000000040000000000000000000000000000000006771000000000000010000000100000000000000000000000000000000000000000000000000000027040000000000000200000000000000
"C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}\setup.exe"=0x5341435001000000000000000700000028000000400C07007D150700030000000000000000000106002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000100000000000000000000000000000000036740000000000000100000001000000
"C:\Program Files (x86)\InstallShield Installation Information\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}\Install.exe"=0x53414350010000000000000007000000280000000070000000000000030000000000000000000006712000002EF6C8A3A56ACD0100000000000000000200000028000000000000000008000000000000000000000000000000000000EE650000000000000100000001000000
"C:\Program Files\Oracle\VirtualBox\VirtualBox.exe"=0x534143500100000000000000070000002800000010837B00A2B87B0001000000000000000000020673200000647CA60EA56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000002F491700000000000200000002000000
"C:\Users\F-cay\Downloads\Programmes\VMware-player-5.0.2-1031769.exe"=0x5341435001000000000000000700000028000000B0C3BF04981EC004010000000000000000000206712200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000087315E00000000000300000003000000
"C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe"=0x534143500100000000000000070000002800000050142900B2AF2900010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E6011A00000000000800000008000000
"C:\ProgramData\Browse2saavee\uninstall.exe"=0x5341435001000000000000000700000028000000A0C2000000000000030000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B9030000000000000100000001000000
"C:\ProgramData\VMware\VMware Player\Uninstaller\uninstall.exe"=0x5341435001000000000000000700000028000000506C0E0013330F00030000000000000000000206712200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000000A430200000000000400000004000000
"C:\Users\F-cay\Downloads\Programmes\vmware_player_vmware_player_5_0_2_1031769_fr_15594.exe"=0x5341435001000000000000000700000028000000B0C3BF04981EC004010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000C89C0100000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\Wireshark-win32-1.8.6.exe"=0x534143500100000000000000070000002800000070F84201DC63430101000000000000000000000671000000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000080000020000002800000000000000000800400000000000000000000000000000000009250400000000000200000002000000
"C:\Program Files (x86)\Wireshark\uninstall.exe"=0x534143500100000000000000070000002800000040240200A60B0300030000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E03B0000000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\LinuxLive USB Creator 2.8.20.exe"=0x5341435001000000000000000700000028000000E34748000000000001000000000000000000010600010000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000A1C50A00000000000300000003000000
"SIGN.MEDIA=1FEFB5 VirtualBox\VirtualBox.exe"=0x5341435001000000000000000700000028000000F3030A0091440A00010000000000000000000106712200002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000100010000000000000000000000000F9370300000000000100000001000000
"SIGN.MEDIA=1FEFB5 VirtualBox\Virtualize_This_Key.exe"=0x534143500100000000000000070000002800000053E80B0091440A00010000000000000000000106712200002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000010000000000000000000000000D1DA0300000000000100000001000000
"C:\Program Files\Vuze\Azureus.exe"=0x5341435001000000000000000700000028000000C84905004A39060001000000000000000000010600010000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000100000000000000000000000003BDC2F03000000000A0000000A000000
"C:\Users\F-cay\Downloads\Programmes\ca_setup.exe"=0x5341435001000000000000000700000028000000D0F4790000000000010000000000000000000105710000002EF6C8A3A56ACD0100000000000000000200000050000000000301050008006000000000000000000000000000000000AC410000000000000100000001000000000000000008004000000000000000000000000000000000F47E0000000000000100000000000000
"C:\Program Files (x86)\Cain\Cain.exe"=0x5341435001000000000000000700000028000000008E130000000000010000000000000000000106712200002EF6C8A3A56ACD010000000000000000020000005000000000000000000000400000020000000000000000000000000089963A00000000000600000002000000000200060000006000000000000000000000000000000000C9741900000000000100000000000000
"C:\Users\F-cay\Downloads\Programmes\WinPcap_4_1_3.exe"=0x5341435001000000000000000700000028000000B8F60D00E7DC0E00010000000000000000000006710000002EF6C8A3A56ACD01000000000000000002000000280000000000000000080040000000000000000000000000000000007E5B0000000000000100000001000000
"C:\Program Files (x86)\Cain\UNINSTAL.EXE"=0x534143500100000000000000070000002800000000A8010000000000030000000000000000000105712000002EF6C8A3A56ACD010000000000000000020000002800000000000000000800000000000000000000000000000000000084110000000000000100000001000000
"F:\SAUVEGARDES\SAUVEGARDE SEPT 2006\Mes documents\PROG WARNING\TROJAN\OPTIX PRO\OPTIX 1.33\Client\Client.exe"=0x53414350010000000000000007000000280000000036060000000000010000000000000000000105612000002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000004020000000000000000000000000066660100000000000100000001000000
"C:\Users\F-cay\Documents\Crypter\Hanneman Crypter by Metal.exe"=0x534143500100000000000000070000002800000000C808000000000001000000000000000000020661200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C8BA0600000000000A0000000A000000
"C:\Users\F-cay\Desktop\TROJAN\SpyOne 1.0\client.exe"=0x5341435001000000000000000700000028000000C45211000000000001000000000000000000010561200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BCC54108000000000B0000000B000000
"F:\SAUVEGARDES\SAUVEGARDE SEPT 2006\Mes documents\PROG WARNING\MAIL ANONYME\email anonyme.exe"=0x53414350010000000000000007000000280000000EBF3C0000000000010000000000000000000105712000002EF6C8A3A56ACD01000000000000000002000000280000000000000000080050000000000000000000000000000000003A470000000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\install_reader11_fr_mssd_aaa_aih.exe"=0x534143500100000000000000070000002800000040D30F00E9281000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000C01F0600000000000100000001000000
"C:\Users\F-cay\Desktop\Email anonyme\Marroki\Setup.exe"=0x5341435001000000000000000700000028000000FD0B08000000000001000000000000000000010571200000975FD891C99ECE01000000000000000001000000040000000100000002000000280000000000000000080040000020000000000000002000000000005D0D0A00000000000800000008000000
"C:\Users\F-cay\Downloads\Programmes\install_flashplayer11x32_mssd_aaa_aih.exe"=0x5341435001000000000000000700000028000000E0C80F00ED971000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000DC620100000000000100000001000000
"C:\Program Files (x86)\Marroki Mailer Anonyme\Marroki.exe"=0x534143500100000000000000070000002800000000C600000000000001000000000000000000010571200000975FD891C99ECE010000000000000000020000005000000000000000000000400000000000000000000000000000000006545A0000000000020000000200000000000000000000000004000000000000000000000000000042250F00000000000800000000000000
"C:\Users\F-cay\Downloads\Programmes\jxpiinstall.exe"=0x5341435001000000000000000700000028000000A80D0E00E44C0E00010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000F2720900000000000100000001000000
"C:\Program Files (x86)\ASUS\ASUS MX Suite\ASUS MX Suite\MediaSuite.exe"=0x5341435001000000000000000700000028000000F84B15003BD5150001000000000000000000010600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000007EF20000000000000300000003000000
"C:\Users\F-cay\Desktop\Email anonyme\Marroki Mailer Anonyme\Marroki.exe"=0x534143500100000000000000070000002800000000C6000000000000010000000000000000000105712000002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000001FC80400000000000100000001000000
"C:\Users\F-cay\Desktop\Marroki.exe"=0x534143500100000000000000070000002800000000C6000000000000010000000000000000000105712000002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000004400000000000000000000000000002DA01600000000000200000002000000
"C:\Users\F-cay\Desktop\Cain.exe"=0x5341435001000000000000000700000028000000008E13000000000001000000000000000000010671220000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000020000000000000000000000000032B31B01000000001000000010000000
"C:\Users\F-cay\Documents\Crypter\Spynet 2.7\SpyNet 2.7.exe"=0x534143500100000000000000070000002800000000B22C0000000000010000000000000000000106612000002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000040100000000000000000000000000000AA100000000000000300000002000000000000000000004000000000000000000000000000000000BA100000000000000400000000000000
"C:\Users\F-cay\Documents\Crypter\SpyNet 2.7.exe"=0x534143500100000000000000070000002800000000B22C0000000000010000000000000000000106612000002EF6C8A3A56ACD01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040001000000000000000000000000000009A100000000000000100000001000000
"C:\Users\F-cay\Downloads\Firefox.exe"=0x5341435001000000000000000700000028000000D8260F0030D60F00010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000D6980300000000000100000001000000
"C:\Program Files (x86)\Uniblue\SpeedUpMyPC\unins000.exe"=0x5341435001000000000000000700000028000000806D180080551900030000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000008E1F0000000000000100000001000000
"C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe"=0x5341435001000000000000000700000028000000A8BF000018880100010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000670E0000000000000100000001000000
"SIGN.IE=0182B058 Firefox Setup 28.0.exe"=0x534143500100000000000000070000002800000058B0820100000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B0630900000000000100000001000000
"C:\Users\F-cay\Desktop\TROJAN\Spy-Net v2.7 Final\SpyNet 2.7 Final.exe"=0x534143500100000000000000070000002800000000123A0000000000010000000000000000000206F1200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000008EC12A00000000000A0000000A000000
"SIGN.MEDIA=2A4FC44A Jpg%20FileBinder.exe"=0x534143500100000000000000070000002800000010D1070013CA0800010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000004000000000000000000000000000000000E1190000000000000200000001000000000301050000006000000000000000000000000000000000670E0000000000000200000000000000
"SIGN.MEDIA=2A4FC44A BrS_PP_Fr_setup.exe"=0x5341435001000000000000000700000028000000A16B060000000000010000000000000000000006412200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000008C3C0000000000000100000001000000
"C:\Program Files (x86)\Brouf_Soft\PoP\Brouf_PoP.exe"=0x5341435001000000000000000700000028000000A30F05008D790500010000000000000000000006712000002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000800000000000000000000000000000054810700000000000100000001000000
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe"=0x534143500100000000000000070000002800000080BD0700BE9E080001000000000000000000020671220000975FD891C99ECE01000000800000000002000000280000000000000000000040000000000000000000000000000000004D2D0600000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\FileZilla_3.7.3_win32-setup.exe"=0x5341435001000000000000000700000028000000D01F0A0031809C9701000000000000000000010600010000975FD891C99ECE010000000000000000
"C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE"=0x5341435001000000000000000700000028000000588C4C00345C4D0001000000000000000000010671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A23B0000000000000500000005000000
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Eula.exe"=0x5341435001000000000000000700000028000000804E0100CD80010001000000000000000000010671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000740C0000000000000100000001000000
"C:\Users\F-cay\Documents\Crypter\CRYPTER N 88.exe"=0x534143500100000000000000070000002800000000B00100D155020001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E0B80000000000000100000001000000
"C:\Program Files (x86)\MyPC Backup\uninst.exe"=0x5341435001000000000000000700000028000000664C01000AE19E0003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000903E0000000000000100000001000000
"C:\Users\F-cay\Downloads\minion-crypter.rar.exe"=0x5341435001000000000000000700000028000000E8F004003024050001000000000000000000020671020000975FD891C99ECE0100000000000000000200000028000000000000000000005000000000000000000000000000000000DF730200000000000100000001000000
"C:\Users\F-cay\Downloads\Percutible Crypter by Metal.exe"=0x534143500100000000000000070000002800000000802D000000000001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A5570000000000000100000001000000
"C:\Users\F-cay\Desktop\TROJAN\setup.exe"=0x534143500100000000000000070000002800000000540F00CB0C100001000000000000000000010541200000975FD891C99ECE010000000000000000
"C:\Program Files (x86)\Scanner NetBIOS\ScanNB.exe"=0x534143500100000000000000070000002800000000901800000000000100000000000000000001056120000019B4C529E312D1010000000000000000020000005000000000000000000000000000000000000000000000000000000081834B02000000001B0000000200000000000000000000400000000000000000000000000000000069A87900000000000600000000000000
"C:\Users\F-cay\Desktop\TROJAN\FCAY\Spy-Net v2.7 Final\SpyNet 2.7 Final.exe"=0x534143500100000000000000070000002800000000123A0000000000010000000000000000000306F1200000975FD891C99ECE010000000000000000
"C:\Users\F-cay\Desktop\System\FCAY\Spy-Net v2.7 Final\SpyNet 2.7 Final.exe"=0x534143500100000000000000070000002800000000123A0000000000010000000000000000000306F1200000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000000000000000000000000000000000000F1E3D40000000000030000000100000000000000000000400000000000000000000000000000000069540000000000000100000000000000
"C:\Users\F-cay\Desktop\System\FCAY\SpyOne 1.0\client.exe"=0x5341435001000000000000000700000028000000C45211000000000001000000000000000000010561200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AAA36501000000001200000012000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Cryp bob marley\bob crypter.exe"=0x5341435001000000000000000700000028000000003C2A000FB62A0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000072B20100000000000100000001000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Hanneman Crypter by Metal.exe"=0x534143500100000000000000070000002800000000C808000000000001000000000000000000020661200000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000014E72100000000000600000006000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\serveurspyone-Hanneman.exe"=0x53414350010000000000000007000000280000007E070500F6DC000001000000000000000000030671200000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000098200000000000000300000003000000
"C:\Users\F-cay\Downloads\vlc-2.1.3-win32.exe"=0x5341435001000000000000000700000028000000118C7801F41C010001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000685C0000000000000100000001000000
"C:\Program Files\AVAST Software\Avast\VisthAux.exe"=0x5341435001000000000000000700000028000000B072030053FE030001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000696E0000000000000100000001000000
"C:\Users\F-cay\Downloads\Kies3Setup.exe"=0x534143500100000000000000070000002800000038B00A00686AE91701000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F8653900000000000100000001000000
"C:\Program Files (x86)\Samsung\Kies3\Kies3.exe"=0x534143500100000000000000070000002800000030D39E0038089F0001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003D0F0100000000000300000003000000
"C:\Users\F-cay\Desktop\galaxy ace\SAMSUNG_USB_Driver_for_Mobile_Phones.exe"=0x534143500100000000000000070000002800000078AD7001D1EE700101000000000000000000000671000000975FD891C99ECE010000000000000000010000000400000001000000020000005000000000020006000800600000000000000000000000000000000071F601000000000001000000010000000000000000080040000020000000000000002000000000001C180000000000000100000000000000
"C:\Users\F-cay\Desktop\galaxy ace\Odin3 v3.09.exe"=0x534143500100000000000000070000002800000000F42200570B230001000000000000000000020671020000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000020000000000000000000000000010FE3600000000000200000002000000
"C:\Users\F-cay\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\updater.exe"=0x5341435001000000000000000700000028000000703C04003FD5040001000000000000000000030600210000975FD891C99ECE010000008000000000020000002800000000000000000000400000000000000000000000000000000087350000000000000100000001000000
"C:\Users\F-cay\Desktop\galaxy ace\Odin3 v1.85.exe"=0x534143500100000000000000070000002800000000820600846B070001000000000000000000010671220000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000015964C00000000000600000006000000
"C:\Users\F-cay\Desktop\Remise a zero galaxy Gt S5839i\Odin3_v1.85.exe"=0x534143500100000000000000070000002800000000820600846B070001000000000000000000010671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000AF496F00000000000100000001000000
"C:\Users\F-cay\Desktop\Odin + pit\Odin with pit\Odin3_v1.84.exe"=0x534143500100000000000000070000002800000000441B0020C41B0001000000000000000000010671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000AF9D0500000000000200000002000000
"C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\delegate_execute.exe"=0x5341435001000000000000000700000028000000481920000130200001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CF020000000000000100000001000000
"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"=0x534143500100000000000000070000002800000030BA0D000000000003000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000074260000000000000100000001000000
"C:\Users\F-cay\AppData\Roaming\BabSolution\Shared\GUninstaller.exe"=0x5341435001000000000000000700000028000000480406003A64060003000000000000000000020600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CB410000000000000100000001000000
"C:\Users\F-cay\Downloads\LinuxLive USB Creator 2.8.30.exe"=0x53414350010000000000000007000000280000008BA44C000000000001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000311D0900000000000100000001000000
"C:\Users\F-cay\Downloads\Win32DiskImager-0.9.5-install.exe"=0x53414350010000000000000007000000280000009E8BBB000000000001000000000000000000020600010000975FD891C99ECE0100000000000000000200000050000000000000000000004000000000000000000000000000000000DF173B00000000000100000001000000000000000000000000000000000000000000000000000000E83E0100000000000200000000000000
"C:\Program Files (x86)\ImageWriter\Win32DiskImager.exe"=0x5341435001000000000000000700000028000000001E0200BF47020001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000286A0900000000000700000007000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Percutible Crypter by Metal.exe"=0x534143500100000000000000070000002800000000802D000000000001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005D290100000000000200000002000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Indetectables.net Crypter byBaku\Cliente.exe"=0x53414350010000000000000007000000280000000040070028A7070001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E3F00100000000000100000001000000
"C:\Users\F-cay\Desktop\Nouveau dossier\Dumpper.exe"=0x5341435001000000000000000700000028000000003E0F0000000000010000000000000000000306F5220000B395E7CF049FCE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000003AA30C00000000000100000001000000
"C:\Users\F-cay\Desktop\Nouveau dossier\setup.exe"=0x534143500100000000000000070000002800000058EC06007511070001000000000000000000000671220000975FD891C99ECE010000000000000000
"C:\Program Files (x86)\Jumpstart\jswscapp.exe"=0x534143500100000000000000070000002800000000C018002D05190001000000000000000000000671220000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000000000000000000000000000000000000084349600000000001F0000001F0000000000000000000040000000000000000000000000000000008D270000000000000100000000000000
"C:\Program Files (x86)\ASUS\Why ASUS PC\desktop.exe"=0x53414350010000000000000007000000280000006D2946000000000001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000000000100000000000000000000000000000111F0000000000000100000001000000
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe"=0x534143500100000000000000070000002800000080F516007811170001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000889A0700000000000100000001000000
"C:\Users\F-cay\Downloads\nero-burning-rom-2015_16-0-03000_fr_402162.exe"=0x534143500100000000000000070000002800000038F21300B176140001000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B0B00700000000000100000001000000
"C:\Program Files (x86)\Nero\Nero 2015\Nero Launcher\NeroLauncher.exe"=0x53414350010000000000000007000000280000005073370099BD370001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000BB491700000000000300000003000000
"C:\Users\F-cay\Downloads\cdbxp_setup_4.5.4.5118.exe"=0x5341435001000000000000000700000028000000186C520001EB520001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000071C0600000000000100000001000000
"C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe"=0x534143500100000000000000070000002800000048971A0026B81A00010000000000000000000306F1220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000766C2E00000000000200000002000000
"C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\delegate_execute.exe"=0x5341435001000000000000000700000028000000481920005C6B200001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005B030000000000000100000001000000
"C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\delegate_execute.exe"=0x534143500100000000000000070000002800000048651F007E6D1F0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000100000001000000
"C:\Users\F-cay\Documents\fmsetup.exe"=0x5341435001000000000000000700000028000000B05C97005880970001000000000000000000000671020000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000007DAA1600000000000200000002000000
"C:\Program Files (x86)\MetaProducts Flash & Media Capture\FMCPlayer.exe"=0x5341435001000000000000000700000028000000B0CE0000D488010001000000000000000000020661220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000089BE0100000000000700000007000000
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe"=0x534143500100000000000000070000002800000010C2060055E8060001000000000000000000010671220000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000BED40800000000000100000001000000
"C:\Program Files (x86)\Brouf_Soft\PoP\unins000.exe"=0x534143500100000000000000070000002800000010840A000000000003000000000000000000030641220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001E370000000000000100000001000000
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x534143500100000000000000070000002800000048DF0C00B83F0D0001000000000000000000030600210000975FD891C99ECE010000000100000000
"C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\setup.exe"=0x534143500100000000000000070000002800000048931000871E110003000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000009D750000000000000400000004000000
"C:\Users\F-cay\Desktop\System\VncViewer.exe"=0x534143500100000000000000070000002800000000F004000000000001000000000000000000010571200000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000000000000000000000000000000000000A5955300000000003D0200000402000000000000000000400000000000000000000000000000000063980100000000000500000000000000
"C:\Users\F-cay\Desktop\System\VncScanner.exe"=0x5341435001000000000000000700000028000000008000000000000001000000000000000000010571200000975FD891C99ECE01000000000000000005000000100000000000000000000000000000002000000002000000A00000000000000020000060000000000000000000000000000000001F000000000000000100000001000000000301050000006000000000000000000000000000000000BC00000000000000040000000000000000000000000000400000000000000000000000000000000038010000000000000400000000000000000301052000006000000000000000000000000000000000AC000000000000000100000000000000
"C:\Users\F-cay\Downloads\Programmes\FileZilla_3.7.3_win32-setup [1].exe"=0x5341435001000000000000000700000028000000176F49000000000001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000352D0100000000000100000001000000
"SIGN.MEDIA=DB4F300 Firefox Setup 35.0.1.exe"=0x5341435001000000000000000700000028000000589262020000000001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A1010100000000000100000001000000
"C:\Users\F-cay\Downloads\adwcleaner_4.110.exe"=0x5341435001000000000000000700000028000000003C20000000000001000000000000000000030600210000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000014050600000000000300000003000000
"C:\Users\F-cay\Downloads\torbrowser-install-4.0.3_fr.exe"=0x5341435001000000000000000700000028000000E01C110241B6010001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E03A0800000000000100000001000000
"C:\Users\F-cay\Downloads\Crypter Cham Cham.exe"=0x5341435001000000000000000700000028000000C8F81000705B110001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000071BA0100000000000100000001000000
"C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe"=0x5341435001000000000000000700000028000000885E1700AE27180001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000201F0000000000000100000001000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Street Fighter.exe"=0x5341435001000000000000000700000028000000C82A1000FB7F100001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000856C0000000000000100000001000000
"C:\Users\F-cay\Downloads\python-3.4.2.msi"=0x534143500100000000000000070000002800000000DA0000D0AF010001000000000000000000010500100000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000DDEA0000000000000100000001000000
"C:\Users\F-cay\Downloads\ActivePerl-5.20.1.2000-MSWin32-x64-298557.msi"=0x534143500100000000000000070000002800000000F400008396010001000000000000000000010500100000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000008A90200000000000100000001000000
"C:\Perl64\bin\perl.exe"=0x534143500100000000000000070000002800000000F605004FF8050001000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000009CD30000000000000500000005000000
"C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe"=0x5341435001000000000000000700000028000000A8C700007A01010001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001A010000000000000C0000000C000000
"F:\UNDERGROUND\EXPLOITS + TUTO + VIDEO\VCNBYPASS + VIDEO\VncScanner.exe"=0x5341435001000000000000000700000028000000008000000000000001000000000000000000010571200000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000003E000000000000000100000001000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Kryptos_By_Sod Mod By MCN\Kryptos.exe"=0x534143500100000000000000070000002800000000A0010035B4010001000000000000000000000671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A1980100000000000100000001000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Indetectables .NET Crypter by Blau.exe"=0x53414350010000000000000007000000280000000044020000000000010000000000000000000306F5220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000007B891C00000000000100000001000000
"F:\UNDERGROUND\EXPLOIT PACK FCAY\PackExploitsphpBBFCAY.bat"=0x5341435001000000000000000700000028000000006E05001C90050001000000000000000000010500300000B395E7CF049FCE010000000000000000
"F:\UNDERGROUND\PASSWORD PRO\PasswordsPro.exe"=0x5341435001000000000000000700000028000000005E06000000000001000000000000000000010571200000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040001000000000000000000000000000001A900000000000000100000001000000
"F:\LOGICIELS\PROGRAMMES PROGRAMMATION DIVERS\PROGRAMMES EN VB QUE J'AI CREER\calculette.exe"=0x5341435001000000000000000700000028000000007000009741010001000000000000000000010571200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D4160000000000000200000002000000
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x5341435001000000000000000700000028000000C8980F002DFC0F0001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000004C0E300000000000C0000000C000000
"G:\UNDERGROUND\SCANNER WIFI\SCANNER WIFI\netstumblerinstaller_0_4_0.exe"=0x53414350010000000000000007000000280000008C3714000000000001000000000000000000010571200000975FD891C99ECE01000000000000000002000000280000000000000000080040000000000000000000000000000000000A350000000000000100000001000000
"C:\Program Files (x86)\Network Stumbler\NetStumbler.exe"=0x534143500100000000000000070000002800000000900800378E090001000000000000000000010571200000975FD891C99ECE01000000000000000002000000500000000000000000000000000400000000000000000000000000004E14010000000000030000000100000000000000000000400000000000000000000000000000000098680100000000000300000000000000
"G:\UNDERGROUND\SCANNER FAILLES\SUPERSCAN\superscan.exe"=0x53414350010000000000000007000000280000008CD603000000000001000000000000000000010571200000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000A97A0B00000000000100000001000000
"G:\UNDERGROUND\SCANNER FAILLES\SUPERSCAN\scanner.exe"=0x534143500100000000000000070000002800000000FE00000000000001000000000000000000010571200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000D8460100000000000100000001000000
"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE"=0x534143500100000000000000070000002800000058B515007DBD150001000000000000000000010600210000975FD891C99ECE010000000100000000
"C:\Users\F-cay\Desktop\IP2.exe"=0x534143500100000000000000050000001000000000000000000000000000000000000000070000002800000000380000000000000100000000000000000001057120000019B4C529E312D101000000000000000002000000500000000000000000000000000000000000000000000000000000006469530000000000080000000500000000000000000000400000000000000000000000000000000055260000000000000100000000000000
"C:\Users\F-cay\Downloads\K-Lite_Codec_Pack_1100_Full.exe"=0x534143500100000000000000070000002800000050520A00A38D4B0401000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000068960900000000000100000001000000
"C:\Users\F-cay\AppData\Local\Sparta\Uninstaller.exe"=0x5341435001000000000000000700000028000000009A03000000000003000000000000000000010600010000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000080000000000000008000000000007D0D0000000000000100000001000000010000000400000001000000
"C:\Users\F-cay\AppData\Roaming\StormFall\Uninstaller.exe"=0x5341435001000000000000000700000028000000009A03000000000003000000000000000000010600010000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000008000000000000000800000000000EB0D0000000000000100000001000000010000000400000001000000
"C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC\mpc-hc.exe"=0x53414350010000000000000007000000280000000004620023AE62000100000000000000000003060021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C08F6C00000000005300000053000000
"C:\Users\F-cay\Downloads\wps-pin.exe"=0x534143500100000000000000070000002800000000BE080000000000010000000000000000000206F1220000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000034240600000000000100000001000000
"C:\Users\F-cay\Desktop\win-pin\wps-pin.exe"=0x534143500100000000000000070000002800000000BE080000000000010000000000000000000206F1220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000000000000000000000000000000000000CC7AB200000000001500000005000000000000000000004000000000000000000000000000000000651C0900000000000300000000000000
"C:\Users\F-cay\Desktop\win-pin\wpspin\wpispin32.exe"=0x53414350010000000000000007000000280000000076040000000000010000000000000000000306F1220000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000000000000000000000000000000000006DA417000000000007000000010000000000000000000040000000000000000000000000000000006E4E0A00000000000300000000000000
"C:\Perl64\bin\wperl.exe"=0x534143500100000000000000070000002800000000F605004FF8050001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000777E0000000000000100000001000000
"C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe"=0x5341435001000000000000000700000028000000208BBA006D0ABB0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E53A4505000000000500000005000000
"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe"=0x5341435001000000000000000700000028000000C0CE10009211110003000000000000000000010600010000975FD891C99ECE010000000000000000
"SIGN.MEDIA=7008A Microsoft.Office.Famille.et.Etudiant.2007.+.Key.French.juubiss59\SETUP.EXE"=0x534143500100000000000000070000002800000030110700C7F8070001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000219E0400000000000100000001000000
"C:\Users\F-cay\Desktop\Tor Browser\Browser\firefox.exe"=0x5341435001000000000000000700000028000000002A0500643D050001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A6430200000000000100000001000000
"C:\Users\F-cay\Desktop\System\FCAY\Crypter\Krypt Haohmarur 100% FUD - By Wal999.exe"=0x5341435001000000000000000700000028000000C86C0700C1A2070001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000009F410300000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\adwcleaner_4.110.exe"=0x5341435001000000000000000700000028000000003C20000000000001000000000000000000030600210000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000007F530000000000000100000001000000
"C:\Users\F-cay\Downloads\adwcleaner_4.112.exe"=0x5341435001000000000000000700000028000000002221000000000001000000000000000000030600210000975FD891C99ECE010000000000000000
"C:\Users\F-cay\AppData\Local\Microsoft\SkyDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000A0066E00A39D6E0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005F460000000000000100000001000000
"C:\Users\F-cay\Desktop\Dumpper\Dumpper.exe"=0x5341435001000000000000000700000028000000006E110000000000010000000000000000000306F5220000B395E7CF049FCE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004080000000000000000000000000000000D82F1903000000000800000008000000
"C:\Users\F-cay\Desktop\win-pin\MiniBruteforce-pin.exe"=0x5341435001000000000000000700000028000000006E000000000000010000000000000000000206F1220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003E500100000000000200000002000000
"SIGN.MEDIA=C2B0B0 start.exe"=0x5341435001000000000000000700000028000000504C01007361010001000000000000000000010600210000975FD891C99ECE010000000000000000
"C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe"=0x534143500100000000000000050000001000000000000000000000000000000080000000020000002800000000000000800000000000000000000000000000000000000057FD4600000000000700000007000000070000002800000000402B004DCE21000100000000000000000001067120000033504C2B57DFD1010000000000000000
"\\FCAY\Users\F-cay\Downloads\Programmes\VMware-player-5.0.2-1031769.exe"=0x5341435001000000000000000700000028000000B0C3BF04981EC00401000000000000000000020671220000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000002390000000000000100000001000000
"C:\Users\F-cay\Downloads\xtremsplit_xtremsplit_1.2_francais_14862.exe"=0x534143500100000000000000070000002800000008E40A0075388C9801000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000924C0800000000000100000001000000
"C:\Users\F-cay\Desktop\vncscan.exe"=0x5341435001000000000000000700000028000000008000000000000001000000000000000000010571200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000004E000000000000000100000001000000
"C:\Users\F-cay\Downloads\ClassicShellSetup_4_2_1.exe"=0x5341435001000000000000000700000028000000C0906400FC5D650001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000E3660100000000000100000001000000
"C:\Program Files\Classic Shell\ClassicExplorerSettings.exe"=0x5341435001000000000000000700000028000000C08601009C7802000100000000000000000003060021000033504C2B57DFD10100000000000000000200000078000000000002060000006000000000000000000000000000000000200000000000000001000000010000000000000000000040000000000000000000000000000000001000000000000000020000000000000000000000000000000000000000000000000000000000000030A90000000000000600000000000000
"C:\Program Files\Classic Shell\ClassicStartMenu.exe"=0x5341435001000000000000000700000028000000C07E02000F7703000100000000000000000003060021000059193B14E312D10100000000000000000200000050000000000000000000004000000000000000000000000000000000090900000000000001000000010000000000000000000000000000000000000000000000000000005D000000000000000B00000000000000
"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe"=0x534143500100000000000000070000002800000000DC0100519D02000100000000000000000002067102000019B4C529E312D10100000000000000000200000028000000000000000000001000000000000000000000000000000000DA0B8300000000000A0000000A000000
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000E86417004975170001000000000000000000010600010000975FD891C99ECE010000000100000000
"C:\Users\F-cay\Downloads\Stellar_WinDataRecovery_Home_FR.exe"=0x534143500100000000000000070000002800000008B03F003B73400001000000000000000000020600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000098880000000000000100000001000000
"C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery\spwdrhfa.exe"=0x534143500100000000000000020000002800000000000000200000700010000000000000000000000000000075DE0E00000000000200000002000000070000002800000098166E006D546E000100000000000000000002067122000033504C2B57DFD1010000000000000000
"C:\Users\F-cay\Downloads\rcsetup152-1.52.1086.exe"=0x5341435001000000000000000700000028000000A88A43004E3D440001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000AB2D2000000000000100000001000000
"C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery\unins000.exe"=0x53414350010000000000000007000000280000005B570B00000000000100000000000000000002060001000033504C2B57DFD10100000000000000000200000050000000000000000000004000000000000000000000000000000000F31600000000000001000000010000000000000000000000000000000000000000000000000000002E220000000000000100000000000000
"C:\Users\F-cay\Downloads\pc-inspector-file-recover.exe"=0x534143500100000000000000070000002800000060930C00ADB55A9101000000000000000000030600210000975FD891C99ECE010000000000000000
"C:\Program Files (x86)\Convar\PC Inspector File Recovery\Filerecovery.exe"=0x5341435001000000000000000700000028000000001A3D00000000000100000000000000000001056120000033504C2B57DFD1010000000000000000020000002800000000000000000000000044000000000000000000000000000018017000000000000B0000000B000000
"C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe"=0x534143500100000000000000070000002800000000FA7B005ED07C0001000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000023CC1F00000000000200000002000000
"SIGN.MEDIA=151281B SecureDataUSBDrive.exe"=0x5341435001000000000000000700000028000000A8302900695B290001000000000000000000010671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A2731200000000000300000003000000
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSettings.exe"=0x534143500100000000000000070000002800000010CE3C0037F73C0001000000000000000000010671020000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000014430000000000000100000001000000
"C:\Program Files (x86)\LinuxLive USB Creator\Uninstall.exe"=0x53414350010000000000000007000000280000006CD301000000000003000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000006480000000000000100000001000000
"C:\Users\F-cay\Downloads\LinuxLive USB Creator 2.9.3.exe"=0x534143500100000000000000070000002800000096C85D000000000001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000D9CCDF00000000000100000001000000
"C:\Users\F-cay\Downloads\unetbootin-windows-613.exe"=0x534143500100000000000000070000002800000000BA49000000000001000000000000000000030671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000A6B91500000000000400000004000000
"C:\Users\F-cay\Downloads\Photorectestdisk recuperation de donnÃ©es\testdisk-6.14\photorec_win.exe"=0x5341435001000000000000000700000028000000000E15007011150001000000000000000000020673220000B395E7CF049FCE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000A3A53200000000000300000003000000
"C:\Users\F-cay\Videos\Films terminÃ©s\[www.Cpasbien.pe] ADOBE_AFTEREFFECTS_CC_V2014_MULTI-XFORCE\Adobe After Effects CC 2014\Set-up.exe"=0x534143500100000000000000070000002800000080352B00B0422B0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000050000000000000000000004000000000000000000000000000000000F74A130000000000010000000100000000000000000000000000000000000000000000000000000037230000000000000100000000000000
"C:\Users\F-cay\Videos\Films terminÃ©s\[www.Cpasbien.pe] ADOBE_AFTEREFFECTS_CC_V2014_MULTI-XFORCE\Crack-Windows\xf-adobecc2014.exe"=0x5341435001000000000000000700000028000000005601000000000001000000000000000000030671200000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000025A00400000000000300000003000000
"C:\Users\F-cay\AppData\Local\Adobe\OOBE\PDApp\DECore\Setup.exe"=0x5341435001000000000000000700000028000000707B090097A7090001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000044430300000000000200000002000000
"C:\Users\F-cay\Downloads\ADOBE_AFTEREFFECTS_CC_V2014_MULTI-XFORCE\Crack-Windows\disable_activation.cmd"=0x53414350010000000000000007000000280000000074050047AE050001000000000000000000010500100000B395E7CF049FCE010000000000000000
"C:\Users\F-cay\Downloads\ADOBE_AFTEREFFECTS_CC_V2014_MULTI-XFORCE\Crack-Windows\xf-adobecc2014.exe"=0x5341435001000000000000000700000028000000005601000000000001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F08D1C00000000000700000007000000
"C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_235_Plugin.exe"=0x5341435001000000000000000700000028000000C0BE1100FFF6110003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B32B0000000000000100000001000000
"C:\Users\F-cay\Downloads\ADOBE_AFTEREFFECTS_CC_V2014_MULTI-XFORCE\Adobe After Effects CC 2014\Set-up.exe"=0x534143500100000000000000070000002800000080352B00B0422B0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000FBC11D00000000000500000005000000
"C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe"=0x5341435001000000000000000700000028000000C86A470772FF47070100000000000000000003060021000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005BA40400000000000800000008000000
"C:\Program Files\Adobe\Adobe After Effects CC 2014\Support Files\AfterFX.exe"=0x5341435001000000000000000700000028000000D8CE0C00456D0D0001000000000000000000010600010000B395E7CF049FCE01000000000000000002000000500000000000000000000000000000000000000000000000000000000A5D2102000000001700000011000000000000000000004000000000000000000000000000000000B07B0500000000000200000000000000
"C:\Users\F-cay\Downloads\ADOBE_PHOTOSHOP_CC_V2014_MULTI_WIN64-XFORCE\Adobe CC 2014\Set-up.exe"=0x5341435001000000000000000700000028000000C8342B001A482B0001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000032644300000000000300000003000000
"C:\Users\F-cay\Downloads\ADOBE_PHOTOSHOP_CC_V2014_MULTI_WIN64-XFORCE\Crack-Windows\xf-adobecc2014.exe"=0x5341435001000000000000000700000028000000005601000000000001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000563A1100000000000200000002000000
"C:\Program Files\Adobe\Adobe After Effects CC 2015\Support Files\AfterFX.exe"=0x5341435001000000000000000700000028000000D8D207008CD6070001000000000000000000010600010000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000049645200000000000B0000000B000000
"C:\Users\F-cay\Downloads\Programmes\ADOBE_AFTEREFFECTS_CC_V2014_MULTI-XFORCE\Crack-Windows\xf-adobecc2014.exe"=0x5341435001000000000000000700000028000000005601000000000001000000000000000000030671200000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000004AD0100000000000100000001000000
"C:\Program Files\CCleaner\CCleaner64.exe"=0x534143500100000000000000070000002800000018F15B00E5F45B0001000000000000000000020673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000004E000000000000000100000001000000
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"=0x5341435001000000000000000700000028000000B02A23005017240001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003E000000000000000200000002000000
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe"=0x5341435001000000000000000700000028000000A8642500AB6A250003000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005A9E0200000000000100000001000000
"C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE"=0x5341435001000000000000000700000028000000D85C1801AEEE180101000000000000000000030671220000975FD891C99ECE010000000100000000
"C:\Users\F-cay\Downloads\iTunes6464Setup.exe"=0x5341435001000000000000000700000028000000181DFD09ADCAFD0901000000000000000000010600010000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000004EAF2700000000000100000001000000
"C:\Users\F-cay\AppData\Local\Temp\IXP444.TMP\SetupAdmin.exe"=0x5341435001000000000000000700000028000000182D01008785010001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000006A950000000000000100000001000000
"C:\Program Files\iTunes\iTunes.exe"=0x534143500100000000000000070000002800000010752E00E1FD2E0001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BAA10100000000000200000002000000
"C:\Users\F-cay\Downloads\Programmes\flashplayer20_ga_install.exe"=0x5341435001000000000000000700000028000000D02A1200CD00130001000000000000000000010600010000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000001000000000000000000000000000000B270100000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\flashplayer20_ga_install(1).exe"=0x5341435001000000000000000700000028000000D02A1200CD00130001000000000000000000010600010000975FD891C99ECE010000000000000000
"C:\Windows\SysWOW64\FlashPlayerApp.exe"=0x5341435001000000000000000700000028000000F8A50C0031BC0C0001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000009D8A3B00000000000100000001000000
"C:\Users\F-cay\Downloads\DUCSetup_v4_1_1.exe"=0x534143500100000000000000070000002800000048B0030001CD030001000000000000000000010600010000975FD891C99ECE010000000000000000
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"=0x5341435001000000000000000700000028000000B8EF6C000DF26C000100000000000000000003060021000019B4C529E312D1010000000000000000
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Installer.exe"=0x5341435001000000000000000700000028000000384D7B008DAE7B0001000000000000000000030600210000975FD891C99ECE010000000000000000
"C:\Program Files\McAfee Security Scan\uninstall.exe"=0x5341435001000000000000000700000028000000B8C5050060E1050001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000F44A0000000000000100000001000000
"C:\Users\F-cay\Downloads\hfsexplorer-0_21-setup.exe"=0x5341435001000000000000000700000028000000D5DC17000000000001000000000000000000000671000000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000085450000000000000200000002000000
"C:\Program Files (x86)\HFSExplorer\hfsexplorer.exe"=0x5341435001000000000000000700000028000000839C12008412130001000000000000000000000671200000975FD891C99ECE01000000000000000002000000280000000000000000000000001000000000000000000000000000008CC10300000000000500000005000000
"C:\Program Files (x86)\HFSExplorer\uninst.exe"=0x5341435001000000000000000700000028000000F3DE00000000000001000000000000000000000671000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000C3520000000000000200000002000000
"C:\Users\F-cay\Downloads\hfs_win_trial.msi"=0x534143500100000000000000070000002800000000EA0000AA51010001000000000000000000010500100000975FD891C99ECE010000000000000000
"C:\Users\F-cay\Downloads\hfs_win_8_8.1_free.msi"=0x534143500100000000000000070000002800000000FE0000B780010001000000000000000000010500100000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000007C8C0B00000000000200000002000000
"D:\Hacking\Dumpper\Dumpper.exe"=0x5341435001000000000000000700000028000000006E110000000000010000000000000000000306F5220000B395E7CF049FCE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000000FEF0100000000000100000001000000
"C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe"=0x534143500100000000000000070000002800000000BA1500EADC15000100000000000000000003060021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000002BA32300000000000500000005000000
"C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000019B4C529E312D1010000000100000000
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C01702001B81020001000000000000000000000A6122000033504C2B57DFD101000000000000000002000000500000000000000000000010000000000000000000000000000000007E29A500000000001C0000000F000000000000008000001000000000000000000000000000000000C6246100000000000100000000000000
"C:\Users\F-cay\Downloads\hfs_win_trial(1).msi"=0x53414350010000000000000007000000280000000002010066CD01000100000000000000000001050010000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CDA90000000000000100000001000000
"C:\Users\F-cay\Downloads\SkypeSetupFull.exe"=0x534143500100000000000000070000002800000080F47C0231267D0201000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000B1770000000000000100000001000000
"C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000C0723C01E3C13C0101000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C0AC02007050030001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Users\F-cay\Downloads\Programmes\ClassicShellSetup_4_2_1.exe"=0x5341435001000000000000000700000028000000C0906400FC5D650001000000000000000000000A0021000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000050000000000000000000000000000000003E0000000000000001000000010000000000000000000010000000000000000000000000000000007E050000000000000100000000000000
"C:\Users\F-cay\Downloads\SmartCam_v1_4.exe"=0x534143500100000000000000070000002800000055040700000000000100000000000000000000067100000033504C2B57DFD10100000000000000000200000028000000000000000008004000000000000000000000000000000000FB410000000000000100000001000000
"C:\Program Files (x86)\SmartCam\SmartCam.exe"=0x534143500100000000000000070000002800000000D003006E3404000100000000000000000000067120000033504C2B57DFD1010000000000000000
"C:\Users\F-cay\Downloads\webviewer_setup_win.exe"=0x53414350010000000000000007000000280000009885B1008727B2000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000008D750000000000000100000001000000
"SIGN.MEDIA=32C80 Programmes windows\ ADOBE_AFTEREFFECTS_CC_V2014_MULTI-XFORCE\Crack-Windows\disable_activation.cmd"=0x5341435001000000000000000700000028000000008E0300E25F040001000000000000000000010500100000D5B3B31A57DFD1010000000000000000
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE"=0x5341435001000000000000000700000028000000D86406001394060001000000000000000000000A7122000033504C2B57DFD1010000000100000000
"SIGN.MEDIA=20A20F3 Programmes windows\Macdrive +crack\MacDrive 9 Pro + Crack Serial Number @ www.CracX.com\MacDrive_Pro_9.0.3.35_en_Setup.exe"=0x5341435001000000000000000700000028000000F01605010CD005010100000000000000000002064122000033504C2B57DFD101000000000000000002000000500000000000020600000060000000000000000000000000000000001D44000000000000010000000100000000000000000000400000000000000000000000000000000066CF0000000000000100000000000000
"C:\Users\F-cay\AppData\Local\Temp\{d05dd88d-24af-4e68-ae34-b450e9ae8fb3}\.be\MacDrive 10.0.3.15 Standard en-US Setup.exe"=0x5341435001000000000000000700000028000000D0410A00FED70A0001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000002060000004000000000000000000000000000000000A72D0000000000000100000001000000
"C:\Users\F-cay\Desktop\Programmes windows\Adobe Acrobat 9.1 Professional\AcroPro90_efg.exe"=0x534143500100000000000000070000002800000020306914B6CA69140100000000000000000000067102000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000015C10F00000000000100000001000000
"C:\Users\F-cay\Desktop\Programmes windows\Adobe Acrobat 9.1 Professional\Adobe9proSolutions.exe"=0x534143500100000000000000070000002800000000D40F01000000000100000000000000000000067102000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000049E10300000000000200000002000000
"C:\Program Files\Mediafour\MacDrive 10\MDOptions.exe"=0x534143500100000000000000070000002800000048D70200D15B030001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000AC340000000000000300000003000000
"C:\Users\F-cay\Desktop\Programmes windows\Macdrive +crack\MacDrive 9 Pro + Crack Serial Number @ www.CracX.com\MacDrive_Pro_9.0.3.35_en_Setup.exe"=0x5341435001000000000000000700000028000000F01605010CD005010100000000000000000002064122000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000063AB0000000000000100000001000000
"C:\Program Files\Mediafour\MacDrive 10\MacDrive.exe"=0x534143500100000000000000070000002800000030F70B0087B70C0001000000000000000000000AF5220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000045D90E00000000000300000003000000
"C:\Users\F-cay\Downloads\Macdrive 10\Macdrive_10_St_10_0_2_keygen.exe"=0x5341435001000000000000000700000028000000FC864E00000000000100000000000000000003060001000033504C2B57DFD1010000000000000000
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000E0759700E487970001000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000023A97600000000000A0000000A000000
"C:\Users\F-cay\Videos\Films terminÃ©s\[www.Cpasbien.pe] Sony.Vegas.Pro.v13.0.310.x64.10TH.BIRTHDAY-DVT\Sony.Vegas.Pro.v13.0.310.exe"=0x53414350010000000000000007000000280000005F514A04000000000100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000F18C0600000000000200000002000000
"C:\Users\F-cay\Videos\Films terminÃ©s\[www.Cpasbien.pe] Sony.Vegas.Pro.v13.0.310.x64.10TH.BIRTHDAY-DVT\Patch.exe"=0x534143500100000000000000070000002800000000640900D99100000100000000000000000001067102000033504C2B57DFD1010000008000000000020000002800000000000000000000400000000000000000000000000000000010C70500000000000100000001000000
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe"=0x534143500100000000000000070000002800000020650300801B04000100000000000000000000067122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000878B0000000000000100000001000000
"C:\Program Files\Sony\Vegas Pro 13\vegas130.exe"=0x5341435001000000000000000700000028000000206746020F8B460201000000000000000000030600210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000100000000000000000000000000000ACB10000000000000100000001000000
"C:\Users\F-cay\Downloads\aomei-partition-assistant-standard_5-8_en_430377.exe"=0x5341435001000000000000000700000028000000808A8500C3DA85000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000078290500000000000100000001000000
"C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 5.8\PartAssist.exe"=0x5341435001000000000000000700000028000000101F45002E76450001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000BA040200000000000100000001000000
"C:\Users\F-cay\Downloads\bksetup7-7.1.EXE"=0x534143500100000000000000070000002800000070D97E02A36F7F020100000000000000000001057100000033504C2B57DFD10100000000000000000200000028000000000000000008004000000000000000000000000000000000F2B50000000000000100000001000000
"C:\Program Files (x86)\Brother's Keeper 7\Bk7w.exe"=0x5341435001000000000000000700000028000000905AB9015DDFB90101000000000000000000000A7120000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C3DE0100000000000200000002000000
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C02001930030001000000010000000000000A7122000033504C2B57DFD1010000000000000000
"C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 5.8\unins000.exe"=0x534143500100000000000000070000002800000049071200000000000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000AB220000000000000100000001000000
"C:\Users\F-cay\Downloads\RevoUninProSetup.exe"=0x5341435001000000000000000700000028000000B070AE00D10DAF0001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000074770300000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\hirenBoot\HBCDCustomizer.exe"=0x534143500100000000000000070000002800000000280100000000000100000000000000000001067100000033504C2B57DFD10100000000000000000200000028000000000000000000000000100000000000000000000000000000611C0000000000000100000001000000
"C:\Users\F-cay\Downloads\LinuxLive USB Creator 2.9.4.exe"=0x5341435001000000000000000700000028000000C0FF5D00000000000100000000000000000001060001000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000030410000000000000100000001000000
"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe"=0x534143500100000000000000070000002800000028D7FA00B67FFB0001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000E3613200000000000200000002000000
"C:\Program Files\Mediafour\MacDrive 10\Uninstall MacDrive 10.exe"=0x5341435001000000000000000700000028000000485F0300A17D030001000000000000000000000A00210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000010000000000000000300000003000000
"C:\Program Files (x86)\Skype\Phone\Skype.exe"=0x5341435001000000000000000700000028000000D8579F011141A00101000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000100000000000000000000000000000000052020000000000000100000001000000
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8CB0700BE3D080001000000000000000000000A0021000033504C2B57DFD1010000000100000000
"C:\Users\F-cay\Downloads\KiesSetup.exe"=0x5341435001000000000000000700000028000000B0F84A048ECF4B0401000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000380C1D00000000000100000001000000
"C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe"=0x5341435001000000000000000700000028000000B0A808006D4009000100000000000000000002067102000033504C2B57DFD1010000000000000000020000002800000000000000000000000010000000000000000000000000000097AF1100000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\Photorectestdisk recuperation de donnÃ©es\testdisk-6.14\photorec_win.exe"=0x5341435001000000000000000700000028000000000E15007011150001000000000000000000020673220000D5B3B31A57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000004F6C4B02000000000800000008000000
"C:\Users\F-cay\Downloads\Programmes\Stellar_WinDataRecovery_Home_FR.exe"=0x534143500100000000000000070000002800000008B03F003B7340000100000000000000000002060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000006560200000000000200000002000000
"C:\Users\F-cay\Downloads\Programmes\pci_filerecovery.exe"=0x534143500100000000000000070000002800000091D33400000000000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000004F340000000000000100000001000000
"C:\Users\F-cay\Downloads\android-data-recovery.exe"=0x534143500100000000000000070000002800000030E7BA028EECBA0201000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000F58A0B00000000000100000001000000
"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE"=0x534143500100000000000000070000002800000010E70000EEE001000100000000000000000000067102000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000030050000000000000100000001000000
"C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\DrFoneLoader.exe"=0x5341435001000000000000000700000028000000906E0000525A010001000000000000000000000AF5220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000006E31F00000000000100000001000000
"C:\Users\F-cay\Downloads\android-data-recovery(1).exe"=0x534143500100000000000000070000002800000040137F029A1180020100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000B6981700000000000100000001000000
"C:\Users\F-cay\Downloads\Tenorshare_Android_Data_Recovery_Pro_4_1_0.exe"=0x53414350010000000000000007000000280000004014420024FD420001000000000000000000000A7122000033504C2B57DFD1010000000000000000
"C:\Program Files (x86)\Aiseesoft Studio\Android Data Recovery\unins000.exe"=0x5341435001000000000000000700000028000000D8D31C0096311D000100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000020000000000000000000000000000D51B0000000000000100000001000000
"C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\unins000.exe"=0x5341435001000000000000000700000028000000183F1200B7C2120001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000088130000000000000100000001000000
"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe"=0x534143500100000000000000070000002800000000381200793612000100000000000000000002060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000071300100000000000100000001000000
"C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe"=0x534143500100000000000000070000002800000000381200793612000100000000000000000002060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000051650000000000000100000001000000
"C:\Program Files (x86)\Ruferdombother\clavacult.exe"=0x5341435001000000000000000700000028000000C0E80B005B5A08000100000000000000000003067102000033504C2B57DFD10100000080000000000200000028000000000000000000004000000000000000000000000000000000E6060000000000000100000001000000
"C:\Users\F-cay\Downloads\spybot-2.4.exe"=0x5341435001000000000000000700000028000000A8ECC5025E02C6020100000000000000000003060001000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000EA630000000000000200000002000000
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"=0x5341435001000000000000000700000028000000A087490028004A000100000000000000000003067122000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000033416200000000000100000001000000
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe"=0x5341435001000000000000000700000028000000A0B94D00EBF04D000100000000000000000003067122000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000AF708300000000000100000001000000
"C:\Users\Public\Desktop\Post Win10 Spybot-install.exe"=0x5341435001000000000000000700000028000000A08A0C00C19C0C000100000000000000000003060001000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000020000000000000000000000000000651E0000000000000100000001000000
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe"=0x5341435001000000000000000700000028000000984D4000BA3441000100000000000000000003067122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000A4B9EF01000000000500000005000000
"C:\Users\F-cay\Downloads\ReneeUndeleter_Installer_free.exe"=0x5341435001000000000000000700000028000000C09A0A0034A70A000100000000000000000003060001000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000006849E202000000000200000002000000
"C:\Users\F-cay\Downloads\drw_free.exe"=0x5341435001000000000000000700000028000000509FF5002708F60001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000004DF70400000000000100000001000000
"C:\Users\F-cay\Downloads\Programmes\Photorectestdisk recuperation de donnÃ©es\testdisk-6.14\testdisk_win.exe"=0x5341435001000000000000000700000028000000002C13006CF2130001000000000000000000020673220000D5B3B31A57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001C0B2E00000000000500000005000000
"C:\Users\F-cay\Downloads\Programmes\Photorectestdisk recuperation de donnÃ©es\Nouveau dossier\setup.exe"=0x5341435001000000000000000700000028000000108D6700C3FD67000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000218F0000000000000100000001000000
"C:\Program Files (x86)\SDA\SD Formatter\SDFormatter.exe"=0x5341435001000000000000000700000028000000A0871100912012000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000002000000000000000000000000007B530100000000000100000001000000
"C:\Program Files (x86)\Rene.E Laboratory\Undeleter\ReneeUndeleter.exe"=0x5341435001000000000000000700000028000000F0794C0049224D0001000000000000000000000A7122000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000009A544902000000000100000001000000
"C:\Program Files\Recuva\uninst.exe"=0x5341435001000000000000000700000028000000F03102007C1903000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000001E150000000000000100000001000000
"C:\Program Files (x86)\Rene.E Laboratory\Undeleter\unins000.exe"=0x5341435001000000000000000700000028000000594F1300000000000100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000020000000000000000000000000000B61B0000000000000100000001000000
"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"=0x5341435001000000000000000700000028000000C9AB13000000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000C8250000000000000100000001000000
"C:\Program Files\EaseUS\EaseUS Data Recovery Wizard\unins000.exe"=0x5341435001000000000000000700000028000000DDFB18000000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000732E0000000000000100000001000000
"C:\Users\F-cay\Desktop\rcsetup153.exe"=0x5341435001000000000000000700000028000000B82247006A31470001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000074780500000000000100000001000000
"C:\Users\F-cay\Downloads\data-recovery_setup_full935.exe"=0x5341435001000000000000000700000028000000484C0C00D5220D000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000F94E0700000000000100000001000000
"C:\Program Files (x86)\Wondershare\DataRecovery\unins000.exe"=0x5341435001000000000000000700000028000000F1411700000000000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400002000000000000000000000000000026260000000000000100000001000000
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe"=0x53414350010000000000000007000000280000005E090B00000000000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000020000000000000000000000000000DB0D0000000000000100000001000000
"C:\Users\F-cay\Desktop\RECUVA RECUPERATION FICHIERS\Recuva v1.53.1087 (Full Version)\rcsetup153.exe"=0x534143500100000000000000070000002800000060E254009B9B55000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000032100C00000000000100000001000000
"C:\Users\F-cay\Desktop\RECUVA RECUPERATION FICHIERS\Recuva v1.53.1087 (Full Version)\Keygen.exe"=0x534143500100000000000000070000002800000000BC1B000000000001000000000000000000000A0021000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B0B30000000000000200000002000000
"C:\Users\F-cay\Desktop\Keygen.exe"=0x534143500100000000000000070000002800000000BC1B000000000001000000000000000000000A0021000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000008C0D0000000000000100000001000000
"C:\Users\F-cay\Desktop\RECUVA RECUPERATION FICHIERS\Recuva Pro Keygen.exe"=0x5341435001000000000000000700000028000000B82247006A31470001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000002B2D0000000000000100000001000000
"C:\Users\F-cay\Desktop\Nouveau dossier (3)\crack\md5crack.exe"=0x5341435001000000000000000700000028000000002C0A0000000000010000000000000000000306F122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000046C10800000000000100000001000000
"C:\Program Files\Recuva\recuva64.exe"=0x5341435001000000000000000700000028000000D8A24B00213C4C0001000000000000000000000A73220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000019E10000000000000100000001000000
"C:\Users\F-cay\Downloads\SpyHunter-Installer.exe"=0x5341435001000000000000000700000028000000B0A63500C431360001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000E7410100000000000100000001000000
"C:\Users\F-cay\Downloads\SpyHunter-Installer(1).exe"=0x5341435001000000000000000700000028000000B0A63500C431360001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000304F0200000000000100000001000000
"C:\Users\F-cay\Downloads\setup.exe"=0x5341435001000000000000000700000028000000A81D1202880A130201000000000000000000000A0021000033504C2B57DFD1010000000000000000
"C:\Program Files\RogueKiller\RogueKiller64.exe"=0x534143500100000000000000070000002800000048EE8B01D6098C0101000000000000000000000A00210000D5B3B31A57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000008DF07900000000000100000001000000
"C:\Program Files\AVAST Software\Avast\Setup\instup.exe"=0x5341435001000000000000000700000028000000E89A0D000000000001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000003F350200000000000100000001000000
"C:\Users\F-cay\Desktop\QuickDiag.exe"=0x5341435001000000000000000700000028000000A8812400214D250001000000000000000000000A0021000033504C2B57DFD1010000000000000000


---------- | IFEO


---------- | Mountpoints2


---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=131210719701333188

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender
"ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100
"ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000
"RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe
"DisableAntiSpyware"=1
"ProductType"=2
"ManagedDefenderProductType"=0
"ProductStatus"=0
"InstallTime"=0xC25B354DDC34CE01
"DisableAntiVirus"=1
"InstallLocation"=C:\Program Files\Windows Defender\

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

---------- | Winsock (Whitelist)

[HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000005] : LavasoftLSP
[HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000005] : LavasoftLSP

---------- | Hosts

127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
103.50.162.86 s7.addthis.com
103.50.162.86 contextual.media.net
[32] More lines

---------- | @

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Internet Explorer\Main]
"Anchor Underline"=yes
"Disable Script Debugger"=yes
"DisableScriptDebuggerIE"=yes
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Save_Session_History_On_Exit"=no
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"UseClearType"=no
"XMLHTTP"=1
"Cache_Update_Frequency"=Once_Per_Session
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"NoUpdateCheck"=1
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=www.google.com
"Default_Page_URL"=http://www.google.com
"DisableFirstRunCustomize"=3
"OperationalData"=12
"CompatibilityFlags"=0
"FullScreen"=no
"Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0B010000BD00000099050000F2030000
"IE10RunOncePerInstallCompleted"=1
"IE10RunOnceCompletionTime"=0x5B5D856DE16BD101
"IconCache"=pd801uh
"DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF1D000000210000009D02000001020000
"Start Page Before"=http://asus13.msn.com
"Search Page Before"=http://go.microsoft.com/fwlink/?LinkId=54896
"ImageStoreRandomFolder"=gl5abd0
"ApplicationTileImmersiveActivation"=0
"AssociationActivationMode"=2
"SuppressScriptDebuggerDialog"=0
"Default_Search_URL"=http://www.google.com
"Use FormSuggest"=no
"AutoHide"=yes
"EdgeSwitchingOSBuildNumber"=10586.th2_release.160906-1759

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"DisableCachingOfSSLPages"=0
"IE5_UA_Backup_Flag"=5.0
"PrivacyAdvanced"=1
"SecureProtocols"=2688
"CertificateRevocation"=1
"EnableNegotiate"=1
"MigrateProxy"=1
"ReceiveTimeOut"=600000
"User Agent"=Mozilla/4.0 (compatible; MSIE; Win32)
"ZonesSecurityUpgrade"=0x85ED29296C27D201
"EmailName"=User@
"AutoConfigProxy"=wininet.dll
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges 
"WarnOnPost"=0x01000000
"UseSchannelDirectly"=0x01000000
"EnableHttp1_1"=1
"UrlEncoding"=0
"WarnonZoneCrossing"=0
"GlobalUserOffline"=0
"UseEnabled"=42385
"ProxyEnable"=0

[HKLM\Software\Microsoft\Internet Explorer\Main]
"Anchor_Visitation_Horizon"=0x01000000
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Cache_Percent_of_Disk"=0x0A000000
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\System32\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"Default_Search_URL"=http://www.google.com
"Default_Page_URL"=http://www.google.com
"Start Page"=http://www.google.com
"Search Page"=http://www.google.com
"TabProcGrowth"=Medium
"Print_Background"=0
"AlwaysShowMenus"=0
"StatusBarWeb"=1
"DoNotTrack"=1

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"Anchor_Visitation_Horizon"=0x01000000
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1


---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon] : SDWinLogon.dll

---------- | SIOI | SSODL | SEH | URLSH | STS

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} --  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll   [14/11/2015 04:23:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303} --  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll   [14/11/2015 04:23:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} --  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll   [14/11/2015 04:23:12]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  C:\Windows\System32\EhStorShell.dll   [16/07/2016 12:42:17]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\MacDrive10VolumeIcon] - {2D8107D0-B8BD-4517-A467-D1816FBB29CB} --  C:\Program Files\Mediafour\MacDrive 10\MDVolumeIcons.dll   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\MacDrive10VolumeIconReadOnly] - {34916EDE-C357-419A-BD17-AB27153474E1} --  C:\Program Files\Mediafour\MacDrive 10\MDVolumeIcons.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     


---------- | Toolbar

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"ITBar7Layout"=0x13000000000000000000000030000000100002003500000001000000000700005E0100000700000001030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065B90E651D8AC941A9410578F5CFC56900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"KnownProvidersUpgradeTime"=0xDABD656BE16BD101   
"Version"=4   
"UpgradeTime"=0xD0957D6BE16BD101   
"ShowSearchSuggestionsInAddressGlobal"=1   
"DefaultPackCorrection"=1   
"DownloadRetries"=4   
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   
"DefaultPackNTCorrection"=1   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"=   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar]
"{650EB965-8A1D-41C9-A941-0578F5CFC569}"=Flash and Media Capture Bar   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


---------- | Extensions

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer Ã  OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}] : () -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{F6F76DF4-FD65-4DE7-942F-4BD5DE9B1C6B}] : () -       []

---------- | SearchScopes

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4}] - (Google) - https://www.google.fr/search?q={searchTerms} : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 

---------- | Browser Helper Objects

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] -> (PlusIEEventHelper Class) : C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll  [06/02/2009 15:40:14]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll  [15/02/2015 18:18:59]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll  [15/02/2015 18:18:59]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8803722-A7F5-45C5-B39A-A8B244486EC2}] -> (Flash and Media Capture Helper) : C:\Program Files (x86)\MetaProducts Flash & Media Capture\FMCapt.dll  [06/03/2013 16:33:28]

---------- | Chrome



---------- | Opera


---------- | Firefox


[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\MozillaPlugins\@samsungsmartcam.com/npwViewer] - (Samsung Techwin SmartCam WebViewer Plugin) : C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib.dll
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\MozillaPlugins\@samsungsmartcam.com/npwViewer_turn] - (Samsung Techwin SmartCam WebViewer Plugin) : C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib_turn.dll
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\MozillaPlugins\samsungtechwin.com/SmartCamFinder] - (Samsung Techwin SmartCam Finder Plugin) : C:\Program Files (x86)\Samsung\SmartCam\npSmartCamFinder.dll
[HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (AdobeÂ® FlashÂ® Player 23.0.0.207 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (AdobeÂ® FlashÂ® Player 23.0.0.207 Plugin) : C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=] - (Module iTunes Detector) : 
[HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] - () : C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2] - (Javaâ¢ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2] - (OracleÂ® Next Generation Javaâ¢ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@samsungsmartcam.com/npwViewer] - (Samsung Techwin SmartCam WebViewer Plugin) : C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@samsungsmartcam.com/npwViewer_turn] - (Samsung Techwin SmartCam WebViewer Plugin) : C:\Program Files (x86)\Samsung\SmartCam\npwViewer_lib_turn.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@TrendMicro.com/FFExtension] - (TrendMicro Toolbar Rating Plugin) : C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\samsungtechwin.com/SmartCamFinder] - () : C:\Program Files (x86)\Samsung\SmartCam\npSmartCamFinder.dll


---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=80.10.46.232
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{b0a23429-cb8b-4a2b-8dfe-68eda524a6d4}]
"DhcpNameServer"=80.10.46.232
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{eada79fb-40ca-4c6d-9e95-21ea4c4a2c53}]
"DhcpNameServer"=80.10.46.232
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b0a23429-cb8b-4a2b-8dfe-68eda524a6d4}]
"DhcpNameServer"=80.10.46.232
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{eada79fb-40ca-4c6d-9e95-21ea4c4a2c53}]
"DhcpNameServer"=80.10.46.232

---------- | Applications

[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L"
[HKLM\SOFTWARE\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\mpc-hc.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC\mpc-hc.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\Office12\OIS.EXE /shellOpen "%1"
[HKLM\SOFTWARE\Classes\Applications\PDFPlus.exe] : "C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PDFPlus.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\mpc-hc.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC\mpc-hc.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\mpc-hc64.exe] : "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~1\Office12\OIS.EXE /shellOpen "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PDFPlus.exe] : "C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PDFPlus.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | Svchost - Netsvcs (Whitelisted)


---------- | Software







[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\4shared]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Adobe]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Aiseesoft Studio]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\AppDataLow]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Apple Computer, Inc.]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Apple Inc.]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\ASUS]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Atheros]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Azureus]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Bogosoft]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Brother]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\BugSplat]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Canneverbe Limited]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Clients]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Clubic]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Convar]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\CoSoSys]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\CyberLink]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\DirectShow]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\EE826C2B34E417510F40326C4BFA7F9A]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\ej-technologies]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\FileZilla Client]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\FLEXnet]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\foxtab]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\GNU]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Google]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Haali]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Icaros]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\IM Providers]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\InstallShield]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\IvoSoft]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\JavaSoft]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Lake]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\LinuxLive]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Macromedia]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\madshi]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Magix]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Magnet]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Malwarebytes' Anti-Malware]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\MediaInfo]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\MetaProducts]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Mirage]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Mozilla]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\MozillaPlugins]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\MPC-HC]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Nero]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Netscape]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\NVIDIA Corporation]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\ODBC]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Partition Assistant]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Piriform]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Policies]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\QtProject]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Realtek]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\RealVNC]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\RegisteredApplications]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Safer Networking Limited]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\ScanSoft]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Skype]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\SmartCam]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Sony Creative Software]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\SourceForge]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\sysinternals]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Trolltech]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\undefined]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\VB and VBA Program Settings]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Vitalwerks]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\VMware, Inc.]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\WinRAR]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\WinRAR SFX]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Wondershare]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Wow6432Node]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Zeon]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\AppDataLow\Software\JavaSoft]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\AppDataLow\Software\ThinPrint]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\Roaming]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\Software\Microsoft\Windows NT\CurrentVersion]



[HKLM\Software\ActiveState]
[HKLM\Software\Adobe]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Azureus]
[HKLM\Software\Brother]
[HKLM\Software\Clients]
[HKLM\Software\CoreSecurity]
[HKLM\Software\Dolby]
[HKLM\Software\DRWNewFree]
[HKLM\Software\DTS]
[HKLM\Software\EASEUS]
[HKLM\Software\ej-technologies]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\FileZilla 3]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Icaros]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\IvoSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LAV64]
[HKLM\Software\Macromedia]
[HKLM\Software\MAGIX]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\Mediafour]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Nuance]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Partner]
[HKLM\Software\Perl]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RTLSetup]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SAMSUNG]
[HKLM\Software\ScanSoft]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\SRS Labs]
[HKLM\Software\sysinternals]
[HKLM\Software\Waves Audio]
[HKLM\Software\Weviingthwitain]
[HKLM\Software\WinRAR]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Zeon]
[HKLM\Software\Microsoft\Windows\ClickNote]
[HKLM\Software\Microsoft\Windows\Configuration]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\DWM]
[HKLM\Software\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Shell]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx]

[HKLM\Software\WOW6432Node\83c1a34d-bb24-7fea-a722-a5db297195a4]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AdwCleaner]
[HKLM\Software\WOW6432Node\AGEIA Technologies]
[HKLM\Software\WOW6432Node\Anlerdomaqery]
[HKLM\Software\WOW6432Node\Apple Inc.]
[HKLM\Software\WOW6432Node\Arerpywcuph]
[HKLM\Software\WOW6432Node\ASUS]
[HKLM\Software\WOW6432Node\Atheros]
[HKLM\Software\WOW6432Node\Baqich]
[HKLM\Software\WOW6432Node\Bogosoft]
[HKLM\Software\WOW6432Node\Brother]
[HKLM\Software\WOW6432Node\Brother Industries, Ltd.]
[HKLM\Software\WOW6432Node\Btrieve Technologies]
[HKLM\Software\WOW6432Node\Caechkuerward]
[HKLM\Software\WOW6432Node\Canneverbe Limited]
[HKLM\Software\WOW6432Node\CDDB]
[HKLM\Software\WOW6432Node\Chajadomwernuty]
[HKLM\Software\WOW6432Node\Ckapitainbulther]
[HKLM\Software\WOW6432Node\Ckasghthenepy]
[HKLM\Software\WOW6432Node\Ckepatain]
[HKLM\Software\WOW6432Node\CyberLink]
[HKLM\Software\WOW6432Node\Draleryrerption]
[HKLM\Software\WOW6432Node\Drilok]
[HKLM\Software\WOW6432Node\EE826C2B34E417510F40326C4BFA7F9A]
[HKLM\Software\WOW6432Node\Fafiarampy]
[HKLM\Software\WOW6432Node\FileZilla 3]
[HKLM\Software\WOW6432Node\Gitfivoch]
[HKLM\Software\WOW6432Node\GNU]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\HaaliMkx]
[HKLM\Software\WOW6432Node\Icaros]
[HKLM\Software\WOW6432Node\IM Providers]
[HKLM\Software\WOW6432Node\InstallShield]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\JreMetrics]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\KLCodecPack]
[HKLM\Software\WOW6432Node\Lake]
[HKLM\Software\WOW6432Node\LAV]
[HKLM\Software\WOW6432Node\Lavasoft]
[HKLM\Software\WOW6432Node\Lezghheback]
[HKLM\Software\WOW6432Node\Licenses]
[HKLM\Software\WOW6432Node\LinuxLive USB Creator]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\MAGIX]
[HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\WOW6432Node\Marroki Mailer Anonyme]
[HKLM\Software\WOW6432Node\McAfee.com]
[HKLM\Software\WOW6432Node\mcafeeupdater]
[HKLM\Software\WOW6432Node\Mefiing]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\mozilla.org]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Nero]
[HKLM\Software\WOW6432Node\Nuance]
[HKLM\Software\WOW6432Node\NVIDIA Corporation]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\Paragon Software]
[HKLM\Software\WOW6432Node\Prmution]
[HKLM\Software\WOW6432Node\Python]
[HKLM\Software\WOW6432Node\Realtek]
[HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\WOW6432Node\Reiqry]
[HKLM\Software\WOW6432Node\Rene.E Laboratory]
[HKLM\Software\WOW6432Node\RtWLan]
[HKLM\Software\WOW6432Node\Safer Networking Limited]
[HKLM\Software\WOW6432Node\Samsung]
[HKLM\Software\WOW6432Node\ScanSoft]
[HKLM\Software\WOW6432Node\Serpubisole]
[HKLM\Software\WOW6432Node\Skype]
[HKLM\Software\WOW6432Node\Sony Creative Software]
[HKLM\Software\WOW6432Node\Stellar information Systems ltd.]
[HKLM\Software\WOW6432Node\Sterla]
[HKLM\Software\WOW6432Node\Thewuph]
[HKLM\Software\WOW6432Node\VideoLAN]
[HKLM\Software\WOW6432Node\Visioneer]
[HKLM\Software\WOW6432Node\Vitalwerks]
[HKLM\Software\WOW6432Node\VMware, Inc.]
[HKLM\Software\WOW6432Node\Volatile]
[HKLM\Software\WOW6432Node\WafCX]
[HKLM\Software\WOW6432Node\WinPcap]
[HKLM\Software\WOW6432Node\Wondershare]
[HKLM\Software\WOW6432Node\WOW6432Node]
[HKLM\Software\WOW6432Node\ZEON]
[HKLM\Software\WOW6432Node\{84416237-6490-494D-9AD6-4994DD978971}]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]


---------- | Drives


D:


E:


---------- | C:

[22/08/2013 16:36:31] - |SHD| - [361864909] - C:\$Recycle.Bin
[21/01/2017 19:15:52] - |HD| - [391176] - C:\$SysReset
[16/02/2015 20:27:47] - |D| - [6727611] - C:\AdwCleaner
[MD5.86A5B22CAC212012766DD87D8854DB93] - [08/11/2016 18:30:48] - |H| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN
[MD5.21BF183C15AFE62A8D1137BB9007B2A3] - [26/07/2012 09:18:43] - |RASH| - (.-.) - [398156] - (0.0.0.0) - C:\bootmgr
[MD5.93B885ADFE0DA089CDF634904FD59F71] - [26/07/2012 09:18:43] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT
[15/04/2015 19:59:22] - |D| - [451456] - C:\Brother
[14/11/2016 21:03:33] - |D| - [247680] - C:\Brother's Keeper 7
[MD5.7ADB9E41548DEEB9312F397753AFFE3C] - [15/04/2013 07:43:21] - |A| - (.-.) - [47] - (0.0.0.0) - C:\chid
[22/08/2013 15:45:52] - |SHD| - [0] - C:\Documents and Settings
[23/03/2014 11:54:31] - |SHD| - [232120] - C:\found.000
[23/03/2014 11:54:31] - |SHD| - [61547] - C:\found.001
[23/03/2014 11:54:31] - |SHD| - [58752] - C:\found.002
[23/03/2014 11:54:31] - |SHD| - [10445] - C:\found.003
[23/03/2014 11:54:31] - |SHD| - [5775] - C:\found.004
[23/03/2014 11:54:31] - |SHD| - [3133] - C:\found.005
[23/03/2014 11:54:31] - |SHD| - [3347] - C:\found.006
[23/03/2014 11:54:31] - |SHD| - [231492] - C:\found.007
[23/03/2014 11:54:31] - |SHD| - [56268] - C:\found.008
[23/03/2014 11:54:31] - |SHD| - [59269] - C:\found.009
[23/03/2014 11:54:31] - |SHD| - [330582] - C:\found.010
[23/03/2014 11:54:31] - |SHD| - [2535] - C:\found.011
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/10/2016 06:57:44] - |ASH| - (.-.) - [3415949312] - (0.0.0.0) - C:\hiberfil.sys
[25/01/2013 13:26:35] - |D| - [777544] - C:\Intel
[18/08/2015 21:10:05] - |D| - [28875] - C:\Log
[27/04/2016 06:50:24] - |D| - [16285696] - C:\Logs
[27/12/2016 20:44:07] - |D| - [18372] - C:\Microsoft
[20/03/2015 19:49:01] - |RHD| - [363779133] - C:\MSOCache
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [09/04/2013 04:14:05] - |ASH| - (.-.) - [1342177280] - (0.0.0.0) - C:\pagefile.sys
[16/07/2016 12:47:47] - |D| - [0] - C:\PerfLogs
[19/02/2015 21:03:13] - |AD| - [116674532] - C:\Perl64
[16/07/2016 07:04:24] - |RD| - [8221892008] - C:\Program Files
[16/07/2016 07:04:24] - |RD| - [5757106612] - C:\Program Files (x86)
[16/07/2016 12:47:48] - |HD| - [4770683554] - C:\ProgramData
[19/02/2015 21:01:57] - |D| - [67201987] - C:\Python34
[22/01/2017 10:14:37] - |D| - [262051] - C:\QuickDiag
[MD5.157D594B9C60E277C6FAE3856F14074F] - [22/01/2017 10:15:04] - |A| - (.-.) - [227927] - (0.0.0.0) - C:\QuickDiag.txt
[16/10/2016 07:40:50] - |SHD| - [971] - C:\Recovery
[14/04/2016 19:42:51] - |D| - [9923] - C:\searchplugins
[11/12/2012 10:33:25] - |D| - [0] - C:\sources
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [09/04/2013 04:14:05] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys
[09/04/2013 04:13:57] - |SHD| - [7522137976] - C:\System Volume Information
[MD5.3382C5F4E5290B6A67E544D226FD4A84] - [20/01/2017 22:21:54] - |A| - (.-.) - [97944] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_20.01.2017_22.21.54_log.txt
[MD5.9B8E3E7DA0EBB9B82483788E96165ED9] - [20/01/2017 22:23:10] - |A| - (.-.) - [101122] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_20.01.2017_22.23.10_log.txt
[25/01/2013 13:31:37] - |D| - [0] - C:\temp
[16/07/2016 07:04:24] - |RD| - [52651539852] - C:\Users
[19/11/2016 09:11:52] - |D| - [45] - C:\Vitalwerks
[16/07/2016 07:04:24] - |D| - [29919689040] - C:\Windows

---------- | C:\WINDOWS

[16/07/2016 12:47:48] - |D| - [802] - C:\WINDOWS\addins
[16/07/2016 12:47:48] - |D| - [25764611] - C:\WINDOWS\appcompat
[16/07/2016 12:47:48] - |D| - [12471204] - C:\WINDOWS\AppPatch
[16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\AppReadiness
[MD5.2B55921FB6A94B8B9F58FCD391288772] - [11/12/2012 11:34:47] - |A| - (.-.) - [4080] - (0.0.0.0) - C:\WINDOWS\Ascd_log.ini
[MD5.8599F12FF56B8F5282467327CE4ACF5C] - [11/12/2012 11:34:42] - |A| - (.-.) - [2645] - (0.0.0.0) - C:\WINDOWS\Ascd_tmp.ini
[16/07/2016 12:47:47] - |RD| - [535175870] - C:\WINDOWS\assembly
[MD5.5C5FBD6C9B7D41E1DCFB206F220143AC] - [11/12/2012 12:00:49] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\ASUSBuildDate.txt
[MD5.81051BCC2CF1BEDF378224B0A93E2877] - [25/01/2013 13:41:16] - |A| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\As_Process_Pass.tag
[26/07/2012 09:12:59] - |D| - [0] - C:\WINDOWS\AUInstallAgent
[16/07/2016 12:47:48] - |D| - [281160] - C:\WINDOWS\bcastdvr
[MD5.7B465E25ADF5D6DBCE9DCAE3C6545405] - [16/07/2016 12:42:16] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Utilitaire de service de fichier de dÃ©marrage.) - [61440] - (10.0.14393.0) - C:\WINDOWS\bfsvc.exe
[16/07/2016 12:47:48] - |D| - [38116021] - C:\WINDOWS\Boot
[MD5.5E0D2FC5010E54AAFD5ADA11DB196A48] - [16/10/2016 06:42:55] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat
[16/07/2016 12:47:48] - |D| - [3715608] - C:\WINDOWS\Branding
[MD5.7D6E128FDC85D9EC2130ECAEC7FB7C76] - [15/04/2015 19:59:19] - |A| - (.-.) - [66] - (0.0.0.0) - C:\WINDOWS\Brfaxrx.ini
[MD5.8BF7EFB7844B14F7C56C59A3E141F158] - [15/04/2015 20:00:32] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\brpcfx.ini
[MD5.461916EBBF136BA292E97AC2E0114F86] - [15/04/2015 20:00:32] - |A| - (.-.) - [86] - (0.0.0.0) - C:\WINDOWS\Brpfx04a.ini
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/04/2015 20:00:15] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\BRRBCOM.INI
[16/07/2016 12:36:22] - |D| - [0] - C:\WINDOWS\CbsTemp
[MD5.A0668AE158B080E704DB1BE49C68E3B7] - [16/10/2016 07:00:24] - |A| - (.-.) - [14247] - (0.0.0.0) - C:\WINDOWS\comsetup.log
[MD5.D6CE3EEAB0B72F8014E62C728CEA5605] - [16/07/2016 23:46:34] - |A| - (.-.) - [33498] - (0.0.0.0) - C:\WINDOWS\Core.xml
[MD5.5C5FBD6C9B7D41E1DCFB206F220143AC] - [11/12/2012 12:00:49] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\CSUP.TXT
[16/07/2016 12:47:48] - |D| - [8970858] - C:\WINDOWS\Cursors
[11/12/2012 12:04:02] - |D| - [117760] - C:\WINDOWS\de
[11/12/2012 10:33:26] - |D| - [0] - C:\WINDOWS\de-DE
[16/07/2016 12:47:48] - |D| - [10550590] - C:\WINDOWS\debug
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [16/10/2016 07:10:44] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml
[16/07/2016 12:47:48] - |D| - [4543876] - C:\WINDOWS\diagnostics
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [16/10/2016 07:10:44] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml
[16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\DigitalLocker
[16/07/2016 12:47:48] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files
[MD5.14D8CE47C71EF265842918F3ED326EDF] - [16/07/2016 12:49:13] - |A| - (.-.) - [4176] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log
[11/12/2012 12:04:08] - |D| - [117760] - C:\WINDOWS\el
[16/07/2016 12:47:48] - |HD| - [44056] - C:\WINDOWS\ELAMBKUP
[MD5.DAD0209252887D1AE2B728F15946E246] - [11/12/2012 11:43:56] - |A| - (.-.) - [432254] - (0.0.0.0) - C:\WINDOWS\eManual.ico
[11/12/2012 12:03:53] - |D| - [116736] - C:\WINDOWS\en
[11/12/2012 10:22:01] - |D| - [116736] - C:\WINDOWS\en-GB
[16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\en-US
[11/12/2012 12:04:14] - |D| - [117248] - C:\WINDOWS\es
[11/12/2012 11:14:48] - |D| - [0] - C:\WINDOWS\es-ES
[MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [10/12/2016 08:52:51] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Explorateur Windows.) - [4673304] - (10.0.14393.479) - C:\WINDOWS\explorer.exe
[16/07/2016 12:47:48] - |RSD| - [616803306] - C:\WINDOWS\Fonts
[11/12/2012 12:04:20] - |D| - [117248] - C:\WINDOWS\fr
[16/07/2016 23:40:08] - |D| - [122368] - C:\WINDOWS\fr-FR
[16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter
[16/07/2016 12:47:48] - |D| - [20732976] - C:\WINDOWS\Globalization
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/01/2013 13:21:17] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\HDT-Exit_Pass.tag
[16/07/2016 12:47:48] - |D| - [74307709] - C:\WINDOWS\Help
[MD5.553DF2ABF34649763324BC5470D04317] - [16/07/2016 12:42:20] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Aide et support Microsoft.) - [975360] - (10.0.14393.0) - C:\WINDOWS\HelpPane.exe
[MD5.52AFE6DE5E463B7A08C184B1EB49DD6A] - [16/07/2016 12:42:21] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - ExÃ©cutable de lâaide HTML MicrosoftÂ®.) - [18432] - (10.0.14393.0) - C:\WINDOWS\hh.exe
[16/07/2016 12:47:48] - |D| - [173189928] - C:\WINDOWS\IME
[16/07/2016 12:47:48] - |RD| - [6842480] - C:\WINDOWS\ImmersiveControlPanel
[16/07/2016 12:45:54] - |D| - [94638838] - C:\WINDOWS\INF
[16/07/2016 12:47:48] - |D| - [1082161303] - C:\WINDOWS\InfusedApps
[16/07/2016 12:47:48] - |D| - [36285422] - C:\WINDOWS\InputMethod
[27/03/2006 01:47:21] - |RSHD| - [0] - C:\WINDOWS\install
[16/07/2016 12:47:48] - |SHDC| - [3109177341] - C:\WINDOWS\Installer
[11/12/2012 12:04:27] - |D| - [116736] - C:\WINDOWS\it
[11/12/2012 10:50:53] - |D| - [0] - C:\WINDOWS\it-IT
[16/07/2016 12:47:48] - |D| - [89407] - C:\WINDOWS\L2Schemas
[MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [11/12/2012 11:34:43] - |A| - (.-.) - [1769] - (0.0.0.0) - C:\WINDOWS\Language_trs.ini
[16/07/2016 12:47:48] - |D| - [2592152] - C:\WINDOWS\LiveKernelReports
[16/07/2016 07:04:29] - |D| - [352668980] - C:\WINDOWS\Logs
[MD5.852B0525165115E4121D8F413B3D7B0E] - [28/04/2011 14:33:20] - |RA| - (.-.) - [34659] - (0.0.0.0) - C:\WINDOWS\MAXLINK.ini
[16/07/2016 12:47:48] - |RSD| - [20316123] - C:\WINDOWS\Media
[22/08/2013 16:36:31] - |D| - [1619968] - C:\WINDOWS\MediaViewer
[MD5.949F994A22A32C5E7F9912B2625A6D71] - [19/11/2016 21:01:13] - |A| - (.-.) - [610619067] - (0.0.0.0) - C:\WINDOWS\MEMORY.DMP
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [16/07/2016 12:42:12] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin
[16/07/2016 12:47:47] - |RD| - [602722631] - C:\WINDOWS\Microsoft.NET
[16/07/2016 12:47:48] - |D| - [2563] - C:\WINDOWS\Migration
[19/11/2016 21:01:16] - |D| - [4183032] - C:\WINDOWS\Minidump
[16/07/2016 12:47:48] - |RD| - [484593] - C:\WINDOWS\MiracastView
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/11/2016 21:03:01] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\MKDEMSG.LOG
[16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\ModemLogs
[11/12/2012 12:04:33] - |D| - [117248] - C:\WINDOWS\nl
[11/12/2012 10:57:17] - |D| - [0] - C:\WINDOWS\nl-NL
[MD5.3B508CAE5DEBCBA928B5BC355517E2E6] - [16/07/2016 12:43:51] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Bloc-notes.) - [243200] - (10.0.14393.0) - C:\WINDOWS\notepad.exe
[16/07/2016 23:41:15] - |D| - [199472] - C:\WINDOWS\OCR
[MD5.BE6F0BCFEB6E4D12E1BA38CE3F4E4B90] - [11/12/2012 10:18:09] - |A| - (.-.) - [68] - (0.0.0.0) - C:\WINDOWS\OEMVer.txt
[16/07/2016 12:47:48] - |RD| - [65] - C:\WINDOWS\Offline Web Pages
[16/10/2016 07:40:45] - |DC| - [281217830] - C:\WINDOWS\Panther
[16/07/2016 12:47:48] - |D| - [29393089] - C:\WINDOWS\Performance
[MD5.A50240AF4175BF8098987B15CA84DD61] - [16/10/2016 13:20:36] - |A| - (.-.) - [1060732] - (0.0.0.0) - C:\WINDOWS\PFRO.log
[16/07/2016 12:47:48] - |D| - [1136442] - C:\WINDOWS\PLA
[16/07/2016 12:47:48] - |D| - [2656332] - C:\WINDOWS\PolicyDefinitions
[16/10/2016 06:41:53] - |D| - [18755067] - C:\WINDOWS\Prefetch
[16/07/2016 12:47:48] - |RD| - [2036530] - C:\WINDOWS\PrintDialog
[16/07/2016 12:47:48] - |D| - [1415119] - C:\WINDOWS\Provisioning
[11/12/2012 11:07:58] - |D| - [117760] - C:\WINDOWS\pt-PT
[MD5.406B4A11D8FC27F3F8590821CDA55FBA] - [06/10/2014 22:13:58] - |A| - (.Copyright (C) 2011-2012 Python Software Foundation - Python Launcher for Windows (Console).) - [102400] - (3.4.2150.1013) - C:\WINDOWS\py.exe
[MD5.BE1BF3F1805818372D8ACCBD7E32EB78] - [06/10/2014 22:13:58] - |A| - (.Copyright (C) 2011-2012 Python Software Foundation - Python Launcher for Windows (Console).) - [102912] - (3.4.2150.1013) - C:\WINDOWS\pyw.exe
[MD5.EFE3D78833FEDAF7F24C264BF9976301] - [16/07/2016 12:42:17] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Ãditeur du Registre.) - [320512] - (10.0.14393.0) - C:\WINDOWS\regedit.exe
[16/07/2016 12:47:48] - |D| - [1117876] - C:\WINDOWS\Registration
[16/07/2016 12:47:48] - |D| - [9236844] - C:\WINDOWS\rescache
[16/07/2016 12:47:48] - |D| - [4378026] - C:\WINDOWS\Resources
[MD5.9FCED27FC13C71D6DB2E1CE56BBAA30C] - [18/04/2013 19:30:51] - |A| - (.Copyright (C) Realtek Semiconductor Corp. - Realtek CCX IHV UI Extensions DLL.) - [188416] - (600.1003.324.2009) - C:\WINDOWS\RTLExtUI.dll
[MD5.2A7B78F4CFA0F1A5655891DDAACEFAD9] - [11/12/2012 11:34:52] - |RA| - (.Copyright (C) 2012 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1706640] - (1.0.3.8) - C:\WINDOWS\RtlExUpd.dll
[MD5.00D8BA2934C8B2EC7137C88B8C96F122] - [18/04/2013 19:30:51] - |A| - (.Copyright (C) Realtek Semiconductor Corp. - Realtek CCX SDK IHV Service.) - [614400] - (600.1002.508.2008) - C:\WINDOWS\Rtlihvs.dll
[MD5.DA256F9F53336B560201CDEFEAE35320] - [18/04/2013 19:30:51] - |A| - (.2008: (c) Realtek. - CCX Diagnostics.) - [380928] - (700.1002.311.2009) - C:\WINDOWS\RtlUI2.exe
[16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\SchCache
[16/07/2016 12:47:48] - |D| - [121229] - C:\WINDOWS\schemas
[16/07/2016 12:47:48] - |D| - [5492874] - C:\WINDOWS\security
[16/10/2016 06:41:53] - |D| - [117485593] - C:\WINDOWS\ServiceProfiles
[16/07/2016 07:04:24] - |D| - [169927690] - C:\WINDOWS\servicing
[16/07/2016 12:49:46] - |D| - [42] - C:\WINDOWS\Setup
[MD5.D779B823451DDF5B0BB7B39F317E16C9] - [16/10/2016 06:42:35] - |A| - (.-.) - [31862] - (0.0.0.0) - C:\WINDOWS\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [16/10/2016 06:42:35] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log
[16/07/2016 12:47:48] - |D| - [31190016] - C:\WINDOWS\ShellExperiences
[27/04/2016 06:29:00] - |D| - [37403] - C:\WINDOWS\ShellNew
[16/07/2016 23:40:46] - |D| - [3070736] - C:\WINDOWS\SKB
[25/01/2013 13:28:23] - |D| - [162160872] - C:\WINDOWS\SoftwareDistribution
[16/07/2016 12:47:48] - |D| - [86039341] - C:\WINDOWS\Speech
[16/07/2016 12:47:48] - |D| - [53541356] - C:\WINDOWS\Speech_OneCore
[MD5.BCDB205132974EC3AB6F5C01DD93489B] - [28/10/2016 18:55:10] - |A| - (.Â© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.14393.351) - C:\WINDOWS\splwow64.exe
[16/07/2016 12:47:48] - |D| - [31039] - C:\WINDOWS\System
[MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 14:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini
[16/07/2016 07:04:24] - |D| - [13534384322] - C:\WINDOWS\System32
[16/07/2016 12:47:48] - |D| - [144046344] - C:\WINDOWS\SystemApps
[16/07/2016 12:47:48] - |D| - [17529069] - C:\WINDOWS\SystemResources
[16/07/2016 07:04:27] - |AD| - [1386349963] - C:\WINDOWS\SysWOW64
[16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\TAPI
[22/08/2013 16:36:30] - |D| - [1222] - C:\WINDOWS\Tasks
[16/07/2016 12:47:48] - |D| - [2837598] - C:\WINDOWS\Temp
[22/08/2013 16:36:30] - |RD| - [0] - C:\WINDOWS\ToastData
[16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\tracing
[16/07/2016 12:47:48] - |D| - [7567983] - C:\WINDOWS\twain_32
[MD5.21F91141B4796108A50733B14850CDF2] - [16/07/2016 12:43:52] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [66560] - (1.7.1.3) - C:\WINDOWS\twain_32.dll
[MD5.D256E9A1757094B8D299F00BE24E071F] - [11/12/2012 11:43:59] - |A| - (.ASUSTek Copyright (C) 2007 - InstallShield Helper.) - [192512] - (1.0.1.4) - C:\WINDOWS\UpdateHelper.dll
[22/08/2013 16:36:30] - |D| - [0] - C:\WINDOWS\vpnplugins
[16/07/2016 12:47:48] - |D| - [12420] - C:\WINDOWS\Vss
[16/07/2016 12:47:48] - |D| - [16165004] - C:\WINDOWS\Web
[MD5.10A52910CEFC0E2F1938CE3DC0D0362D] - [11/12/2012 11:43:59] - |A| - (.-.) - [432254] - (0.0.0.0) - C:\WINDOWS\WhyPCICON.ico
[MD5.7A4A5CCC390A839F6592EFAD70C5C81A] - [22/08/2013 14:25:43] - |A| - (.-.) - [214] - (0.0.0.0) - C:\WINDOWS\win.ini
[MD5.C844CA459F3B209329984772269B6E56] - [16/07/2016 12:42:32] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest
[MD5.038356387332650843BCB352BB89A101] - [27/04/2014 19:53:04] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log
[MD5.9328E170E5407D9DDE7EB1E208A2CBB4] - [16/07/2016 12:42:48] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Relais Windows Winhlp32.) - [10240] - (10.0.14393.0) - C:\WINDOWS\winhlp32.exe
[MD5.0A34066D56D57C0DA73BFFC1E4169FF2] - [01/01/2017 11:10:00] - |A| - (.-.) - [85] - (0.0.0.0) - C:\WINDOWS\wininit.ini
[16/07/2016 07:04:24] - |D| - [6367057014] - C:\WINDOWS\WinSxS
[MD5.308BAF0DA88AFB5A0431AB62DB217318] - [13/09/2012 00:57:44] - |A| - (.Â© 2012 Microsoft Corporation. Tous droits rÃ©servÃ©s. - Ãcran de veille de la Galerie de photos.) - [322048] - (16.4.3505.912) - C:\WINDOWS\WLXPGSS.SCR
[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [16/07/2016 12:43:08] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx
[MD5.E87C6A38E61A712C48025A6AD54C1113] - [16/07/2016 12:42:39] - |A| - (.Â© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.14393.0) - C:\WINDOWS\write.exe
[11/12/2012 11:02:32] - |D| - [114688] - C:\WINDOWS\zh-CN
[11/12/2012 10:27:18] - |D| - [114688] - C:\WINDOWS\zh-TW

---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[14/01/2017 10:14:26] - C:\WINDOWS\Installer\11b469.msi : (Skype - Skype Technologies S.A.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/03/2013 16:35:54] - C:\WINDOWS\Installer\1228b47.msi : (MetaProducts Flash and Media Capture Installer - MetaProducts corp.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/08/2015 18:50:12] - C:\WINDOWS\Installer\127113e.msi : (WebCompanion - Lavasoft)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/08/2015 18:50:45] - C:\WINDOWS\Installer\1271142.msi : (TcpService - Lavasoft)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/10/2015 10:16:44] - C:\WINDOWS\Installer\14767fec.msi : (MacDrive 10 Standard Setup - Mediafour Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[09/08/2011 10:00:50] - C:\WINDOWS\Installer\16d99257.msi : (Nuance PaperPort 12 - Nuance Communications, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[09/08/2011 10:01:44] - C:\WINDOWS\Installer\16d9925e.msi : (Installer for Nuance PDF Professional 5 - Nuance Communications, Inc)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/04/2011 04:28:48] - C:\WINDOWS\Installer\16d99266.msi : (PaperPort Image Printer Driver AMD64 - Nuance Communications, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/05/2015 19:41:41] - C:\WINDOWS\Installer\241f04a4.msi : (Classic Shell - IvoSoft)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/04/2012 14:23:42] - C:\WINDOWS\Installer\25166.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/06/2012 16:56:58] - C:\WINDOWS\Installer\2516b.msi : (Install/UnInstall PhysX Driver + Engines: 2.3.1/2/3; 2.4.0/1/4; 2.5.0/1/3/4; 2.6.0/1/2/3/4; 2.7.0/1/2/3/4/5/6; 2.8.0/1/3 - NVIDIA Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/05/2011 04:33:42] - C:\WINDOWS\Installer\2517f.msi : (Firebird SQL Server - MAGIX Edition - v2.1.31.0 (en-US) - MAGIX AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/04/2012 03:13:56] - C:\WINDOWS\Installer\25186.msi : (ASUS Video easy - v3.0.1.42 (en-GB) - MAGIX AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/04/2012 03:10:12] - C:\WINDOWS\Installer\2519e.msi : (ASUS Music Maker - v18.0.3.3 (en-GB) - MAGIX AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/04/2012 06:57:02] - C:\WINDOWS\Installer\251a4.msi : (ASUS MX Suite - v1.13.0.121 (en-GB) - MAGIX AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[07/08/2012 06:52:42] - C:\WINDOWS\Installer\251ba.msi : (Blank Project Template - CyberLink Corp.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/01/2017 18:31:30] - C:\WINDOWS\Installer\2a1d9cf.msi : (Blank Project Template - SD Association)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/12/2015 21:14:34] - C:\WINDOWS\Installer\3f79ad02.msi : (Apple Application Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/12/2015 21:14:36] - C:\WINDOWS\Installer\3f79ad07.msi : (Apple Application Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2015 03:38:02] - C:\WINDOWS\Installer\3f79ad11.msi : (Apple Mobile Device Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/10/2015 22:25:40] - C:\WINDOWS\Installer\3f79ad16.msi : (Apple Software Update Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/12/2015 22:50:00] - C:\WINDOWS\Installer\3f79ad19.msi : (iTunes Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/02/2015 20:59:40] - C:\WINDOWS\Installer\5506164.msi : (Python 3.4.2 - Python Software Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/02/2015 20:59:20] - C:\WINDOWS\Installer\5506167.msi : (ActivePerl - ActiveState)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/04/2014 11:03:53] - C:\WINDOWS\Installer\55a94dc.msi : (Vegas Pro 13.0 (64-bit) - Sony)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/09/2016 12:20:58] - C:\WINDOWS\Installer\60439fb.msi : (Paragon HFS+ for Windowsâ¢ - Paragon Software)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/01/2017 08:17:45] - C:\WINDOWS\Installer\9bab67.msi : (Google Update Helper - Google Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/10/2016 18:40:41] - C:\WINDOWS\Installer\9eee526.msi : ( -)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/02/2015 18:16:40] - C:\WINDOWS\Installer\b6d10.msi : (Java SE Runtime Environment 8.0 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/02/2015 18:16:34] - C:\WINDOWS\Installer\b6d1e.msi : (Java Auto Updater - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/01/2017 09:22:57] - C:\WINDOWS\Installer\d80374.msi : (Google Update Helper - Google Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:43:59] - C:\WINDOWS\Installer\ee53200.msi : (Nero BurningROM 2015 - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:02] - C:\WINDOWS\Installer\ee5322f.msi : (NeroControlCenter - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:01] - C:\WINDOWS\Installer\ee5324a.msi : (Nero Core Components - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:02] - C:\WINDOWS\Installer\ee53250.msi : (Nero Burning ROM 15 - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:01] - C:\WINDOWS\Installer\ee53257.msi : (Nero Prerequisites - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:01] - C:\WINDOWS\Installer\ee5325e.msi : (Nero SharedVideoCodecs - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:01] - C:\WINDOWS\Installer\ee532a8.msi : (Nero Update - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:01] - C:\WINDOWS\Installer\ee532ae.msi : (Nero Launcher - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:02] - C:\WINDOWS\Installer\ee532bc.msi : (Nero BurningCore 15 - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2014 17:44:01] - C:\WINDOWS\Installer\ee532c3.msi : (Nero Info - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/08/2012 14:15:12] - C:\WINDOWS\Installer\f1a2c.msi : (Nero 12 Essentials OEM.a01 - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/08/2012 13:41:10] - C:\WINDOWS\Installer\f1a43.msi : (Nero Prerequisites 1 - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/08/2012 13:41:14] - C:\WINDOWS\Installer\f1a4b.msi : (Nero Express 12 - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/08/2012 13:41:48] - C:\WINDOWS\Installer\f1a53.msi : (Nero ControlCenter Help (CHM) - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/08/2012 13:41:14] - C:\WINDOWS\Installer\f1a5b.msi : (Nero Express Help (CHM) - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/08/2012 13:41:12] - C:\WINDOWS\Installer\f1a69.msi : (Nero Launcher - Nero AG)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]

---------- | %System%\*.in*

[16/07/2016 12:43:08] - [3458] - C:\WINDOWS\System32\ieuinit.inf
[20/08/2015 18:50:51] - [2944] - C:\WINDOWS\System32\LavasoftTcpServiceOff.ini
[23/06/2016 13:22:44] - [1798270] - C:\WINDOWS\System32\PerfStringBackup.INI
[16/07/2016 12:42:39] - [60124] - C:\WINDOWS\System32\tcpmon.ini
[16/07/2016 12:42:11] - [2307] - C:\WINDOWS\System32\WimBootCompress.ini
[21/11/2013 00:02:12] - [114] - C:\WINDOWS\Syswow64\BRLMW03A.INI
[16/07/2016 12:43:59] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf
[15/04/2013 07:45:20] - [954] - C:\WINDOWS\Syswow64\InstallUtil.InstallLog
[20/08/2015 18:50:51] - [2944] - C:\WINDOWS\Syswow64\LavasoftTcpServiceOff.ini
[26/04/2013 21:22:00] - [1820638] - C:\WINDOWS\Syswow64\PerfStringBackup.INI
[16/07/2016 12:42:43] - [2307] - C:\WINDOWS\Syswow64\WimBootCompress.ini

---------- | [Administrateur]

[27/04/2016 06:50:34] - |D| - [0] - C:\Users\Administrateur\AppData\Roaming\Adobe
[27/04/2016 06:43:26] - |SD| - [135931] - C:\Users\Administrateur\AppData\Roaming\Microsoft
[27/04/2016 06:45:51] - |D| - [0] - C:\Users\Administrateur\AppData\Local\ActiveSync
[27/04/2016 06:43:26] - |SHD| - [1320610460] - C:\Users\Administrateur\AppData\Local\Application Data
[04/05/2014 21:11:09] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Comodo
[04/05/2014 21:11:08] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Google
[27/04/2016 06:43:26] - |SHD| - [130] - C:\Users\Administrateur\AppData\Local\Historique
[27/04/2016 06:53:08] - |AH| - [3368] - C:\Users\Administrateur\AppData\Local\IconCache.db
[27/04/2016 06:43:26] - |D| - [114026756] - C:\Users\Administrateur\AppData\Local\Microsoft
[27/04/2016 06:43:33] - |D| - [3500604] - C:\Users\Administrateur\AppData\Local\Packages
[27/04/2016 06:43:26] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Temp
[27/04/2016 06:43:26] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files
[27/04/2016 06:43:32] - |D| - [11083776] - C:\Users\Administrateur\AppData\Local\TileDataLayer
[27/04/2016 06:50:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[27/04/2016 06:43:26] - |SHD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[27/04/2016 06:43:26] - |RD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[27/04/2016 06:43:26] - |RD| - [3888] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[27/04/2016 06:43:26] - |RD| - [2925] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[27/04/2016 06:50:36] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[27/04/2016 06:50:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[27/04/2016 06:43:26] - |D| - [170] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[27/04/2016 06:51:46] - |A| - [2405] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[27/04/2016 06:50:36] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[27/04/2016 06:43:26] - |RD| - [5318] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[27/04/2016 06:43:26] - |RSD| - [7238] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[27/04/2016 06:50:36] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [F-cay]

[09/04/2013 04:29:45] - |D| - [136181270] - C:\Users\F-cay\AppData\Roaming\Adobe
[24/02/2016 21:06:48] - |D| - [1461216699] - C:\Users\F-cay\AppData\Roaming\Apple Computer
[10/04/2013 18:59:42] - |D| - [26381390] - C:\Users\F-cay\AppData\Roaming\Azureus
[06/09/2014 16:13:28] - |D| - [593] - C:\Users\F-cay\AppData\Roaming\BRT
[16/10/2014 18:15:33] - |D| - [1557] - C:\Users\F-cay\AppData\Roaming\Canneverbe Limited
[20/05/2015 19:45:11] - |D| - [2137] - C:\Users\F-cay\AppData\Roaming\ClassicShell
[15/04/2015 20:09:45] - |D| - [57762] - C:\Users\F-cay\AppData\Roaming\ControlCenter4
[25/12/2014 11:27:48] - |D| - [2322] - C:\Users\F-cay\AppData\Roaming\CyberLink
[02/05/2014 10:39:16] - |D| - [25918] - C:\Users\F-cay\AppData\Roaming\FileZilla
[04/07/2015 06:51:49] - |D| - [542] - C:\Users\F-cay\AppData\Roaming\FLEXnet
[27/12/2016 20:43:44] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Ghehapy
[07/07/2013 07:18:18] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Identities
[04/04/2014 20:36:44] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\install
[11/04/2013 18:58:44] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\InstallShield
[20/08/2015 18:48:38] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Lavasoft
[09/04/2013 04:33:16] - |D| - [538] - C:\Users\F-cay\AppData\Roaming\Macromedia
[23/03/2014 13:06:01] - |D| - [13672] - C:\Users\F-cay\AppData\Roaming\MAGIX
[09/04/2013 05:53:52] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Malwarebytes
[24/11/2014 18:00:06] - |D| - [664] - C:\Users\F-cay\AppData\Roaming\MetaProducts
[16/10/2016 06:47:42] - |SD| - [10300246] - C:\Users\F-cay\AppData\Roaming\Microsoft
[05/04/2014 17:17:02] - |D| - [70484679] - C:\Users\F-cay\AppData\Roaming\Mozilla
[10/03/2015 21:00:59] - |D| - [90] - C:\Users\F-cay\AppData\Roaming\MPC-HC
[13/04/2013 18:06:17] - |D| - [180283] - C:\Users\F-cay\AppData\Roaming\Nero
[04/07/2015 06:44:38] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Nuance
[13/04/2013 16:19:57] - |D| - [5009634] - C:\Users\F-cay\AppData\Roaming\NVIDIA
[17/04/2015 19:13:02] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\PC-FAX TX
[26/12/2015 23:16:36] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\PDAppFlex
[27/12/2016 20:43:44] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Profiles
[04/11/2016 21:37:31] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Publish Providers
[20/08/2014 18:02:06] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Samsung
[28/09/2016 20:09:09] - |D| - [66013289] - C:\Users\F-cay\AppData\Roaming\Skype
[04/11/2016 21:37:27] - |D| - [0] - C:\Users\F-cay\AppData\Roaming\Sony
[10/03/2015 20:16:51] - |D| - [15086] - C:\Users\F-cay\AppData\Roaming\sparta111
[07/07/2014 10:52:40] - |D| - [318298] - C:\Users\F-cay\AppData\Roaming\vlc
[26/04/2013 21:23:34] - |D| - [881] - C:\Users\F-cay\AppData\Roaming\VMware
[10/04/2013 19:12:31] - |D| - [12] - C:\Users\F-cay\AppData\Roaming\WinRAR
[27/12/2016 19:28:23] - |D| - [976331] - C:\Users\F-cay\AppData\Roaming\Wondershare
[18/03/2015 20:54:07] - |D| - [15265477] - C:\Users\F-cay\AppData\Local\ActiveState
[23/06/2016 19:48:56] - |D| - [0] - C:\Users\F-cay\AppData\Local\ActiveSync
[01/07/2013 06:06:00] - |D| - [1358519540] - C:\Users\F-cay\AppData\Local\Adobe
[27/12/2016 20:17:38] - |D| - [223552] - C:\Users\F-cay\AppData\Local\Aiseesoft Studio
[24/02/2016 20:25:05] - |D| - [0] - C:\Users\F-cay\AppData\Local\Apple
[24/02/2016 21:06:48] - |D| - [11029519] - C:\Users\F-cay\AppData\Local\Apple Computer
[16/10/2016 06:47:42] - |SHD| - [33320549155] - C:\Users\F-cay\AppData\Local\Application Data
[12/10/2014 19:13:39] - |D| - [1570] - C:\Users\F-cay\AppData\Local\CasaTech_Inc
[27/09/2016 08:24:48] - |D| - [0] - C:\Users\F-cay\AppData\Local\CEF
[20/05/2015 19:45:22] - |D| - [1429574] - C:\Users\F-cay\AppData\Local\ClassicShell
[23/06/2016 19:47:10] - |D| - [40966704] - C:\Users\F-cay\AppData\Local\Comms
[04/05/2014 21:11:09] - |D| - [0] - C:\Users\F-cay\AppData\Local\Comodo
[16/10/2016 07:13:35] - |D| - [2913870] - C:\Users\F-cay\AppData\Local\ConnectedDevicesPlatform
[10/04/2013 20:39:08] - |D| - [0] - C:\Users\F-cay\AppData\Local\Diagnostics
[30/10/2016 18:40:41] - |D| - [84018298] - C:\Users\F-cay\AppData\Local\Downloaded Installations
[10/04/2013 20:36:03] - |D| - [0] - C:\Users\F-cay\AppData\Local\ElevatedDiagnostics
[24/11/2014 12:50:23] - |SHD| - [0] - C:\Users\F-cay\AppData\Local\EmieBrowserModeList
[24/11/2014 12:50:23] - |SHD| - [0] - C:\Users\F-cay\AppData\Local\EmieSiteList
[24/11/2014 12:50:23] - |SHD| - [0] - C:\Users\F-cay\AppData\Local\EmieUserList
[17/09/2015 18:04:44] - |A| - [139472] - C:\Users\F-cay\AppData\Local\GDIPFONTCACHEV1.DAT
[10/04/2013 19:32:28] - |D| - [77192269] - C:\Users\F-cay\AppData\Local\Google
[13/06/2015 11:43:07] - |D| - [71] - C:\Users\F-cay\AppData\Local\GWX
[16/10/2016 06:47:42] - |SHD| - [130] - C:\Users\F-cay\AppData\Local\Historique
[21/01/2017 19:02:27] - |AH| - [32602] - C:\Users\F-cay\AppData\Local\IconCache.db
[03/11/2016 20:33:35] - |D| - [1299] - C:\Users\F-cay\AppData\Local\IsolatedStorage
[20/08/2015 18:50:55] - |D| - [36484] - C:\Users\F-cay\AppData\Local\Lavasoft
[10/04/2013 20:42:51] - |D| - [0] - C:\Users\F-cay\AppData\Local\Macromedia
[03/11/2016 20:50:40] - |D| - [1923] - C:\Users\F-cay\AppData\Local\Mediafour
[16/10/2016 06:47:42] - |D| - [652628018] - C:\Users\F-cay\AppData\Local\Microsoft
[08/03/2015 19:49:39] - |D| - [0] - C:\Users\F-cay\AppData\Local\Microsoft Help
[23/06/2016 20:06:08] - |D| - [83114] - C:\Users\F-cay\AppData\Local\MicrosoftEdge
[09/04/2013 04:36:53] - |D| - [26695467] - C:\Users\F-cay\AppData\Local\Mozilla
[23/06/2016 19:49:15] - |D| - [0] - C:\Users\F-cay\AppData\Local\NetworkTiles
[09/04/2013 04:29:20] - |D| - [624915125] - C:\Users\F-cay\AppData\Local\Packages
[09/04/2013 05:53:31] - |D| - [0] - C:\Users\F-cay\AppData\Local\Programs
[23/06/2016 19:47:49] - |D| - [109972] - C:\Users\F-cay\AppData\Local\Publishers
[27/12/2016 18:29:40] - |D| - [0] - C:\Users\F-cay\AppData\Local\Samsung
[04/11/2016 21:29:11] - |D| - [1940953] - C:\Users\F-cay\AppData\Local\Sony
[10/03/2015 20:16:50] - |D| - [0] - C:\Users\F-cay\AppData\Local\Sparta
[10/01/2017 19:23:10] - |D| - [940] - C:\Users\F-cay\AppData\Local\speech
[16/10/2016 06:47:42] - |D| - [153197599] - C:\Users\F-cay\AppData\Local\Temp
[16/10/2016 06:47:42] - |SHD| - [5249307] - C:\Users\F-cay\AppData\Local\Temporary Internet Files
[23/06/2016 19:47:00] - |D| - [15753216] - C:\Users\F-cay\AppData\Local\TileDataLayer
[09/04/2013 04:29:22] - |D| - [8063] - C:\Users\F-cay\AppData\Local\VirtualStore
[21/03/2016 18:59:24] - |D| - [2930] - C:\Users\F-cay\AppData\Local\Vitalwerks
[26/04/2013 21:23:39] - |D| - [2653] - C:\Users\F-cay\AppData\Local\VMware
[09/04/2013 05:49:07] - |D| - [95110828] - C:\Users\F-cay\AppData\Local\Windows Live
[05/01/2017 08:04:13] - |D| - [82] - C:\Users\F-cay\AppData\Local\Wondershare
[09/04/2013 04:29:49] - |ASH| - [174] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[16/10/2016 06:47:42] - |SHD| - [48008] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[16/10/2016 06:47:42] - |RD| - [48008] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[16/10/2016 06:47:42] - |RD| - [4456] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[16/10/2016 06:47:42] - |RD| - [2936] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[09/04/2013 04:29:49] - |RD| - [174] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[29/04/2013 07:36:38] - |A| - [1859] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
[14/11/2016 21:02:59] - |D| - [3422] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brother's Keeper 7
[20/08/2015 18:47:56] - |D| - [4319] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
[16/10/2016 07:13:49] - |ASH| - [174] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[02/05/2014 10:39:06] - |D| - [2448] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[17/11/2016 20:58:46] - |A| - [279] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groupe rÃ©sidentiel.lnk
[14/11/2015 10:01:58] - |D| - [2588] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[16/10/2016 06:47:42] - |D| - [170] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[21/03/2016 18:59:19] - |D| - [3147] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
[26/04/2016 19:47:36] - |A| - [2388] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
[23/06/2016 19:51:36] - |A| - [2453] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[29/10/2016 20:45:29] - |D| - [3407] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartCam
[09/04/2013 04:29:49] - |RD| - [174] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[16/10/2016 06:47:42] - |RD| - [6376] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[16/10/2016 06:47:42] - |RD| - [7238] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[09/04/2013 04:29:49] - |ASH| - [174] - C:\Users\F-cay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [HomeGroupUser$]

[04/05/2014 21:11:09] - |D| - [0] - C:\Users\HomeGroupUser$\AppData\Local\Comodo
[04/05/2014 21:11:08] - |D| - [0] - C:\Users\HomeGroupUser$\AppData\Local\Google

---------- | [InvitÃ©]

[04/05/2014 21:11:09] - |D| - [0] - C:\Users\InvitÃ©\AppData\Local\Comodo
[04/05/2014 21:11:09] - |D| - [0] - C:\Users\InvitÃ©\AppData\Local\Google

---------- | [Public]


---------- | [UpdatusUser]

[04/05/2014 21:11:09] - |D| - [0] - C:\Users\UpdatusUser\AppData\Local\Comodo
[04/05/2014 21:11:09] - |D| - [0] - C:\Users\UpdatusUser\AppData\Local\Google

---------- | C:\ProgramData

[11/12/2012 11:40:51] - |D| - [586682638] - C:\ProgramData\Adobe
[24/02/2016 20:24:34] - |D| - [100660746] - C:\ProgramData\Apple
[24/02/2016 21:06:39] - |D| - [75960489] - C:\ProgramData\Apple Computer
[16/10/2016 07:13:11] - |SHD| - [54355406006] - C:\ProgramData\Application Data
[11/12/2012 11:41:41] - |D| - [238695410] - C:\ProgramData\ASUS
[12/10/2014 21:35:45] - |D| - [13116] - C:\ProgramData\Atheros
[09/04/2013 05:43:30] - |D| - [12788808] - C:\ProgramData\AVAST Software
[02/01/2016 14:19:57] - |D| - [4194316] - C:\ProgramData\boost_interprocess
[15/04/2015 19:55:41] - |D| - [158357] - C:\ProgramData\Brother
[27/04/2014 20:09:20] - |SHD| - [44246] - C:\ProgramData\Bureau
[16/10/2014 18:17:19] - |D| - [0] - C:\ProgramData\Canneverbe Limited
[20/05/2015 19:45:11] - |D| - [12224] - C:\ProgramData\ClassicShell
[16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\Comms
[15/04/2015 19:59:20] - |D| - [498] - C:\ProgramData\ControlCenter4
[09/04/2013 04:30:14] - |D| - [95249] - C:\ProgramData\CyberLink
[16/10/2016 07:13:11] - |SHD| - [122477935] - C:\ProgramData\Documents
[16/10/2016 06:44:20] - |AH| - [0] - C:\ProgramData\DP45977C.lfl
[04/07/2015 06:44:18] - |D| - [3929857] - C:\ProgramData\FLEXnet
[10/04/2013 19:32:02] - |D| - [1647158] - C:\ProgramData\InstallMate
[11/04/2013 18:58:44] - |D| - [54192] - C:\ProgramData\InstallShield
[25/01/2013 13:27:29] - |D| - [333540] - C:\ProgramData\Intel
[20/08/2015 18:47:40] - |D| - [0] - C:\ProgramData\Lavasoft
[25/01/2013 13:33:09] - |D| - [5837371] - C:\ProgramData\MAGIX
[09/04/2013 05:53:44] - |D| - [385288216] - C:\ProgramData\Malwarebytes
[27/02/2016 10:03:33] - |D| - [99536] - C:\ProgramData\McAfee
[03/11/2016 20:30:58] - |AD| - [66951] - C:\ProgramData\Mediafour
[27/04/2014 20:09:20] - |SHD| - [271181] - C:\ProgramData\Menu DÃ©marrer
[16/07/2016 12:47:48] - |SD| - [1207080428] - C:\ProgramData\Microsoft
[08/03/2015 19:49:26] - |D| - [57688] - C:\ProgramData\Microsoft Help
[16/10/2016 07:16:52] - |D| - [0] - C:\ProgramData\Microsoft OneDrive
[11/12/2012 12:02:07] - |D| - [0] - C:\ProgramData\Microsoft SkyDrive
[27/04/2014 20:09:20] - |SHD| - [0] - C:\ProgramData\ModÃ¨les
[09/04/2013 04:36:47] - |D| - [37912] - C:\ProgramData\Mozilla
[11/12/2012 11:50:51] - |AD| - [2981713] - C:\ProgramData\Nero
[04/07/2015 06:44:17] - |D| - [8192717] - C:\ProgramData\Nuance
[16/10/2016 06:43:58] - |D| - [2383889] - C:\ProgramData\NVIDIA
[16/10/2016 06:43:39] - |D| - [2699893] - C:\ProgramData\NVIDIA Corporation
[23/03/2014 12:53:26] - |D| - [70997662] - C:\ProgramData\Oracle
[16/10/2014 17:44:38] - |D| - [36040092] - C:\ProgramData\Package Cache
[28/09/2016 12:21:11] - |D| - [0] - C:\ProgramData\Paragon
[15/04/2015 19:59:18] - |D| - [0] - C:\ProgramData\PCFaxTx
[11/12/2012 12:18:21] - |D| - [48720] - C:\ProgramData\PRICache
[26/12/2015 13:20:43] - |D| - [3433] - C:\ProgramData\regid.1986-12.com.adobe
[16/07/2016 12:47:48] - |D| - [1003] - C:\ProgramData\regid.1991-06.com.microsoft
[19/01/2017 21:33:30] - |D| - [18817116] - C:\ProgramData\RogueKiller
[20/08/2014 18:56:27] - |D| - [252118] - C:\ProgramData\Samsung
[04/07/2015 06:44:25] - |D| - [191544] - C:\ProgramData\ScanSoft
[28/09/2016 20:08:57] - |D| - [43405312] - C:\ProgramData\Skype
[16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\SoftwareDistribution
[04/11/2016 21:29:11] - |D| - [3144005] - C:\ProgramData\Sony
[01/01/2017 11:06:32] - |D| - [428718] - C:\ProgramData\Spybot - Search & Destroy
[23/03/2014 12:45:09] - |D| - [119] - C:\ProgramData\Sun
[14/04/2013 21:47:48] - |D| - [98] - C:\ProgramData\TamoSoft
[25/01/2013 13:37:21] - |AD| - [373319] - C:\ProgramData\Temp
[11/12/2012 11:45:24] - |D| - [1362288] - C:\ProgramData\Trend Micro
[16/07/2016 12:47:48] - |D| - [4230] - C:\ProgramData\USOPrivate
[16/10/2016 07:14:21] - |D| - [2387968] - C:\ProgramData\USOShared
[21/03/2016 18:59:28] - |D| - [1281] - C:\ProgramData\Vitalwerks
[26/04/2013 21:21:48] - |D| - [7044865] - C:\ProgramData\VMware
[19/11/2016 09:41:54] - |D| - [1754] - C:\ProgramData\VS Revo Group
[27/12/2016 19:28:20] - |D| - [1946178525] - C:\ProgramData\Wondershare
[27/12/2016 19:30:52] - |D| - [0] - C:\ProgramData\wsr
[04/07/2015 06:45:22] - |D| - [47131] - C:\ProgramData\zeon
[18/02/2015 19:33:10] - |D| - [0] - C:\ProgramData\{96dcbd76-dd34-0d85-96dc-cbd76dd3f5db}
[22/03/2015 19:38:21] - |D| - [866] - C:\ProgramData\{d77958af-c332-dc04-d779-958afc3362bf}

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[27/04/2014 20:09:20] - |SHD| - [268106] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[16/07/2016 12:47:48] - |D| - [268106] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[04/07/2015 06:44:25] - |A| - [1893] - C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
[10/04/2013 19:36:01] - |A| - [1008] - C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[16/07/2016 12:47:48] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[16/07/2016 12:47:48] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[19/02/2015 21:03:28] - |D| - [2294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.20.1 Build 2000 (64-bit)
[16/07/2016 12:47:48] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[02/01/2016 14:18:28] - |A| - [1252] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[02/01/2016 18:15:53] - |A| - [1101] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk
[30/12/2015 19:14:29] - |A| - [1023] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
[24/02/2016 20:25:03] - |A| - [2535] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[11/12/2012 11:41:52] - |D| - [27074] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[25/01/2013 13:38:21] - |RD| - [2330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
[12/10/2014 21:36:16] - |D| - [764] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros
[18/04/2013 19:30:55] - |D| - [4837] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AWUS036H Wireless LAN Utility
[15/04/2015 20:00:36] - |D| - [2100] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[16/10/2014 18:15:33] - |A| - [1128] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[16/07/2016 12:47:50] - |ASH| - [796] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[05/01/2017 08:22:19] - |A| - [2389] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[29/09/2014 21:27:32] - |D| - [2282] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
[16/07/2016 12:43:50] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
[24/02/2016 21:06:46] - |D| - [3885] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[23/03/2014 12:45:04] - |D| - [17766] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[10/03/2015 20:23:13] - |D| - [29657] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[20/08/2015 18:50:14] - |D| - [2337] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[03/11/2016 20:30:59] - |A| - [2012] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacDrive 10.lnk
[16/07/2016 12:47:48] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[20/09/2014 14:55:46] - |D| - [5315] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[03/05/2014 06:59:23] - |D| - [2335] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marroki Mailer Anonyme
[24/11/2014 17:37:19] - |D| - [5984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaProducts Flash and Media Capture
[20/03/2015 19:51:32] - |D| - [24165] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[16/07/2016 12:42:22] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
[11/12/2012 12:03:49] - |A| - [1307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[16/02/2015 20:20:54] - |A| - [1060] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[11/12/2012 11:50:55] - |D| - [11436] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[06/03/2015 19:55:05] - |A| - [1113] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Stumbler.lnk
[04/07/2015 06:44:25] - |D| - [7219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
[16/10/2016 13:05:28] - |D| - [2653] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon HFS+ for Windows
[11/12/2012 12:03:46] - |A| - [1376] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[16/07/2016 12:43:50] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
[19/02/2015 21:02:17] - |D| - [9003] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
[05/01/2017 08:21:55] - |D| - [3389] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[06/01/2017 08:44:00] - |D| - [2767] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rene.E Laboratory
[19/01/2017 21:33:58] - |D| - [924] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
[09/05/2014 12:01:10] - |D| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanner NetBIOS
[03/01/2017 18:32:01] - |D| - [2182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
[28/09/2016 20:09:06] - |D| - [2144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[04/11/2016 21:29:17] - |D| - [2377] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[01/01/2017 11:49:21] - |D| - [11640] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[01/01/2017 11:49:21] - |A| - [1471] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[16/07/2016 12:47:48] - |RD| - [1930] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[16/07/2016 12:47:48] - |RD| - [2670] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[07/07/2014 10:52:23] - |D| - [7254] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[10/04/2013 18:59:48] - |A| - [1805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[16/10/2016 06:54:12] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[28/04/2013 13:02:12] - |D| - [1104] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[27/12/2016 19:32:53] - |A| - [1756] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupRemind.lnk
[16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\Program Files (x86)

[01/07/2013 06:12:23] - |D| - [151881408] - C:\Program Files (x86)\Adobe
[27/12/2016 20:17:30] - |D| - [0] - C:\Program Files (x86)\Aiseesoft Studio
[24/02/2016 20:25:03] - |AD| - [2476622] - C:\Program Files (x86)\Apple Software Update
[11/12/2012 11:41:35] - |D| - [645495476] - C:\Program Files (x86)\ASUS
[18/04/2013 19:30:50] - |AD| - [6229100] - C:\Program Files (x86)\AWUS036H Wireless LAN Utility
[15/04/2015 19:58:54] - |D| - [64647494] - C:\Program Files (x86)\Brother
[14/11/2016 21:02:56] - |D| - [33683055] - C:\Program Files (x86)\Brother's Keeper 7
[15/04/2015 19:59:20] - |D| - [12098622] - C:\Program Files (x86)\Browny02
[16/10/2014 18:15:32] - |AD| - [13782471] - C:\Program Files (x86)\CDBurnerXP
[16/07/2016 07:04:24] - |D| - [1199987572] - C:\Program Files (x86)\Common Files
[15/04/2013 18:17:46] - |D| - [48345] - C:\Program Files (x86)\CommViewWiFi
[15/04/2015 19:59:19] - |D| - [72741954] - C:\Program Files (x86)\ControlCenter4
[20/08/2015 18:47:56] - |D| - [7202991] - C:\Program Files (x86)\Convar
[25/01/2013 13:37:22] - |D| - [224182642] - C:\Program Files (x86)\CyberLink
[16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[15/02/2015 18:56:39] - |D| - [24003090] - C:\Program Files (x86)\FileZilla FTP Client
[20/05/2013 18:23:22] - |D| - [389627835] - C:\Program Files (x86)\Google
[05/01/2017 08:17:44] - |D| - [50830648] - C:\Program Files (x86)\GUMC545.tmp
[05/01/2017 08:17:44] - |A| - [50063360] - C:\Program Files (x86)\GUTC546.tmp
[29/09/2014 21:27:30] - |AD| - [47047461] - C:\Program Files (x86)\ImageWriter
[28/02/2015 16:55:13] - |D| - [0] - C:\Program Files (x86)\IncrementEdit
[11/12/2012 11:34:53] - |HD| - [87940478] - C:\Program Files (x86)\InstallShield Installation Information
[25/01/2013 13:26:37] - |D| - [23514760] - C:\Program Files (x86)\Intel
[16/07/2016 12:47:48] - |D| - [1990587] - C:\Program Files (x86)\Internet Explorer
[24/02/2016 21:06:39] - |D| - [189227] - C:\Program Files (x86)\iTunes
[23/03/2014 12:44:56] - |D| - [142210223] - C:\Program Files (x86)\Java
[12/10/2014 21:36:16] - |AD| - [5042697] - C:\Program Files (x86)\Jumpstart
[10/03/2015 20:23:05] - |AD| - [139148675] - C:\Program Files (x86)\K-Lite Codec Pack
[20/08/2015 18:50:13] - |D| - [0] - C:\Program Files (x86)\Lavasoft
[14/11/2015 10:01:57] - |AD| - [12864940] - C:\Program Files (x86)\LinuxLive USB Creator
[20/09/2014 14:55:44] - |AD| - [60225914] - C:\Program Files (x86)\Malwarebytes Anti-Malware
[09/04/2013 05:53:43] - |D| - [0] - C:\Program Files (x86)\Malwarebytes' Anti-Malware
[03/05/2014 06:59:22] - |D| - [117558] - C:\Program Files (x86)\Marroki Mailer Anonyme
[24/11/2014 17:37:18] - |D| - [26286273] - C:\Program Files (x86)\MetaProducts Flash & Media Capture
[11/12/2012 12:06:40] - |D| - [0] - C:\Program Files (x86)\Microsoft
[20/03/2015 19:49:10] - |AD| - [368890483] - C:\Program Files (x86)\Microsoft Office
[11/12/2012 12:02:08] - |D| - [5659096] - C:\Program Files (x86)\Microsoft SkyDrive
[11/12/2012 12:03:43] - |AD| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[20/03/2015 19:51:08] - |D| - [3726168] - C:\Program Files (x86)\Microsoft Works
[16/07/2016 12:47:48] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET
[18/11/2016 12:30:02] - |AD| - [96957049] - C:\Program Files (x86)\Mozilla Firefox
[16/02/2015 20:20:52] - |D| - [317361] - C:\Program Files (x86)\Mozilla Maintenance Service
[23/06/2016 13:47:27] - |D| - [15849] - C:\Program Files (x86)\MSBuild
[25/01/2013 13:32:18] - |AD| - [154033] - C:\Program Files (x86)\MSXML 4.0
[11/12/2012 11:50:55] - |AD| - [385463688] - C:\Program Files (x86)\Nero
[06/03/2015 19:55:05] - |D| - [890520] - C:\Program Files (x86)\Network Stumbler
[21/03/2016 18:59:19] - |D| - [496675] - C:\Program Files (x86)\No-IP
[04/07/2015 06:44:17] - |D| - [237338009] - C:\Program Files (x86)\Nuance
[16/10/2016 06:43:26] - |D| - [149200440] - C:\Program Files (x86)\NVIDIA Corporation
[16/10/2016 13:05:27] - |D| - [11230895] - C:\Program Files (x86)\Paragon Software
[28/12/2016 09:58:17] - |D| - [20243108] - C:\Program Files (x86)\qp591vnd
[11/12/2012 11:34:53] - |D| - [6210756] - C:\Program Files (x86)\Realtek
[23/06/2016 13:47:27] - |D| - [12158742] - C:\Program Files (x86)\Reference Assemblies
[06/01/2017 08:43:56] - |D| - [44807462] - C:\Program Files (x86)\Rene.E Laboratory
[20/08/2014 18:01:48] - |D| - [41499778] - C:\Program Files (x86)\Samsung
[09/05/2014 12:01:10] - |D| - [1684870] - C:\Program Files (x86)\Scanner NetBIOS
[03/01/2017 18:32:01] - |D| - [3806744] - C:\Program Files (x86)\SDA
[28/09/2016 20:09:06] - |RD| - [84973805] - C:\Program Files (x86)\Skype
[29/10/2016 20:45:29] - |D| - [798510] - C:\Program Files (x86)\SmartCam
[04/11/2016 21:29:11] - |D| - [39393904] - C:\Program Files (x86)\Sony
[01/01/2017 11:06:30] - |AD| - [427953348] - C:\Program Files (x86)\Spybot - Search & Destroy 2
[06/03/2015 19:58:43] - |D| - [310151] - C:\Program Files (x86)\SuperScan
[22/03/2015 19:40:02] - |D| - [0] - C:\Program Files (x86)\TampaFoobar
[11/12/2012 11:34:53] - |HD| - [0] - C:\Program Files (x86)\Temp
[16/10/2016 06:43:50] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information
[07/07/2014 10:52:13] - |D| - [129789519] - C:\Program Files (x86)\VideoLAN
[16/07/2016 12:47:48] - |D| - [1941504] - C:\Program Files (x86)\Windows Defender
[11/12/2012 12:03:30] - |AD| - [141744483] - C:\Program Files (x86)\Windows Live
[16/07/2016 12:47:48] - |D| - [5958656] - C:\Program Files (x86)\Windows Mail
[16/07/2016 12:47:48] - |D| - [3275928] - C:\Program Files (x86)\Windows Media Player
[16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Multimedia Platform
[16/07/2016 12:47:48] - |D| - [7584962] - C:\Program Files (x86)\Windows NT
[16/07/2016 12:47:48] - |D| - [5424832] - C:\Program Files (x86)\Windows Photo Viewer
[16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Portable Devices
[16/07/2016 12:47:48] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar
[16/07/2016 12:47:48] - |D| - [3240833] - C:\Program Files (x86)\WindowsPowerShell
[27/04/2013 19:51:51] - |D| - [240048] - C:\Program Files (x86)\WinPcap
[10/04/2013 19:12:24] - |D| - [390] - C:\Program Files (x86)\WinRAR
[27/12/2016 19:28:20] - |D| - [8088229] - C:\Program Files (x86)\Wondershare

---------- | C:\Program Files

[27/12/2015 19:42:34] - |AD| - [2971736347] - C:\Program Files\Adobe
[16/10/2016 06:44:17] - |D| - [635159] - C:\Program Files\ASUS
[20/05/2015 19:42:55] - |D| - [9460031] - C:\Program Files\Classic Shell
[16/07/2016 07:04:24] - |D| - [372838997] - C:\Program Files\Common Files
[16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files\desktop.ini
[03/01/2017 17:02:07] - |D| - [512143] - C:\Program Files\EaseUS
[19/01/2017 19:06:07] - |D| - [0] - C:\Program Files\Enigma Software Group
[27/04/2014 20:09:20] - |SHD| - [372838997] - C:\Program Files\Fichiers communs
[25/01/2013 13:27:29] - |D| - [12960547] - C:\Program Files\Intel
[16/07/2016 12:47:47] - |D| - [2582950] - C:\Program Files\Internet Explorer
[24/02/2016 21:06:39] - |D| - [3922459] - C:\Program Files\iPod
[24/02/2016 21:06:39] - |AD| - [190606267] - C:\Program Files\iTunes
[03/11/2016 20:30:58] - |D| - [1089536] - C:\Program Files\Mediafour
[20/03/2015 19:49:26] - |D| - [1139478] - C:\Program Files\Microsoft Office
[23/06/2016 13:47:27] - |D| - [0] - C:\Program Files\MSBuild
[04/07/2015 06:45:40] - |D| - [541582] - C:\Program Files\Nuance
[16/10/2016 06:43:26] - |D| - [1096607124] - C:\Program Files\NVIDIA Corporation
[16/10/2016 06:44:10] - |D| - [43967056] - C:\Program Files\Realtek
[05/01/2017 08:21:53] - |AD| - [10928904] - C:\Program Files\Recuva
[23/06/2016 13:47:27] - |D| - [833024] - C:\Program Files\Reference Assemblies
[19/01/2017 21:33:55] - |D| - [50977689] - C:\Program Files\RogueKiller
[20/08/2014 18:57:19] - |D| - [12886619] - C:\Program Files\SAMSUNG
[04/11/2016 21:29:11] - |D| - [635867642] - C:\Program Files\Sony
[27/04/2016 06:43:31] - |HD| - [0] - C:\Program Files\Uninstall Information
[10/04/2013 18:59:34] - |AD| - [127204541] - C:\Program Files\Vuze
[16/07/2016 12:47:47] - |RD| - [14913860] - C:\Program Files\Windows Defender
[16/07/2016 12:47:47] - |D| - [6181888] - C:\Program Files\Windows Mail
[16/07/2016 12:47:47] - |D| - [4989628] - C:\Program Files\Windows Media Player
[16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Multimedia Platform
[16/07/2016 12:47:47] - |D| - [7849154] - C:\Program Files\Windows NT
[16/07/2016 12:47:47] - |D| - [6223552] - C:\Program Files\Windows Photo Viewer
[16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Portable Devices
[16/07/2016 12:47:47] - |SHD| - [14257] - C:\Program Files\Windows Sidebar
[16/07/2016 12:47:47] - |HD| - [2625750455] - C:\Program Files\WindowsApps
[16/07/2016 12:47:47] - |D| - [3661506] - C:\Program Files\WindowsPowerShell
[10/04/2013 19:35:53] - |AD| - [4933871] - C:\Program Files\WinRAR

---------- | C:\Program Files (x86)\Common Files

[01/07/2013 06:12:23] - |D| - [488413186] - C:\Program Files (x86)\Common Files\Adobe
[24/02/2016 20:24:34] - |D| - [129766990] - C:\Program Files (x86)\Common Files\Apple
[03/12/2015 19:35:04] - |D| - [895522] - C:\Program Files (x86)\Common Files\AV
[22/03/2015 05:55:26] - |AD| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER
[11/12/2012 11:34:49] - |D| - [3248736] - C:\Program Files (x86)\Common Files\InstallShield
[15/02/2015 18:19:17] - |D| - [2151833] - C:\Program Files (x86)\Common Files\Java
[25/01/2013 13:33:08] - |AD| - [21517072] - C:\Program Files (x86)\Common Files\MAGIX Services
[03/11/2016 20:30:58] - |AD| - [178688] - C:\Program Files (x86)\Common Files\Mediafour
[24/11/2014 17:37:19] - |AD| - [274056] - C:\Program Files (x86)\Common Files\MetaProducts
[16/07/2016 12:47:48] - |AD| - [260490817] - C:\Program Files (x86)\Common Files\Microsoft Shared
[11/12/2012 11:51:51] - |D| - [63931656] - C:\Program Files (x86)\Common Files\Nero
[25/01/2013 13:27:11] - |D| - [193596] - C:\Program Files (x86)\Common Files\postureAgent
[04/07/2015 06:44:18] - |AD| - [3489624] - C:\Program Files (x86)\Common Files\ScanSoft Shared
[16/07/2016 12:47:48] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[21/10/2016 13:20:49] - |AD| - [2581120] - C:\Program Files (x86)\Common Files\Skype
[16/07/2016 12:47:48] - |D| - [43653935] - C:\Program Files (x86)\Common Files\System
[11/12/2012 12:01:59] - |D| - [179098047] - C:\Program Files (x86)\Common Files\Windows Live

---------- | C:\Program Files\Common files

[27/12/2015 19:41:15] - |D| - [104226439] - C:\Program Files\Common files\Adobe
[24/02/2016 20:24:44] - |D| - [170936891] - C:\Program Files\Common files\Apple
[03/12/2015 19:35:04] - |D| - [2734826] - C:\Program Files\Common files\AV
[25/01/2013 13:33:13] - |D| - [102400] - C:\Program Files\Common files\MAGIX Services
[03/11/2016 20:30:58] - |D| - [1956488] - C:\Program Files\Common files\Mediafour
[16/07/2016 12:47:47] - |AD| - [82633224] - C:\Program Files\Common files\microsoft shared
[16/07/2016 12:47:47] - |D| - [2702] - C:\Program Files\Common files\Services
[16/07/2016 12:47:47] - |D| - [10246027] - C:\Program Files\Common files\System

---------- | Tasks

[MD5.9656A555024E9F863EC67CBA4B34BF3E] - [27/02/2016 10:03:30] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[MD5.358338A8B27EFEB0978F26F48A43AB3A] - [19/01/2017 09:29:38] - |A| - [214] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [16/10/2016 07:09:47] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT
[MD5.B0EFD5870757EE78AFA7AF87C50FBE3D] - [16/10/2016 07:09:41] - |A| - [3988] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater         :   C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.67B51B4E90941AD2FC1CFD8F81A84FB7] - [16/10/2016 07:09:41] - |A| - [2598] - C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Fcay-F-cay         :   C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.00000000000000000000000000000000] - [16/10/2016 07:09:41] - |D| - [2242] - C:\WINDOWS\System32\Tasks\ASUS
[MD5.00000000000000000000000000000000] - [16/10/2016 07:09:41] - |D| - [0] - C:\WINDOWS\System32\Tasks\AVAST Software
[MD5.82B31BE94DBE26D18241B9C0E8099445] - [27/12/2016 20:43:56] - |A| - [6086] - C:\WINDOWS\System32\Tasks\Clocuty System         :   "C:\Program Files (x86)\Ruferdombother\clavacult.exe"
[MD5.5F4236DB9DEBB07540C382E678AF9196] - [05/01/2017 08:17:47] - |A| - [3462] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.492057040AFA243BB361D8ECCC67D98C] - [05/01/2017 08:17:47] - |A| - [3586] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.54153A1D7D8F2922987114F8A13DA2BE] - [16/10/2016 07:09:41] - |A| - [2756] - C:\WINDOWS\System32\Tasks\klcp_update         :   "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"
[MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [545424] - C:\WINDOWS\System32\Tasks\Microsoft
[MD5.00000000000000000000000000000000] - [16/10/2016 07:09:47] - |D| - [3340] - C:\WINDOWS\System32\Tasks\Nero
[MD5.00000000000000000000000000000000] - [16/10/2016 07:09:53] - |D| - [0] - C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
[MD5.B95B1E73649A04CEF3C443460EC3D49C] - [16/10/2016 07:19:01] - |A| - [3320] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task         :   C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
[MD5.429216554E4E79F19AA15BE0F1397F62] - [16/10/2016 07:09:47] - |A| - [2752] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2223247258-1722811853-2886010316-1001         :   C:\Users\F-cay\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
[MD5.00000000000000000000000000000000] - [01/01/2017 11:06:39] - |D| - [12558] - C:\WINDOWS\System32\Tasks\Safer-Networking
[MD5.32C66667BBB7519C23D6B8505507D912] - [16/10/2016 07:09:47] - |A| - [3372] - C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474960815         :   C:\Program Files\AVAST Software\SZBrowser\launcher.exe
[MD5.A745282F5061E78D63DFAF131F4C7CE5] - [16/10/2016 07:09:47] - |A| - [3298] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5D84F04E-77D1-405F-BFD1-B18034C3F5CE}         :   C:\WINDOWS\system32\msfeedssync.exe
[MD5.00000000000000000000000000000000] - [16/10/2016 07:10:06] - |D| - [0] - C:\WINDOWS\System32\Tasks\WPD
[MD5.6CCC76DF27E07B128D130F3ADE27F35B] - [16/10/2016 07:09:47] - |A| - [1976] - C:\WINDOWS\System32\Tasks\{2174C4FA-A499-4093-AF79-00BDF0A12BD0}         :   C:\Windows\system32\pcalua.exe
[MD5.FEE5C0704A182587B618EF99EE7CC9AD] - [16/10/2016 07:09:47] - |A| - [2058] - C:\WINDOWS\System32\Tasks\{A4682C43-495A-449F-9A40-A602451776F0}         :   C:\Windows\system32\pcalua.exe
[MD5.41A416A8351E0B92C6FA63F98C58C98F] - [16/10/2016 07:09:47] - |A| - [2164] - C:\WINDOWS\System32\Tasks\{BC4EFC3C-9FC9-4F55-A3C2-52DAE40DBE70}         :   C:\WINDOWS\system32\pcalua.exe
[MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700|
"vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700|
"vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700|
"vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700|
"vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700|
"Wininit-Shutdown-In-Rule-TCP-RPC"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751|
"Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751|
"Netlogon-NamedPipe-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
"Netlogon-TCP-RPC-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010|
"WirelessDisplay-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Infra-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100|
"MDNS-In-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302|
"MDNS-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302|
"DeliveryOptimization-TCP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"DeliveryOptimization-UDP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"{5253A40E-0D60-4344-839F-89B1949844B4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-151|Desc=@hnetcfg.dll,-10149|EmbedCtxt=@hnetcfg.dll,-140|
"{E04446B5-21C7-41A6-9118-3252A2916FF8}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-145|Desc=@hnetcfg.dll,-10144|EmbedCtxt=@hnetcfg.dll,-140|
"{A4AA27DE-6E73-4BB2-BCA3-33783064773D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-144|Desc=@hnetcfg.dll,-10143|EmbedCtxt=@hnetcfg.dll,-140|
"{4A0A0D91-9A40-4424-99BC-BE346FD8F484}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype|
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|
"{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{22B35585-0679-460A-81B3-6AD4EAB2DD2C}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"UDP Query User{FEC366C7-1B65-4789-8633-8F4D095BABC4}C:\program files\vuze\azureus.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\vuze\azureus.exe|Name=azureus|Desc=azureus|Defer=User|
"TCP Query User{2EE17A43-757C-4E73-86F5-F631F430669D}C:\program files\vuze\azureus.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\vuze\azureus.exe|Name=azureus|Desc=azureus|Defer=User|
"{5A1051C1-7844-4036-8347-5651353DC017}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=53|Name=AP UDP Prot|
"{29E4C71E-E1DC-48F9-B90E-8299510F7877}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|LPort=1542|Name=WPS UDP Prot|
"{B63D8473-1A44-4B53-AD16-599FEA20C177}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=1542|Name=WPS TCP Prot|
"{2E9BD17C-CAD1-4215-BEDC-FDA17C9F90E2}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\AWUS036H Wireless LAN Utility\RtWLan.exe|Name=WPS UI|
"{DF63EAC0-ECD9-416B-80CF-DBD2EDE622C0}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\AWUS036H Wireless LAN Utility\RtWLan.exe|Name=WPS UI|
"{44596470-1FC8-4D3B-A70A-5855542569B3}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=53|Name=AP UDP Prot|
"{F7354331-6847-47B5-BD02-714A5D6BA728}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=1542|Name=WPS UDP Prot|
"{1F3A6171-326E-46EE-9066-C99FE983BF59}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=1542|Name=WPS TCP Prot|
"{48CB9CB8-7F08-47CA-A4D5-B973DE4B47CB}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\AWUS036H Wireless LAN Utility\RtWLan.exe|Name=WPS UI|
"{ED340612-5365-48B2-9D26-9FD42687296B}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\AWUS036H Wireless LAN Utility\RtWLan.exe|Name=WPS UI|
"{F35D6930-674A-4E8E-8633-FE88B3FC4231}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Vuze\Azureus.exe|Name=Azureus / Vuze|
"{3282B184-B363-4AC6-9902-FDB9D9E743E6}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Vuze\Azureus.exe|Name=Azureus / Vuze|
"{3CEE2B21-0A65-4B7D-8406-D738AFB2464E}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE|Name=CyberLink PowerDVD 10.0|Desc=CyberLink PowerDVD 10.0|
"{C5525366-A9D7-4CD2-A3E8-082906E68439}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe|Name=CyberLink PowerDVD 10.0|Desc=CyberLink PowerDVD 10.0|
"{060B0F9C-DEB0-44D0-854D-026F3C93B53E}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)|
"{36BD8691-C48C-4F8D-A256-210573A5EE53}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)|
"{C55AAB2E-F44D-49C3-B509-5C281C080514}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE|
"{E7985E1D-C36F-4787-80A8-6350D07E9266}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{F8FE9EEA-FB3D-4EC6-9302-3D22F2E79261}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Check Point VPN|Desc=Check Point VPN|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=Check Point VPN|Platform=2:6:2|Platform2=GTEQ|
"{AE9D0C8E-104C-43B6-8FF3-D784785F4E3C}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=Check Point VPN|Desc=Check Point VPN|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=Check Point VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{6BE1E811-62C2-4206-8550-F96FF75AC6E3}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=F5 VPN|Desc=F5 VPN|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=F5 VPN|Platform=2:6:2|Platform2=GTEQ|
"{F4497204-2814-4867-BFCC-5546C948C48D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=F5 VPN|Desc=F5 VPN|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=F5 VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{4301EE6F-79A2-4A78-ABC7-16E3396242E4}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Juniper Networks Junos Pulse|Desc=Juniper Networks Junos Pulse|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=Juniper Networks Junos Pulse|Platform=2:6:2|Platform2=GTEQ|
"{E238112C-46CA-46FF-8609-EC61C0C7C851}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=Juniper Networks Junos Pulse|Desc=Juniper Networks Junos Pulse|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=Juniper Networks Junos Pulse|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{6D38F7DB-B4C3-4A91-BBAA-2675C1C2C3B3}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL Mobile Connect|Desc=SonicWALL Mobile Connect|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL Mobile Connect|Platform=2:6:2|Platform2=GTEQ|
"{A0547366-D98C-469D-8DF5-FE140DB7B51B}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL Mobile Connect|Desc=SonicWALL Mobile Connect|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL Mobile Connect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{399204D4-020C-4353-925C-CF276DAB8366}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{866A0240-3240-4E0D-A9C7-7C5A58A914F3}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Desc=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2540836248-1980176511-1686232796-3610252712-3450814159-2925262043-1011558333|EmbedCtxt=@{BrowserChoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://BrowserChoice/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{7AADD2E1-FA5E-4045-8951-2FA6F63E965F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe|Name=ASUS AI Suite II TCP|Desc=|Edge=TRUE|
"{09B99D67-D659-4F0A-A5EF-6BCF74C2B392}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe|Name=ASUS AI Suite II UDP|Desc=|Edge=TRUE|
"{2C026ED2-17D4-4BCF-B520-0F190B590CDA}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe|Name=StartNBR|Desc=StartNBR|EmbedCtxt=StartNBR|
"{6219992A-802A-461D-8C57-55C3C22665CC}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe|Name=nero|Desc=nero|EmbedCtxt=nero|
"{48236EDF-8A25-41B7-B69A-887332EBA5FC}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)|
"{DD04436F-68D1-4423-9310-22831C2F4211}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)|
"TCP Query User{28EF0C36-A2D6-4480-80ED-C94483ED4CC0}C:\users\f-cay\desktop\cain.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\f-cay\desktop\cain.exe|Name=cain.exe|Desc=cain.exe|Defer=User|
"UDP Query User{7BD07E89-25CA-4481-B880-87DDAFF0EA87}C:\users\f-cay\desktop\cain.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\f-cay\desktop\cain.exe|Name=cain.exe|Desc=cain.exe|Defer=User|
"{6DC16A5D-F3F7-4F0A-82B8-1FD5D306F007}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)|
"{9695E38D-2885-410A-B19F-8753A7797C88}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)|
"{D8BE1351-722D-446D-B30B-18041C5855BA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{86BF0ED6-88D4-470E-BC70-A8B944E9A86B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{8CA78F31-F83A-430E-AF55-21D92EE34BC2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{DD42B476-E606-4D97-BED6-1D2F7C3AD43D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{1EA5358A-1A66-456F-A605-7381197C5572}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{26FC50B4-CB17-44C8-93F7-8F1C6E63C5BD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{A269953B-88E2-4968-9B2E-C9B4DA28D2B7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ|
"{731CB1ED-9F8D-400A-80AB-FA5ADF8A74CF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{E750CCAC-6146-4D54-BCCA-0E162E42B966}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{31261360-34F0-41C6-98D6-30332DCF692A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Desc=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795|EmbedCtxt=@{Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.FeatureOnDemand.InsiderHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{09B000D0-7580-4EC2-A155-E59399F5D0AF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{DB1064A4-2825-4B1C-B215-7E08C38DC2F6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ|
"{450BE8AE-0C01-44D7-AD1B-861F5E647148}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ|
"{C11F23A4-E612-4A92-B0CB-EF189E94F9BE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{69A97E02-59FD-4B31-8CE4-1F782FFD8BD1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{B8E0DBED-B67B-48FA-9B6A-EF831417E300}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{6DF546D6-13B7-49E3-905D-4085106A6941}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{4EB9BBDD-83BC-417B-B3B5-4D359A2B3C6A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ|
"{19E2A71E-EBEF-4CBA-B436-D5DAEFA86D2A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ|
"{5A07F8F0-955F-41D3-B41C-79D22E3819EE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{629348E5-CDC8-4292-A55A-DAD5C073A069}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-500|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{9AFA9DF7-A2C7-47A1-9B0A-A23453DC7FC1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{F35EBE97-088C-4518-96A5-2477143B6248}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{7C4919AC-449E-4295-8682-EC3A898126BF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{34FAC85E-F794-4E51-A6D6-C07CCAED0697}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{FCE8B2D0-94CD-4710-8F46-E15F039E538A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{802F92BD-8C40-48F6-B93B-B037C9B4AFA1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{ED686093-AF83-465C-8B52-BDC53FA0A0F9}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ|
"{83E2AC4B-04EC-405D-88FC-95BB34818044}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ|
"{6A4F8CBA-4019-4F58-AB94-CC3405790E56}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{E2ED57E3-EE73-4BF9-B443-C49E1BCF7625}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ|
"{4EEEA36B-3A34-40B3-B938-45C49CC14848}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ|
"{D6FD8894-D917-4403-9560-9D31BAAD32D1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ|
"{62DA4772-D4FC-464F-A96C-6AEE110D13F7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{23C895F9-A311-480E-8801-35504097B445}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Public|IFType=Wireless|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices|
"{4E1F7380-8992-4E5B-8F1E-B101A04E8D33}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Public|IFType=Wireless|Name=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Desc=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1162584699-752881360-2552798240-2633183829-2219405937-1046343680-2483954874|EmbedCtxt=@{Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.PPIProjection/resources/ProductName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices|
"{F54D5E71-6332-4AD6-A811-AA49ED01C559}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Apprep.ChxApp/resources/DisplayName}|Desc=@{Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Apprep.ChxApp/resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1255970798-2717750985-493741290-1721212560-3530798636-1829112236-3118580706|EmbedCtxt=@{Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Apprep.ChxApp/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{2E523B22-D4A7-4904-8302-38F3DE1941BC}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{6BC6AD6A-9A34-4497-BBED-1F37850107EF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{44F207AA-49E8-408B-91B1-F5B43160A546}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{A83A5FC8-D9D1-420B-AB29-4012501F0A23}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{C7FD0E22-53CF-449E-842D-F4EB9198865B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{C2CC1624-2471-4418-9DA9-242E0146E6E0}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS Welcome|Desc=ASUS Welcome|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1791334737-3644637894-912171476-726613620-3748997741-2897954968-3492054033|EmbedCtxt=ASUS Welcome|Platform=2:6:2|Platform2=GTEQ|
"{E6F7DD8B-87E9-4430-9CE7-4EE673CBC51F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ|
"{F07A50B6-0421-49AE-9864-E34815EA060A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ|
"{B405CD84-1122-4060-8108-980E06C8EC7F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Taptiles|Desc=Dimensions|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2231911430-2130388165-2516466230-706407494-3611915613-465405449-2907053216|EmbedCtxt=Taptiles|Platform=2:6:2|Platform2=GTEQ|
"{C16AFD64-8EB2-42A2-9DA3-CA574AD3E55D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Taptiles|Desc=Dimensions|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2231911430-2130388165-2516466230-706407494-3611915613-465405449-2907053216|EmbedCtxt=Taptiles|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{821D82F2-A946-46A0-B41A-6D04E17F3D64}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Wordament|Desc=Wordament|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3246329098-3230233011-588582504-443901317-3747836941-355108722-2585344712|EmbedCtxt=Wordament|Platform=2:6:2|Platform2=GTEQ|
"{F6763A11-E180-435C-9456-D05C0C00B048}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Desc=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{B9AE636D-9A57-46B8-88F8-9304A0E58CEE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Desc=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{3435A9CD-7F9A-4065-842F-6D4AA2540748}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Fresh Paint|Desc=Fresh Paint|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-753205055-3642759886-2300710532-466079404-1496176425-3605778055-1481226570|EmbedCtxt=Fresh Paint|Platform=2:6:2|Platform2=GTEQ|
"{679C2471-17D0-498B-AC1B-6C1C4B23AED5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{5D281A18-CFD7-44B0-8277-EC1DEC5609C3}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{9C1AD7B2-9D8B-4D73-A8B0-8F9A60F0A7B6}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Desc=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/AppDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2870191891-2241688837-171142518-109998219-184790337-3361571429-3188846544|EmbedCtxt=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ|
"{93AC7306-B2BE-446F-BE1A-4E8DDB8CA22E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Desc=HealthAndFitness|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1138804039-612586356-661925973-101396967-3526483782-2490177615-3594119953|EmbedCtxt=@{Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Platform=2:6:2|Platform2=GTEQ|
"{0733F911-7B37-4DD5-B6F3-6596C069D731}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Desc=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1986440118-1442771495-871113684-214194731-1452296882-3170903903-2224822735|EmbedCtxt=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{5E3D28A8-635B-46C8-BFD6-2A9F75E2BF0A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ|
"{C4B66676-DADB-4431-8E54-B07143AF9F36}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Adera|Desc=Adera|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2548604311-957346824-2694208565-872568250-605061286-105396575-2965357857|EmbedCtxt=Adera|Platform=2:6:2|Platform2=GTEQ|
"{B0DE631B-93BA-40DB-AF60-656DCBE1343F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxIdentityProvider/Resources/DisplayName}|Desc=@{Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxIdentityProvider/Resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3261124336-967904692-548716175-2724082555-235625598-1533749622-1468861831|EmbedCtxt=@{Microsoft.XboxIdentityProvider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxIdentityProvider/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{4CBFDE82-6A2B-445E-B323-1049A22C686C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ|
"{6C6E3685-D458-465F-A7BD-90389262C4D2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{E819679A-AAA5-472F-8131-31AA7BDD5564}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{7EB7FEE0-D9B0-4578-B2A8-A0D0CCE5D303}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{DCC8C40D-F915-4C8E-A431-0BDF7A44E208}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{162BC90B-FAD9-490B-9D50-148E13AD115D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{DBEA291E-8109-4820-B1F5-9F7A7CBC8169}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{ED1A9837-809A-4171-AB41-593B52D21E28}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{AF2B1269-0D7F-4B5F-B41F-CBF04EF810C8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{78289145-1AF3-478A-BDBB-ED3D06BD8E68}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{0DFBBEF7-87ED-4359-85B3-15C7B976FE71}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{AF4993FC-2030-4238-BB35-4282BD000D23}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4615DE2C-4316-4353-BE79-847BDACE7D4F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{9BB10705-4B33-4CD1-B4B2-54E18B3CC5BF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{B5D2DF44-8D5D-4D2D-BFE9-D45DF8035319}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{5488114B-D4F4-4745-A03C-D4E7CCE41F35}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{D28471AB-8657-406B-8F3B-D1C8696DC4F3}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{78379F98-04FE-4307-90A0-59E5A6C5D97E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4B2AF7D6-CAAB-484E-AE2C-067C86C45B92}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{3507E997-4808-44F6-9554-228829BE50ED}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{9D95AF7F-AA41-403E-A52A-BB81D059D5CE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{7EAA3C28-7001-49AE-A1D3-241F6708103B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{41DF5106-6F29-4E2A-9343-5CDDD49DD155}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{C550051D-5495-45C5-B665-D0581F6F31BE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{05DC67FE-FC8F-4E2A-9EDE-AA390C6891D1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{EBE1DBBF-507D-4B56-830D-DE7986EA9527}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{AC1AD515-1A1D-4584-B858-2A05D8D194FD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{642AFD99-6EEF-4B43-890B-7047A5F79566}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{3BF7C731-D855-440B-84F6-CBDEE7FDA96A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{AF743BA3-0F0A-42FD-9E24-F0E1E485DC8E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4BE7B598-9C64-4FCE-8024-2930F5753C9B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"TCP Query User{5A775652-E162-42E8-AAF1-5E3F946AEDD0}C:\program files (x86)\smartcam\smartcam.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\smartcam\smartcam.exe|Name=smartcam|Desc=smartcam|Defer=User|
"UDP Query User{AA3E2204-BED9-4F33-B529-665907540EA7}C:\program files (x86)\smartcam\smartcam.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\smartcam\smartcam.exe|Name=smartcam|Desc=smartcam|Defer=User|
"{D08750B2-E356-4E85-9C31-E58B8561DD2B}"=v2.26|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\smartcam\smartcam.exe|Name=smartcam|Desc=smartcam|
"{53A9FE1A-7687-4131-9095-20C6F031EE80}"=v2.26|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\smartcam\smartcam.exe|Name=smartcam|Desc=smartcam|
"{F36D666F-3FF9-409D-83B1-9697C0AA834F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{75321FFA-065E-4221-B241-10EEC056F6EF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{EBABC8D0-CD5F-42A9-A956-579F687E1E43}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{A19FD174-0C67-40BD-BDEC-2ABD9DEC1E1B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{B403BD9E-F10D-4608-B388-332E693327D5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FDAEEC72-0D86-4715-80BA-AEC20412DCB8}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{EB476254-47AB-4A3E-9F2D-AF9A1A4CE15F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{867C771B-3F73-4AE0-9073-6D883AC0D642}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4F1A4A7B-A4B9-48BB-B08E-CC421BA83CA7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{4CBADEB4-EBC2-4766-948B-E5029C8FB2EA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{0436B930-0EDA-4839-82BE-1CD78C052659}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{8204E15A-CAEA-430A-8E5D-F423C4A7CA3A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{645784C5-33E9-4D0B-844F-9FB823F8F4CC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{56A6E9EE-3D19-4BB0-AF9F-F2883CFE9B19}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FFFAFC7C-98F5-479C-929B-E15ED77BCF46}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{3D4725CC-951F-47F8-B654-A86B0A3887DF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{D657BD05-8378-430C-87D9-2CE632D47DCA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{9E5AF845-DA51-46BB-A41D-421C044F7DB7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{C514E6F6-1CBD-410F-A2A4-63B1FAFAA2AB}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{E2F8A3B0-E57A-4D8E-B670-AAF7D6280930}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{775706B8-DD1E-42C5-A494-85D17AFA9092}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{59647E7F-D2D6-4A59-B243-D08EADBFBCEC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{493CE2FC-244F-459C-AD68-3A14592C3904}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FF878E90-B88B-4975-883A-13B53421CC20}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{02597E45-B1C8-4333-82DC-3B9AD38F2902}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{8942351C-E3BD-4AF2-9690-DE5793DFB156}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{EA51A88D-C09B-4F04-B1C2-D12D81C79B01}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{8DDA1B34-80D2-4F41-923C-731EECB12930}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{D705F81E-E7EC-4C43-88FB-672E41109BBE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{68C964F5-5C89-4E7C-A306-149578D5BED3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{32D99496-E21A-4AAA-BAB3-9C8992AE0E94}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{CBF78DD9-3FF5-49AB-8164-BF577D621EE3}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{E895C96B-908E-4057-B287-F31758FD70B2}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{F55C2C5C-C0D1-49C7-9541-A210BB3F05FF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{2AF03DEE-A53F-4775-B8F8-85E9BE0503AE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C85BACEB-A9FF-4E42-8F1B-CE2538A89E85}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{472B464B-B2B4-4337-A3F0-46E60A278798}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{CB1BE6A9-5BA9-43C2-A4BD-C94F03F3B555}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{B1A8D3E0-E038-457E-8815-87FE56038068}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{7C2FF65C-0160-4419-8892-C31C349B614A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{8CF159FF-A187-4E50-B387-1AF4183F8658}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{5E657C3D-397C-4F32-9BE7-3080230958C4}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{1E9A1008-4CE2-4851-B4CC-6D2CC278BBB2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{CD016F65-76C5-4E80-B864-FB046ADF4C2C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{E530BEAC-2AB2-46B2-A928-3DA36D64C56E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{D94B5838-9256-4851-AF90-77450AEAB7DC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{8947BA31-DB6D-493D-83A5-C320EABD4849}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2D3DD621-CF0C-408E-B1F0-7486AB72464B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{86638483-01DB-419B-8D28-0DA9B9DF01F2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{6DBBA224-7F44-4EAC-9653-A5DA7D3DC91B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{D99C9CA4-E050-4871-A453-FA58C13099FD}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{35D48D1E-CFC8-439F-824F-6E8832F91478}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{21578435-C51F-4A6E-9822-A600EF60581D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2CA7B63C-389B-4310-AC4F-448C460C4573}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{5CC175D3-4ED7-4939-BAEF-38FEC0DAB275}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{A8F86962-7DF7-446A-A2C0-7C3D416853A8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{40E4028E-7A21-4E06-9685-9A5AB7C7168E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{CC5E46BC-6490-408E-B14D-36BD8B56C0FE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{2CC508CE-6768-4E80-84D0-BBD23FEA2B76}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{5D42640A-DCD2-4967-A08F-B7AB3A81E118}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{5C664706-8E2C-47BB-B94C-75AC5B3064DA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{7F7E0DC9-A2D1-4908-B7A2-A8046CEC98E6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{6FB8BB10-959C-421A-8315-607E544B591E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{242267F4-DDC7-4BE2-B5F7-9AE6E6CFCD1A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{D0585073-D9FC-405A-AB23-5E10890ACAA9}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{9DA405C6-4D68-4EC0-B956-9255FB7FA2B3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{53BB02D6-88A6-40E2-8980-0BFA315905AF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{94A74F0B-4884-4575-B9A5-6B7EDE69B887}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{50CF8265-AAC0-4575-B639-759947B7D7E3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{2036831A-035A-4BBD-A912-597745096BAE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{8E9E25F5-E7A9-42FB-B636-81AC003B52FE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{46C228B5-A561-418F-B0B6-519CCD63F0A5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{255C6842-0315-4273-B06D-2CF7036BF574}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{C02B607B-EDFB-4F70-A3EE-1491DDCC2424}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{60DAB7B4-B80B-428E-85B6-9BA40C2055B5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{C0448E3D-2B35-4EE7-BBAA-25EE8F76C18E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{3D83F467-6202-4883-92FF-F82190786D3F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{ECFAE3E1-150E-4421-883B-B809B3D0FB65}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{010C7429-2687-4D3E-8C4A-9109234544C6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{73F9DB6C-7DC3-44CE-8E07-AA4A3A7BBA27}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{0C3F39ED-24BA-4190-AF8B-1B93CE573F9A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{B44BC943-DFCF-47FE-921D-97C6C0CDDC07}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{578370E7-9344-4F96-A79E-6B00C2C5A8C7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{7413BB11-F5A3-4E1C-A43F-BCA29B537B69}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{CF16B939-28C7-48FC-A980-C0ABBEF284D1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{2DD1528D-0EE4-4457-8A23-9B6A696B4FE6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2A2A226C-F7F4-4086-8B58-BD43E4CBA2A9}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{605451AD-1AA3-48F8-AC4A-8CD438C69C33}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{D257645C-463D-4576-A103-62FA93865A1C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4A5739F3-9693-4634-9954-2B33906C5A01}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{328C7038-FCD0-4D10-B29C-0CF07AE53A55}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{5E5A1DE7-F195-455C-9E8A-4881D5B18C2D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{9D5C75F0-0608-427E-B8AE-D9853AFFC74F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{A227963F-60DC-425A-A9E4-938176E209E5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{AD43A543-A015-40B4-B8CB-A12E3DABD7C4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{132E3026-8B91-42DA-A368-AA3640AA3E69}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{FCDA2DE5-51EA-4C75-9056-0ADF30A89664}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{C301DC06-727E-4680-BD78-532B5D05C9A2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{3010EB73-E9CB-4309-998F-2ECEAC6E67A1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{36691361-B009-48C7-A1AF-720CB718A9F6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{030A6CD1-B386-487D-B1D6-287B612D68BD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{35282B65-C657-4523-834B-A65547367C7E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{E8E7617B-094D-4D92-9FAA-325DA80B1DD6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{7C3BD6FD-2FAC-4CC2-9C94-D5FB26BE8199}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{95D56A4A-7F5E-44A6-B3EE-965CE6BE30EF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{43C74B86-4213-402C-8552-63BC3E015A54}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{7E04F4FB-A7C4-4460-8C5E-94EFDB65219D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{A31E4254-32D2-4B52-BD7E-76B557D0E4AF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{96519F01-695C-4B94-B95E-88A36FC4108C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{1441D0FB-B6EE-4E61-80E8-3186F21B420B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C1F3BD0E-D98E-4D53-BFA8-50A4BB53CC52}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{CAFEB417-4BCD-4F7F-8F4D-F5560A5B4D9D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{610339F7-13BE-4901-BB74-E18E03C9ADED}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{96262AC5-4E89-4875-A618-2306314EDBC7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{CD14550D-FD9E-4D6D-A7E3-8CDC501C1DEB}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{C9098323-B9B1-49D6-A4D0-3BD43993FEB8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{F00A5506-56CC-4EE9-9CF0-3B2D7552D537}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{F6351A71-7C26-42BE-8C3B-125849C0DD5E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{57CEC6C8-1F6C-4930-B99F-83AB4DF04D86}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{E92164AD-11B4-47DA-A5D4-4DEF8536B561}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{72CC530A-DD7D-45CA-8A0E-F88EBFEC798E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{2BC22D97-CD92-4547-9409-7B77BE3A567E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4E0695B0-1789-46BA-B9BE-7A3B9020349B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{8113981C-A0BE-41FD-9494-AB203F0A5385}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{337C9710-C5AD-450A-AC11-D9EE102FB6FF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1F52919B-EEE2-4882-B842-6314C45737D9}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{7E0CFC4D-F830-4415-A979-1DE99A5BD13E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{31A9483A-5F39-4BEC-8934-30E6CD02D9BC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{5967E67E-A61A-4494-9E8F-41ECA6E232FF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{43E298C8-0A85-43B4-9FDE-7673B0C77F5F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{FB469934-12FB-4D46-82E6-53BC3F0AFBD0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C868C3E9-EE21-4F2D-A97A-4C41195BF728}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{2D0464B0-9288-48D2-9B60-EA02B8A9745B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{94792F45-B64B-454B-8A66-1A990C812876}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{77F44CBC-F8B8-4281-B08A-68CFB5E5F520}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{AD4EE5B4-9158-40FE-BB9B-259ABFA5DEE1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{DFC088E4-E909-4E7B-A57A-08ADD3307BF0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{0DDF1834-1E52-4EE2-A2A0-CA78197D6F05}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{932F682D-FC49-4E5C-A128-7A32DDF7E76C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{554899D4-B3C4-4E97-9C36-33FB5C066CC8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C3C2E908-C9C5-40D6-BE2A-6FEA21600AAE}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{54F48120-8C6C-4246-9ED4-BCCBD86BC46D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{367D4DD4-6EBE-4C21-9332-185B95950114}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{6D0E0734-8E6D-47E4-AD3D-B308EC2CA538}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C2471D41-5B50-4C5E-A714-251D3E02FE1A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{32E8A8A8-F6D8-4708-BC92-0DA4EEBB1F9F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{9778A5B1-84DB-4F89-8EC7-5D5C49271453}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FB80A59E-0331-41C9-9554-982313E9F8B0}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{22BDB353-9DD1-41A8-A731-0E67475450AA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{F9F0CAA5-0126-4FA0-BE0D-5403D6FBEA34}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{673EC77D-96A2-4433-BB5D-366AD94F4750}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{C8D5A84E-529A-4D88-BFA8-3C9DFCBACDBC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{9D6BCBDF-DC07-465F-8049-E57AB32C4234}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{06219EFD-3378-4060-9051-BF288CEC3D68}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{8B127273-B9FF-48EF-88C5-595E60C04221}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{9B13F64C-3C70-47ED-AB98-FEFF9C2DD46B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{A9D0DCFD-2C87-4F8C-B987-2CA8F5A41CDF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{EE2EDE40-3EA4-443E-ACF1-15395EDBDF54}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{F1988C35-79FB-4876-B57B-1F1EAC53FA3D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{79B3D199-4FA8-4C1E-97CB-D38DE500E865}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{C92AE9ED-2594-4E3E-A0BA-D6D83BFB6BBD}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ|
"{C15DDC7A-5B57-40E2-9FD6-85BE61469F58}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{000E918C-F300-494B-96B7-6797E6CA0A40}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1532BDE8-3D6C-4105-9314-DB9BFC114E3F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{5D50C48C-7572-43E4-AE62-7A571B34C2B1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{46763E5F-AC13-4444-A94D-557C74C69D9E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{7A89A2D4-64AE-47F5-84AA-46FA097FE64F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{52334C1E-1BE8-4A1D-BC68-4E5BB9A385B9}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{B7C3A94F-5BE1-46BB-95B4-2120871C35C8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{9F6B06BC-505A-4AEC-8421-4DCAAA7C5EB1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{01015508-BC68-4E45-BAC0-1F7C1F3E93D5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{4C17291A-463A-45C5-BF7A-704DE4B578D6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{7885C7F1-5BF9-48A9-8E3C-8C9CDADDDB23}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{888558A5-98CA-4C37-B58E-0611926FC8C9}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{6DF3E718-F92A-4F38-B37F-001B0796E67A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{17543F93-9D3A-424A-9991-26152E638263}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{ACD755AA-8AC4-4577-B2C0-2FC4BFAB4F75}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{F74FCA72-747E-477A-BF66-656C70BC1930}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FF7670BC-4FFD-44D0-A6B9-B79FBA39060F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{972F23D1-029A-474F-B312-55960945A0DB}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{273289EB-2541-491F-A995-FEE9A33C1D43}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{6184DBBA-CE43-4932-AE6C-175A4640572A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{31291A15-5A0F-436F-8A53-3D7287154C90}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{605BA756-E23C-4E2E-AFC5-FF8AF3771F64}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{486541C3-0910-44BE-BABE-A8235FCE305E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{1E27BE0C-88BA-4C4F-B1B8-5575423BEFB1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{09B4BBDC-C14C-4C89-B8E7-F36AC9F62DB7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{FCB1BF33-460D-499B-AF0D-E109E79C28DD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{05912BD3-9082-4680-9B3A-48B53601356D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{82C50C57-2992-42CD-A7D0-DCC5CCACC693}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{05FB9D41-3589-478C-B2F9-6C1B51DAB190}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{7D8B798C-1B0D-495F-8EEB-8743A6996E27}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{B7985572-BBBE-4A59-9650-A09CD7809D2B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{871B8258-8F2E-4D5A-B20C-88F0B2604657}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FD5EA48E-6ECF-4C24-94F0-EB2175DEDA64}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{7B9F0F04-1045-43C5-AC60-E9B343B12962}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{0B3E7BBA-B5DD-41A3-AE91-4034E5E7C061}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{3EF44F79-E339-4CAB-850D-FFFFF1DFD3A2}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{BD8B4812-AD30-4428-876F-E0C3B8005FDD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{6D040DAA-AFF6-446E-AF43-F17DC6CA914A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{DF174BF9-B66A-42C4-AFF2-1F23541B73F5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2B1105B7-66B4-4EE7-8EC6-B7B169E9CCD7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{2D1586C0-87AA-4A9F-B1F1-3163C0571DA1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{6AE0C97B-75E4-448E-8E98-62369EE890B9}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{F34F792D-797C-41B7-8FFD-CA79E2509CCA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{0C4CF700-86F9-4B08-91C2-A8DCF539E095}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1831F9E4-FC76-4838-9FA7-FEE3B4E69B72}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{5CD99540-AA15-42C7-B175-3C7D2196E8FE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{6AC4F0E8-44F0-4458-B32E-3DFDE82C5318}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C2DBEA0E-1724-4B01-BD4E-BF4E3E08EE63}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{B308E6AC-2BDD-43FF-9A83-462110C813FD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{5C25D3C2-C5CC-4B1C-918C-6EEAD712EF4B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{0E4EF03C-5D16-4F86-83BB-F6BBFB2262BA}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{5BAE8F4D-931F-4ABB-A0C5-BE4CE168BCAF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{ED64C191-E1B0-433B-9C70-32638823C9AC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{9F108CC1-8101-42A9-A30B-391AA442F4E3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{441AD3B7-83C6-4190-BA99-03023DFAB40D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{DAE7BC41-4A05-41C8-BFCC-6F07425858C2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4B0C46A9-D0D2-4178-8972-52EF85A06895}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{CBBC4C38-2D48-48F2-94A8-8FB213EEECDF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|
"{51B82DBE-6193-44F3-9B06-5B276EED5CA5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{1F42E75B-13D9-4B09-BA8E-C7F82C536B7C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{9FA0A61A-9C74-4B71-BA8A-364F0D0EB8A2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1CDAD8AA-E785-40D4-BD4B-AF45EA34F8E5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{444C5B15-2E01-4674-AB73-7674F361649F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{D5BC01A7-F586-446D-9A87-B8CB1DEC07E4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ|
"{2F1156B1-63DA-4295-A3FC-9A669437430D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{3F4C38FE-139B-48EE-99A7-D118A9461149}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{9E37C3C3-9D11-4F40-BF49-C75F0D46C64E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{C61A83A4-4F97-4198-A70E-620FD4495ED0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{CD6D693E-9EDD-415D-90C4-A765B444EB21}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FE2DD3B0-FFE0-469B-B71D-EDF1DA04A1CD}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{C94F8487-4AFA-46F3-89EA-D79EB0CE38E4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{5CCD5A5B-703B-401C-BBDA-58EF149E51A1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2190C237-4B4C-4209-BFA4-3455174095C4}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{8D7210DE-197D-4EB1-ABDC-548A5D132716}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{976931A2-F760-49A9-94B3-A260AB668AC9}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1333A53B-C768-42FE-9A32-055B291B7D0B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{95B20215-DBBF-485E-B11F-45EDC5001B6B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{C7963085-05E3-45EB-B9E9-590B72542C64}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{8CC610BA-F74C-458F-A505-F766EEC29D9E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{7F75D45D-196A-408A-9BA6-CD843396FE08}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{90D00F3F-789C-4AC2-8DF0-A8C2E159CA87}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C833D375-6282-4E80-B639-17EC5B394828}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{65D2058A-FAB4-499F-A978-F539A51D4A44}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{22E37041-171E-4C61-A464-CEDDDB193A9C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{65D57C50-7070-4E70-ACA4-C245B91D9A85}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{82F3CF78-4115-472A-98CA-75D1921AF226}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{D5DE15AD-811F-44E3-AA8E-AE9DB75E800C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{7ADA0A4D-8353-4FC4-9B55-4758599DD11B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{6146E070-C74C-4F04-8B21-FF9657E5B416}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{FECA16C5-7D47-4370-B53B-798D62B7325C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{776EB055-E62F-4472-AF29-9DEDA8AE9FB5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{27A0A59F-3C8E-4C1F-8458-050FD4F81D3F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{0EB610ED-04FA-476E-8F86-DD611062B9F1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{6F5F1119-4130-40D8-B5CD-2E7CF1199D3C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{88BF7ACA-8DD5-4BC6-98EB-05288AE9D99D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{A42D22A4-37EA-499A-A897-1D9CA28F2520}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1D265DA3-C676-4CFE-8A53-2DAC326E6E63}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{AB7940C2-489B-42E1-B830-807F55F77317}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{0BBAE40B-3861-4FBE-B413-5536F4545BFA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{04554ABC-C486-4915-87D8-0E34A845ACA0}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{2FF4CC72-00A8-41D7-89B4-913AEBD222E1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{3C5C0D69-978B-4BEC-B7DD-6777C7B8A0F8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{67146674-1FE0-4CB3-BBF5-DFF0D81B0F86}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{E08001C4-7287-417A-951E-F216B9E48C8F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{E02725B4-F5C5-41A5-A86F-14F5429B8E2F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4293EABD-0397-487B-BC21-8A46D35B5947}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{8CE8DA10-DE48-4BC1-BBAF-83FC9ED7C2FC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{76B9EB7C-9C3F-461B-9EDD-E99CE2406B4B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4BA70E01-3E68-488F-A93F-6B1333198AF6}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{380F02A9-433F-446C-A6CE-A9FD81DFEDB9}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{4F710F64-8167-4120-B1C6-66ECD9D5A057}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4F3CAB52-72F0-464F-96E5-A02EE20A68B4}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{6B98182B-4765-4E19-979D-945DDDFB672F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=GoogleÂ Chrome (mDNS-In)|Desc=RÃ¨gle de trafic entrant pour GoogleÂ Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome|
"{E5243342-B906-40E9-BDCD-43B3443F8C4C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{95A77B5D-7A40-49B1-AEAB-506F88C52A71}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{EB7608CA-3D62-4FB5-8CA5-C94FBD3BC9F6}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{016EF687-E863-4147-9B79-2CA1D6D1A9CC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{3D4E67A1-105F-486F-9FA3-D52625D5CB53}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{99AE4E94-2B29-46C8-9384-64A40A30BC70}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{CE48A6FC-2892-4F87-B040-B17B39EFFA86}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{F8B5F24D-1DB3-4F91-8F75-89D649B79577}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{3775984F-8E6C-4B02-90BE-3477D04B9B7A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{A02EA888-CF8E-4022-9F4F-28061618C807}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{88EAE17A-E4BD-4201-BEC3-40072EB0E4B6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4860FE69-65D4-4B10-BC82-4627CE4A579E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{9E3E8610-E4B7-416B-B0BF-2A2823392A72}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{570973D5-B62F-4242-961B-4096F310319B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2CED306E-B24D-4536-ADC4-3584F4870FEA}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{B3A7EFF6-9989-4E34-BFF9-BFE17B9B2A89}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{72D8E30E-3147-4E13-A8F1-2E4198CBF438}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{44E367FD-9CBB-4307-A4D8-1261B7F07F9E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{09A223FA-8657-4A75-A4F9-CB1C9618E0A0}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{BC10DA52-AFD3-4179-B3E2-71343B40517E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Desc=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-778011547-1096124574-1799322564-3972718560-253206704-1472347756-15051174|EmbedCtxt=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{7FD12647-DC02-4A87-8681-403E15BC3A92}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Desc=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-778011547-1096124574-1799322564-3972718560-253206704-1472347756-15051174|EmbedCtxt=@{Microsoft.OneConnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.OneConnect/OneConnect/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{4F7DA6C6-7CA7-4415-A153-13218F8DB6F8}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{4A6E892A-AB83-487C-B82D-7E3309D6B023}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{8C9BF265-C45A-4A88-BF38-2CDEBCD95631}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ|
"{F712FAF0-3177-4BDE-8ABA-96A32141652B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ|
"{D7449105-1E52-4F2F-A565-A13D9D40DAB3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ|
"{F6C69D07-A336-49AB-8A5C-22AE7A60F3E7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ|
"{51541208-9D8C-42AD-9171-E710DD2B77C5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Mahjong|Desc=Microsoft Mahjong|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953|EmbedCtxt=Microsoft Mahjong|Platform=2:6:2|Platform2=GTEQ|
"{56279BEF-46E5-4E0D-B418-CA125E9A826B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Mahjong|Desc=Microsoft Mahjong|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953|EmbedCtxt=Microsoft Mahjong|Platform=2:6:2|Platform2=GTEQ|
"{D412839A-F92A-4C62-BAB9-6F1FA6A6C950}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{94541BB4-744E-4735-B00C-51B41E53EADE}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{25FF75AC-CBE1-4CCE-B43F-B8EA0BCBE908}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{666C5FF8-94CD-40F0-8B20-2E2E0C59A968}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Desc=@{Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-599759058-3479938838-1253218824-33263930-1483063708-2104800716-3218279855|EmbedCtxt=@{Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{9EB95D9D-BB81-4D55-BBBE-1A027D91DE8A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Desc=@{Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-599759058-3479938838-1253218824-33263930-1483063708-2104800716-3218279855|EmbedCtxt=@{Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsFeedbackHub/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|
"{C16B0876-5671-4DBB-9B67-BAAC602BAE1D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{7B7C9E25-8663-433B-9243-AE49C48ED3DC}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{B5B403E8-EC0E-451F-A912-C00BE19B1625}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Desc=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Platform=2:6:2|Platform2=GTEQ|
"{F2F3B8CD-9173-4D78-9FF7-0DA70D0FB92C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Desc=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=@{Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://Microsoft.SkypeApp/Resources/SkypeVideo_ProductName}|Platform=2:6:2|Platform2=GTEQ|
"{BDF10C2D-492D-4512-BBEF-0EAE94A4F05D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|
"{FE33A7D0-EEBC-4FF7-AFFF-FDC61EB5A537}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{AA3D3CF7-5FFE-44E0-AC8E-EC647F6CB30A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{8B4FAE56-C894-4597-B270-08394F93D14C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FABFB1EC-C354-4BE6-B65D-F2A2EE65903B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{A027F853-F725-435C-8C46-FFCB71B57720}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{19281AAE-A01A-42FA-836C-6325C5E06062}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{53E0C869-A459-48F4-AFEB-42E254971315}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{C7F7F9D6-D482-4449-A2D9-0FEDEBFAD2F9}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{C91E37FC-38B6-4CD3-A99B-E54F211C470F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{FE5425CD-E2FE-48CC-959E-F981F67C1F7F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{2E0C72C4-5181-473E-8793-60DD54656502}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{56B038CB-D974-4CD0-BE0F-6ED2CA633A36}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{2F96FEFE-A3CF-49EF-8855-B620DF0C42FD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{D5A0690C-9AB9-4D8E-8C38-E5D4B37663D5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{FF173667-C4FB-45C1-8346-226CD5B8585D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{93EAE86A-2A21-43C0-BDDD-1F073A5BF728}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ShellExperienceHost/resources/PkgDisplayName}|Desc=@{Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ShellExperienceHost/resources/PkgDisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708|EmbedCtxt=@{Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ShellExperienceHost/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{37E9C173-3087-4A9A-8D5C-F6804833E444}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Desc=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{79805E3E-756A-4BC7-AC0A-5D2A3B7144C1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Desc=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{CF2CCB5A-F4F1-4CC8-B69C-2E3A4D7D0B4E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|
"{E80F129C-6423-4991-BC23-2E6BBAC1771F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{D862DB69-460B-45CF-9105-DE91268AE09A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{EB2CA670-8CDB-45A9-B93E-B22249714233}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{8BB7F3A9-E02A-4085-A127-84A0E79D6690}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{4764A9CE-8E63-4F02-8AB3-DA167E7596A6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{6474C620-24DB-4656-B6CB-8C1E59CCD26D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{73474062-520D-4F1C-BB07-E62D4EFFB3E1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{602435D3-36A2-4D80-9549-8CB54170B765}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{FB939462-6AC3-4AA7-8F85-452061393D21}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{DAFCD55A-5AB7-4A17-AADD-2071A8A3171C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4AEDB196-A0E5-4EB9-AC3F-41744B0B7D60}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{6FAC93E0-CF3A-4558-9A77-2A7BF07C2D9A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{888866EC-75CB-4A0A-96EF-1423AE38DAA0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{A94E5960-E42B-42BA-B3B2-283A6DDCB6DC}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{784381AA-74D7-488D-9F3A-D048E574D0B4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{1502E050-5BCB-4ADC-AF11-BEC8D25C6C1D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{99501913-19B5-488E-A235-6828A89F7F81}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{229E15CA-83D3-4126-80E2-5DFE3462B172}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{685DC9A6-6592-4232-BF31-266629C63029}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{9E80325F-15BA-405A-B2AC-658E2A9813B7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{D0E782DD-A7A8-400A-BDD1-4DC1583AC888}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{F138371D-9CB1-4489-9679-FB8E809B6A76}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{F198EDEB-9837-41D8-94B7-1C7A9D99121A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{847999EB-76BA-408C-9642-6866F46E3381}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{B928E35B-67B5-4CD9-B0F5-35218401FCD4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{74AEA1C7-0004-494D-8C89-31BB763795E5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{9FCE7A27-5312-48E4-AEFA-8488FC2535DA}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{E1AA1E70-719B-4CD3-9D2D-C6D2011D5045}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2BED85D8-B39A-4BE2-9FA6-1655E229E7BD}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C7B92A5A-5B3F-459D-BA63-AA11A3346A26}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{67506FDC-3864-46F2-894C-A8A119EB2DA6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{6B1C72E3-6498-49FB-BFF9-48467EFF2CF4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{119C6826-32E6-4662-9744-042A63935883}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{4779618B-EDC6-4E39-BDDF-7D7E14F304BC}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"{5E12EF5B-1236-4346-AC79-9AE2C869162D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"{E473AD8E-5831-48D1-92AA-7F2AF3770757}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{560C1A1C-C15B-44F7-961B-99B6268148C3}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{4AFEA256-2336-4D70-BFED-47C58AA45F47}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{DED26911-0FC1-416A-B93F-69C6D03862D3}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{C56158AB-8393-42EE-BC8F-415FCF31F521}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{2E0B7355-FC04-401E-87EF-CCC2871728F3}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{85E01FB9-1385-4018-9091-54C95A2C6A00}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{4E9784EA-9FE9-4528-B481-B401764582C4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{76C0A751-2768-44F4-AD65-2FC12D8E1A26}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{1BFA9947-F0AD-43E7-BCDD-DF74B93BE209}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{78ADF66A-A884-422A-9C39-238BF53F3B18}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1E40E71C-C433-4F5A-95B0-4289B38DDD18}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{65638742-6897-461F-BB84-1E7A77AADA3C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|
"{0CE945C0-7816-4C60-B7A7-15C82C97C604}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-2223247258-1722811853-2886010316-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{6A8B98F6-E028-4589-8E5A-18E580CE4E32}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{94B7BEDA-A0E7-4C12-A06C-B1C7BFFFADD5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{BD09EF24-A824-43D5-8CE9-E29B370A4E20}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{6BF3EBBA-E21E-4DD6-8CE8-7340146CEE45}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{A59808FB-4445-408D-A2C0-DD46FC33EDE8}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{6AD6740F-0086-40FC-82EE-A1972722D391}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{ABBAD545-7F35-4E5C-B0F0-E3EDB5587180}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{AF102E27-5E87-4E24-8C5B-BD63F59FB714}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{1DE647FD-34E8-4F75-AC01-AF1F05E18F16}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{B8355BFE-4BEB-43E6-9BB4-AEF1A666DDAE}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{F85697A1-1075-4E9B-98A1-843479B4806E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{63D7EB35-19AB-42D7-9875-9C58F862B3CF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{F13E09FB-BB7D-430F-94FD-A2F606C79649}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{83CEA07E-D809-4664-BCC8-2A8059A7AF4B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{8EBD7C94-E922-4ABB-80CC-2A79FF6AB53A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|
"{B99159B1-E8DA-4B8A-B5E9-1EDBDE47EA1F}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-144|Desc=@ipnathlp.dll,-10143|EmbedCtxt=@ipnathlp.dll,-140|
"{3E83E4FB-652B-4187-8E23-5B3676049A92}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-145|Desc=@ipnathlp.dll,-10144|EmbedCtxt=@ipnathlp.dll,-140|
"{A3DDCC80-97B6-4EE6-BD92-CF498CBF0359}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={E8EC74F2-0B6B-4451-8247-B14F6A8D70CC}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@ipnathlp.dll,-151|Desc=@ipnathlp.dll,-10149|EmbedCtxt=@ipnathlp.dll,-140|

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service




---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem11.inf,%ClassName%;SAMSUNG Android Phone
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs)
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem6.inf,%WDC_SAM_ClassName%;WD Drive Management devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem2.inf,%ClassName%;ADB Interface
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[03/11/2016 20:30:58] - (10.0.3.15) - (Mediafour Corporation - MacDrive partition driver) - C:\WINDOWS\system32\DRIVERS\MDPMGRNT.sys
[01/10/2015 10:14:38] - (10.0.0.30) - (Mediafour Corporation - MacDrive file system driver) - C:\WINDOWS\System32\Drivers\MDFSYSNT.sys
[28/09/2016 12:21:18] - (11.0.0.169) - (Paragon Software Group - GUID Partition Table Support Driver) - C:\WINDOWS\system32\DRIVERS\gpt_loader.sys
[12/10/2014 21:36:19] - (1.0.0.50) - (Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver) - C:\WINDOWS\system32\DRIVERS\jswpslwfx.sys
[03/11/2016 20:31:00] - (1.5.76.166) - (EldoS Corporation - CallbackDisk Virtual Storage Driver) - C:\WINDOWS\system32\drivers\CBDisk.sys
[11/12/2012 11:41:59] - (0.0.0.0) - ( -) - C:\WINDOWS\SysWow64\drivers\AsUpIO.sys
[11/12/2012 11:41:35] - (0.0.0.0) - ( -) - C:\WINDOWS\SysWow64\drivers\AsIO.sys
[26/08/2016 23:32:34] - (21.21.13.6909) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 369.09) - C:\WINDOWS\System32\DriverStore\FileRepository\nvakwu.inf_amd64_54baefc149b8c1ad\nvlddmkm.sys
[11/12/2012 11:41:55] - (5.2.3790.0) - (ASUSTek Computer Inc. - ASUS Charger driver) - C:\WINDOWS\SysWow64\drivers\AiChargerPlus.sys
[16/07/2016 12:41:52] - (5.0.48.0) - (MediaTek Inc. - MediaTek 802.11 Wireless Adapter Driver) - C:\WINDOWS\System32\drivers\netr28x.sys
[26/08/2016 23:32:32] - (1.3.34.15) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys
[09/11/2016 08:12:19] - (5.1.2.250) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\WINDOWS\System32\ATMFD.DLL
[01/03/2013 02:49:12] - (4.1.0.2980) - (Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver) - C:\WINDOWS\system32\drivers\npf.sys
[23/06/2016 13:16:08] - (1.0.0.0) - (CyberLink Corp. -) - C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - EhStorTcgDrv (@EhStorTcgDrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - gpt_loader (GUID Partition table support driver) -> system32\DRIVERS\gpt_loader.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-100) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False
R0 - [File System Driver] - MDFSYSNT (MacDrive file system driver) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - MDPMGRNT (MacDrive Partition Driver Service) -> system32\DRIVERS\MDPMGRNT.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - CBDisk (CBDisk) -> \??\C:\WINDOWS\system32\drivers\CBDisk.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True
S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False
R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - JSWPSLWF (@oem26.inf,%AthSec_Desc%;JumpStart Wireless Filter Driver) -> \SystemRoot\system32\DRIVERS\jswpslwfx.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ws2ifsl (Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - clreg (@%SystemRoot%\system32\drivers\registry.sys,-100) -> \SystemRoot\System32\drivers\registry.sys - AcceptPause: False - AcceptStop: True
S2 - [Kernel Driver] - csvol (Core Storage Volumes Driver) -> \SystemRoot\system32\DRIVERS\csvol.sys - AcceptPause: False - AcceptStop: False
R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - NPF (NetGroup Packet Filter Driver) -> system32\drivers\npf.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: True

---------- | System files (Microsoft Files whitelisted)

[MD5.EE1CCC54F75C24727A218F98FC5349DA] - [16/07/2016 12:41:53] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys
[MD5.49B9DB97AFC85DCCBDACDAB2E90085B7] - [16/07/2016 12:41:53] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport  Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys
[MD5.74FFBC43B4B899C9A8CA06A892F2CE73] - [16/07/2016 12:41:53] - (.Copyright Â© 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys
[MD5.AAB0F1D8D7E54761ABAB13AF161F1680] - [16/07/2016 12:41:53] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys
[MD5.F91BAAC4237C40352A807000F3B716F9] - [16/07/2016 12:41:53] - (.Copyright Â© 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys
[MD5.E6AB1F0B4C3D4E0D2A88332D76FECD03] - [16/07/2016 12:41:53] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys
[MD5.3F5523DCEFE42B385659C5CB46A6B810] - [16/07/2016 12:41:53] - (.Â© Broadcom Corporation. - BCM Function 2  Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys
[MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [16/07/2016 12:41:53] - (.Â© Broadcom Corporation. - BCM Function 2  Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys
[MD5.63A00CDBEB300522C49EC7CA77324060] - [04/07/2015 06:48:04] - (.Copyright (C) Brother Industries Ltd.1997-2012 - Brother MFC Serial Interface Driver(WDM).) - [93.11 Ko] - (1.0.2.4) - C:\WINDOWS\System32\Drivers\BrSerIb.sys
[MD5.BBCFD6C6EF66449F55AF1BFDB08C9B12] - [04/07/2015 06:48:04] - (.Copyright(C)Brother Industries Ltd.1997-2009 - Brother MFC Serial USB Driver(WDM).) - [21.36 Ko] - (1.1.1.5) - C:\WINDOWS\System32\Drivers\BrUsbSib.sys
[MD5.61BAC67048CA5C1D08C48FCC8012B613] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic Gigabit Ethernet VBD.) - [521.34 Ko] - (7.12.31.105) - C:\WINDOWS\System32\Drivers\bxvbda.sys
[MD5.B99D91E4CD9017F213645AA2E80EB425] - [03/11/2016 20:31:00] - (.Copyright (C) EldoS Corp. 2000-2010 - CallbackDisk Virtual Storage Driver.) - [68.7 Ko] - (1.5.76.166) - C:\WINDOWS\System32\Drivers\CBDisk.sys
[MD5.48BC8B59BF348BD8C8702B93171008F2] - [16/07/2016 12:41:53] - (.Copyright Â© 2016 Chelsio Communications. - Chelsio iSCSI Crash Dump Driver.) - [100.34 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4dx64.sys
[MD5.0AED948DA8D5F08B3D6F12E4E2089736] - [16/07/2016 12:41:53] - (.Copyright Â© 2016 Chelsio Communications. - Chelsio iSCSI VMiniport Driver.) - [338.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4sx64.sys
[MD5.0002A0FDE087C1657AB31CE73077539C] - [16/07/2016 12:41:53] - (.Copyright Â© 2010 Chelsio Communications. - Virtual Bus Driver for Chelsio Â® T4 Chipset.) - [2054.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4vx64.sys
[MD5.DF5AC7D8DDE34B1A4E9D612CE02BC4CC] - [28/09/2016 12:21:20] - (.Â© 2008-2016 Paragon Software Group - Core Storage Volumes Driver.) - [22.83 Ko] - (11.0.0.169) - C:\WINDOWS\System32\Drivers\csvol.sys
[MD5.7EC6FC0266D74BD47ABB130A328B70EC] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic 10 GigE VBD.) - [3338.84 Ko] - (7.13.65.105) - C:\WINDOWS\System32\Drivers\evbda.sys
[MD5.9F1629F69A53DBB60ACEEB24B574402E] - [28/09/2016 12:21:18] - (.Â© 2008-2016 Paragon Software Group - GUID Partition Table Support Driver.) - [59.33 Ko] - (11.0.0.169) - C:\WINDOWS\System32\Drivers\gpt_loader.sys
[MD5.772A1DEEDFDBC244183B5C805D1B7D85] - [25/01/2013 13:27:04] - (.Copyright Â© 2006-2011, Intel Corporation. - Intel(R) Management Engine Interface.) - [61.31 Ko] - (8.1.0.1263) - C:\WINDOWS\System32\Drivers\HECIx64.sys
[MD5.F5CA18197B4646E04DB9EB2D6642CC4D] - [16/07/2016 12:41:53] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys
[MD5.C6B8743B213F06AA60943D8366FE968F] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO GPIO Controller Driver.) - [32.5 Ko] - (604.10146.3023.12819) - C:\WINDOWS\System32\Drivers\iagpio.sys
[MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys
[MD5.5A0E850F8CD17791A3E6A3CF81D0CA28] - [16/07/2016 12:41:54] - (.Copyright Â© 2015, Intel Corporation. - Intel(R) Serial IO GPIO Driver v2.) - [63 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_GPIO2.sys
[MD5.7508F1096803385D6376BFD0BD473AC4] - [16/07/2016 12:41:54] - (.Copyright Â© 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [172.25 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys
[MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [16/07/2016 12:41:52] - (.Copyright Â© 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys
[MD5.EB82A11613326691508D9ED9A4FE29E7] - [16/07/2016 12:41:50] - (.Copyright Â© 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys
[MD5.6C024B3AE192D72B216166802AF345DD] - [15/11/2012 09:17:51] - (.Copyright(C) Intel Corporation 1994-2012 - Intel Rapid Storage Technology driver - x64.) - [630.81 Ko] - (11.5.4.1001) - C:\WINDOWS\System32\Drivers\iaStorA.sys
[MD5.97E553D03219D3D51705C7235D9EAEBD] - [16/07/2016 12:41:53] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys
[MD5.8350FE3BCDE3428BC040877BB7E9EAEB] - [16/07/2016 12:41:53] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys
[MD5.3BA03F7C7700DDF4C383DDE9252F5817] - [16/07/2016 12:41:53] - (.CopyrightÂ© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [513.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ibbus.sys
[MD5.5BE640E88814B77A9E84B4549B5DCC2C] - [12/10/2014 21:36:19] - (.Copyright Â© 2004 - 2007, Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) - [26 Ko] - (1.0.0.50) - C:\WINDOWS\System32\Drivers\jswpslwfx.sys
[MD5.8E1B0946948CCC0BC1FA3CB70374A795] - [16/07/2016 12:41:53] - (.Copyright Â© LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys
[MD5.4F68163FC04C973500DC4DA0946917B0] - [16/07/2016 12:41:53] - (.Copyright Â© LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [103.34 Ko] - (2.0.79.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys
[MD5.E5AC5F2815938651CDCC27F425474673] - [16/07/2016 12:41:53] - (.Copyright Â© Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [98.84 Ko] - (2.51.12.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys
[MD5.CCF6EC9FB9B8F18E05B4253E81013E48] - [16/07/2016 12:41:53] - (.Copyright Â© LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys
[MD5.78BFF5425E044086E74E78650A359FBB] - [09/04/2013 05:53:43] - (.Â© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\WINDOWS\System32\Drivers\mbam.sys
[MD5.1239597BAB7EED2BB16D035AF87E65D9] - [20/09/2014 14:55:44] - (.Â© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\WINDOWS\System32\Drivers\mbamchameleon.sys
[MD5.78488AF2AB2111D67B3C4044707A519B] - [20/09/2014 14:55:57] - (.Â© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys
[MD5.9CAED85536DAE508B97D438B0D17E31D] - [01/10/2015 10:14:38] - (.Copyright Â© 1996-2015 Mediafour Corporation - MacDrive file system driver.) - [311.14 Ko] - (10.0.0.30) - C:\WINDOWS\System32\Drivers\MDFSYSNT.SYS
[MD5.6E1C008515D7CAB32A6280950AFA211E] - [03/11/2016 20:30:58] - (.Copyright Â© 1996-2015 Mediafour Corporation - MacDrive partition driver.) - [45.59 Ko] - (10.0.3.15) - C:\WINDOWS\System32\Drivers\MDPMGRNT.SYS
[MD5.C3CDCCF07486BD2616A7B82946E07AC0] - [16/07/2016 12:41:53] - (.Copyright Â© Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys
[MD5.2CF0CB2A0ED68C5455371E84C16F9627] - [16/10/2016 12:58:10] - (.Copyright Â© Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [62.84 Ko] - (6.711.10.11) - C:\WINDOWS\System32\Drivers\MegaSas2i.sys
[MD5.FADB2FE017E69EECE0E1BA78661C2E8C] - [16/07/2016 12:41:53] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys
[MD5.FD60818B66B2E8A5415EA840E99A9D8F] - [16/07/2016 12:41:53] - (.CopyrightÂ© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [822.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys
[MD5.7070F776E9035DD006E53A3BD532F845] - [28/09/2016 12:21:16] - (.Â© 2008-2016 Paragon Software Group - HFS+ Mounter Helper Driver.) - [40.83 Ko] - (11.0.0.169) - C:\WINDOWS\System32\Drivers\mounthlp.sys
[MD5.3D2C5B4995CA0751D32DEA0DE9FDFE44] - [16/07/2016 12:41:53] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys
[MD5.898415AC0B5F1D2A9A48ABCB68A6DC4B] - [20/09/2014 14:55:44] - (.Â© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.88 Ko] - (1.0.6.0) - C:\WINDOWS\System32\Drivers\mwac.sys
[MD5.629CB21AC49C8867E0F29DF1C16DB7B4] - [16/07/2016 12:41:53] - (.CopyrightÂ© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [106.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys
[MD5.6C76780A01FC2B885BD6E957B5C36B02] - [16/07/2016 12:42:03] - (.-.) - [88.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\NetAdapterCx.sys
[MD5.32AC64CFF6C602AB599F8BA95464BC26] - [16/07/2016 12:41:52] - (.MediaTek Inc. (C)2014. - MediaTek 802.11 Wireless Adapter Driver.) - [2445.5 Ko] - (5.0.48.0) - C:\WINDOWS\System32\Drivers\netr28x.sys
[MD5.DE7FCC77F4A503AF4CA6A47D49B3713D] - [01/03/2013 02:49:12] - (.Copyright Â© 2010-2013 Riverbed Technology, Inc. Copyright Â© 2005-2010 CACE Technologies. Copyright Â© 1999-2005 NetGroup, Politecnico di Torino. - npf.sys (NT5/6 AMD64) Kernel Driver.) - [35.74 Ko] - (4.1.0.2980) - C:\WINDOWS\System32\Drivers\npf.sys
[MD5.04AFA4A13AB62E3FC46C327E294B2A34] - [26/08/2016 23:32:32] - (.(C) NVIDIA Corporation. - NVIDIA HDMI Audio Driver.) - [235.06 Ko] - (1.3.34.15) - C:\WINDOWS\System32\Drivers\nvhda64v.sys
[MD5.D261DF41F0840F734856A2B4F5E072C7] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIAÂ® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys
[MD5.23B702B555EB0436B9DAA0BC63DA65CE] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIAÂ® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys
[MD5.540116170E2135FCD5DDE77702166B67] - [16/07/2016 12:41:53] - (.Copyright Â© Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.805.3.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys
[MD5.8356F87553BF49C703CF382033815898] - [16/07/2016 12:41:53] - (.Copyright Â© Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [60.34 Ko] - (6.603.6.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys
[MD5.54D8FAC6680C71D1D288051E544A0117] - [23/06/2016 13:16:08] - (.Copyright (C) CyberLink Corp. 2009 -.) - [143.21 Ko] - (1.0.0.0) - C:\WINDOWS\System32\Drivers\rikvm_38F51D56.sys
[MD5.F9265C902BB9146C6BFF97BDF35C04DE] - [16/07/2016 12:41:53] - (.Copyright (C) 2015 Realtek Semiconductor Corporation. All Right Reserved.            - Realtek 8136/8168/8169 NDIS 6.40 64-bit Driver             .) - [576 Ko] - (9.1.404.2015) - C:\WINDOWS\System32\Drivers\rt640x64.sys
[MD5.5B116AFACF56CE24A4D288D94ECE1291] - [01/10/2013 13:23:22] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [3588.59 Ko] - (6.0.1.7050) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys
[MD5.333224D4D25F9BCCA488E08345083E1C] - [18/04/2013 19:27:10] - (.Copyright (C) 2009 Realtek Semiconductor Corporation                            - Realtek RTL8187 NDIS Driver.) - [438 Ko] - (6.1316.1209.2009) - C:\WINDOWS\System32\Drivers\RTL8187.sys
[MD5.A34CE1830E45DA98932295FDE4B7908A] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys
[MD5.A7B5C670770E908DA5FEF5BF1136E933] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys
[MD5.9593475FBC857A05D93BFF4FA7323C2B] - [27/12/2016 18:29:18] - (.Copyright â SAMSUNG - SAMSUNG USB Composite Device Driver.) - [128.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys
[MD5.592FF34A2FD6C6351B8A3AA76B2C0A9E] - [27/12/2016 18:29:18] - (.Copyright â SAMSUNG - SAMSUNG Android Modem Device Driver.) - [161.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys
[MD5.440A795E605B324BCCDBD082770A349C] - [27/12/2016 18:29:18] - (.Copyright â SAMSUNG - SAMSUNG USB Mobile Logging Device Driver.) - [161.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudserd.sys
[MD5.29D26E1347AE1BBD4201014E19880B2C] - [16/07/2016 12:41:53] - (.Â© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys
[MD5.0D5A09B08568760AE85A801FCBC0F83D] - [19/01/2017 21:34:48] - (.-.) - [27.61 Ko] - (2.0.2.0) - C:\WINDOWS\System32\Drivers\TrueSight.sys
[MD5.FD587ABE55E0CD2CA3DE0C6E6960F6BE] - [16/10/2009 12:03:47] - (.Â© TamoSoft. - WiFi Capture Driver.) - [26.1 Ko] - (1.0.2.47) - C:\WINDOWS\System32\Drivers\TsLwWfF.sys
[MD5.F957092C63CD71D85903CA0D8370F473] - [17/06/2015 17:04:24] - (.Â© Apple, Inc. - Apple Mobile Device USB Driver.) - [53.5 Ko] - (1.67.0.0) - C:\WINDOWS\System32\Drivers\usbaapl64.sys
[MD5.AD6D273E646B94BB6668C8CB439CFBD3] - [27/04/2013 13:39:52] - (.Copyright (C) 2009-2013 Oracle Corporation - VirtualBox Support Driver.) - [232.27 Ko] - (4.2.12.0) - C:\WINDOWS\System32\Drivers\VBoxDrv.sys
[MD5.B0A8C5BC95689A130F9E05492341833D] - [12/04/2013 11:41:28] - (.Copyright (C) 2009-2013 Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) - [128.77 Ko] - (4.2.12.0) - C:\WINDOWS\System32\Drivers\VBoxNetAdp.sys
[MD5.1E821B0057C861F6AFE88187466F7CA4] - [12/04/2013 11:40:18] - (.Copyright (C) 2009-2013 Oracle Corporation - VirtualBox USB Driver.) - [103.77 Ko] - (4.2.12.0) - C:\WINDOWS\System32\Drivers\VBoxUSB.sys
[MD5.E5C140160617B2B0545B4051AA9507FF] - [27/04/2013 13:39:36] - (.Copyright (C) 2009-2013 Oracle Corporation - VirtualBox USB Monitor Driver.) - [117.27 Ko] - (4.2.12.0) - C:\WINDOWS\System32\Drivers\VBoxUSBMon.sys
[MD5.FD9BCB8920973CEAD4D49DC7A6D8A618] - [16/07/2016 12:41:53] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys
[MD5.0C111F220798CCE80484026E06822379] - [16/07/2016 12:41:53] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS
[MD5.F95DE20312ACCA7761446DE152BD1F7C] - [16/07/2016 12:41:53] - (.CopyrightÂ© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [31.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winmad.sys
[MD5.8B9AFF5F08E66A6F1F1063DEC9457FB6] - [16/07/2016 12:41:53] - (.CopyrightÂ© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [63.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winverbs.sys
[MD5.4BFB41025FA1C37205EDEEFDE36F7771] - [11/12/2012 11:41:55] - (.Copyright (c) ASUSTek Computer Inc. - ASUS Charger driver.) - [14.5 Ko] - (5.2.3790.0) - C:\WINDOWS\Syswow64\Drivers\AiChargerPlus.sys
[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - [11/12/2012 11:41:34] - (.-.) - [9.98 Ko] - (0.0.0.0) - C:\WINDOWS\Syswow64\Drivers\AsInsHelp32.sys
[MD5.EDAA17CE771C696655B6585F7CAD2100] - [11/12/2012 11:41:34] - (.-.) - [11.55 Ko] - (0.0.0.0) - C:\WINDOWS\Syswow64\Drivers\AsInsHelp64.sys
[MD5.FEF9DD9EA587F8886ADE43C1BEFBDAFE] - [11/12/2012 11:41:35] - (.-.) - [13.13 Ko] - (0.0.0.0) - C:\WINDOWS\Syswow64\Drivers\AsIO.sys
[MD5.1392B92179B07B672720763D9B1028A5] - [11/12/2012 11:41:59] - (.-.) - [14.13 Ko] - (0.0.0.0) - C:\WINDOWS\Syswow64\Drivers\AsUpIO.sys
[MD5.19166026A93206F9C6A8CD3A1F010AE4] - [11/12/2012 11:34:41] - (.-.) - [10.05 Ko] - (0.0.0.0) - C:\WINDOWS\Syswow64\Drivers\ASUSHWIO.SYS

---------- | Uninstall

[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\fb90fd9a010183af] : (.-.) -> 
[HKU\S-1-5-21-2223247258-1722811853-2886010316-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\FileZilla Client] : (FileZilla Client 3.10.1.1.-.Tim Kosse) -> C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\8461-7759-5462-8226] : (Vuze.-.Azureus Software, Inc.) -> C:\Program Files\Vuze\uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\8B3D7924-ED89-486B-8322-E8594065D5CB_is1] : (RogueKiller version 12.9.4.0.-.Adlice Software) -> "C:\Program Files\RogueKiller\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Recuva] : (Recuva.-.Piriform) -> "C:\Program Files\Recuva\uninst.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 4.20 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3540181E-340A-4E7A-B409-31663472B2F7}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{3540181E-340A-4E7A-B409-31663472B2F7}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5E00D8DF-905B-41C7-B562-C126DE3A4167}] : (ASUS Music Maker.-.MAGIX AG) -> MsiExec.exe /I{5E00D8DF-905B-41C7-B562-C126DE3A4167}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{691F30EB-9009-475A-B8A9-E1BF39598FD5}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{691F30EB-9009-475A-B8A9-E1BF39598FD5}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}] : (PaperPort Image Printer 64-bit.-.Nuance Communications, Inc.) -> MsiExec.exe /X{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}] : (Classic Shell.-.IvoSoft) -> MsiExec.exe /X{7C129CF8-199F-4269-AAEE-60B5D8D716E2}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7DB84618-76E3-4999-A9A0-D7D756E14129}] : (ASUS Video easy.-.MAGIX AG) -> MsiExec.exe /I{7DB84618-76E3-4999-A9A0-D7D756E14129}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{819CBF9F-5812-4399-820B-FE442D15EAFB}] : (ActivePerl 5.20.1 Build 2000 (64-bit).-.ActiveState) -> MsiExec.exe /I{819CBF9F-5812-4399-820B-FE442D15EAFB}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9204F334-2A46-49F1-89C4-65CEB7AC1974}] : (ASUS MX Suite.-.MAGIX AG) -> MsiExec.exe /I{9204F334-2A46-49F1-89C4-65CEB7AC1974}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A0A22476-ACC2-4EE8-9BF0-F9F44B87D7CE}] : (MacDrive 10 Standard.-.Mediafour Corporation) -> MsiExec.exe /X{A0A22476-ACC2-4EE8-9BF0-F9F44B87D7CE}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 327.02.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{676895BF-07A3-47C9-BD1D-BE2280E6F406}\NVI2.DLL",UninstallPackage Display.3DVision
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 369.09.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 327.02.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{676895BF-07A3-47C9-BD1D-BE2280E6F406}\NVI2.DLL",UninstallPackage Display.Driver
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA PhysX System Software 9.12.0613.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.PhysX
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.26.4.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{06BA0C7C-C5D9-4AF6-B918-6532A30C6254}\NVI2.DLL",UninstallPackage HDAudio.Driver
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}] : (Vegas Pro 13.0 (64-bit).-.Sony) -> MsiExec.exe /X{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}] : (Samsung USB Driver for Mobile Phones.-.Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}] : (IntelÂ® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Creative Cloud] : (Adobe Creative Cloud.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 23 NPAPI.-.Adobe Systems Incorporated) -> C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_Plugin.exe -maintain plugin
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Brother's Keeper 7.1] : (Brother's Keeper 7.1.-.) -> C:\PROGRA~2\BROTHE~1\UNWISE.EXE C:\PROGRA~2\BROTHE~1\INSTALL.LOG
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Cain & Abel v4.9.43] : (Cain & Abel v4.9.43.-.) -> C:\PROGRA~2\Cain\UNINSTAL.EXE C:\PROGRA~2\Cain\Install.log
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{2DEF112F-847B-4DC4-9FC9-97EB52E2D7FC}] : (WebViewer Plugin.-.Samsung Techwin Co., Ltd.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2DEF112F-847B-4DC4-9FC9-97EB52E2D7FC}\setup.exe" -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] : (ASUSDVD.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] : (K-Lite Codec Pack 11.0.0 Full.-.) -> "C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LinuxLive USB Creator] : (LinuxLive USB Creator.-.Thibaut Lauziere) -> C:\Program Files (x86)\LinuxLive USB Creator\Uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}] : (ASUS Music Maker.-.MAGIX AG) -> "C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{5E00D8DF-905B-41C7-B562-C126DE3A4167}\ASUS_Music_Maker_MX_setup.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}] : (ASUS Video easy.-.MAGIX AG) -> "C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{7DB84618-76E3-4999-A9A0-D7D756E14129}\ASUS_Video_easy_setup.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}] : (ASUS MX Suite.-.MAGIX AG) -> "C:\Program Files (x86)\Common Files\MAGIX Services\Uninstall\{9204F334-2A46-49F1-89C4-65CEB7AC1974}\MX_Suite_asus_setup.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Marroki Mailer Anonyme] : (Marroki Mailer Anonyme 1.0.-.) -> "C:\Program Files (x86)\Marroki Mailer Anonyme\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 50.1.0 (x86 fr)] : (Mozilla Firefox 50.1.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Network Stumbler] : (Network Stumbler 0.4.0 (remove only).-.) -> "C:\Program Files (x86)\Network Stumbler\uninst.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NoIPDUC] : (No-IP DUC.-.Vitalwerks Internet Solutions LLC) -> C:\Program Files (x86)\No-IP\uninstall.exe
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.51.2220.62] : (SafeZone Stable 1.51.2220.62.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Scanner NetBIOS_is1] : (Scanner NetBIOS 1.6.-.Tyler @ L'igloo du hack) -> "C:\Program Files (x86)\Scanner NetBIOS\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SmartCam] : (SmartCam -- Smart Phone Camera.-.Ionut Dediu) -> C:\Program Files (x86)\SmartCam\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UNetbootin] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinPcapInst] : (WinPcap 4.1.3.-.Riverbed Technology, Inc.) -> C:\Program Files (x86)\WinPcap\uninstall.exe
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}] : (Scansoft PDF Professional.-.) -> 
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0708FF30-78C0-47B0-81F0-C84604DC769C}] : (Nero Express Help (CHM).-.Nero AG) -> MsiExec.exe /X{0708FF30-78C0-47B0-81F0-C84604DC769C}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}] : (eManual.-.ASUSTeK Computer Inc.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}] : (REALTEK Wireless LAN Driver and Utility.-.ALFA NETWORK Inc.) -> C:\Program Files (x86)\InstallShield Installation Information\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}\Install.exe -uninst -l0x40C 
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}] : (Nero Launcher.-.Nero AG) -> MsiExec.exe /X{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0F450417-F5B1-4D9C-B93B-4DC81F3EA954}] : (Nero BurningROM 2015.-.Nero AG) -> MsiExec.exe /I{0F450417-F5B1-4D9C-B93B-4DC81F3EA954}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}] : (Adobe Media Encoder CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{0FAC7130-BEC5-47A5-8813-1D339B8326ED}"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17430817-C5C3-5F64-059B-33049EB1B1B1}] : (.-.) -> C:\PROGRA~3\INSTAL~1\{237AA~1\Setup.exe /remove /q0
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{179324FF-7B16-4BA8-9836-055CAAEE4F08}] : (SDFormatter.-.SD Association) -> MsiExec.exe /X{179324FF-7B16-4BA8-9836-055CAAEE4F08}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1EB0D40B-3E8F-4A37-A0A2-79D516B49F0D}] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2432E589-6256-4513-B0BF-EFA8E325D5F0}] : (Nero SharedVideoCodecs.-.Nero AG) -> MsiExec.exe /X{2432E589-6256-4513-B0BF-EFA8E325D5F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2583CDBA-8A53-4622-BB67-1D163714C1B4}] : (Python 3.4.2.-.Python Software Foundation) -> MsiExec.exe /I{2583CDBA-8A53-4622-BB67-1D163714C1B4}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218031F0}] : (Java 8 Update 31.-.Oracle Corporation) -> MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F83218031F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{28656860-4728-433C-8AD4-D1A930437BC8}] : (Nuance PDF Viewer Plus.-.Nuance Communications, Inc) -> MsiExec.exe /X{28656860-4728-433C-8AD4-D1A930437BC8}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}] : (Nero 12 Essentials OEM.a01.-.Nero AG) -> MsiExec.exe /I{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2B3D9A2C-581B-4CE4-B16A-82BB2A8A0A39}] : (Nero Burning Core.-.Nero AG) -> MsiExec.exe /X{2B3D9A2C-581B-4CE4-B16A-82BB2A8A0A39}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2DEF112F-847B-4DC4-9FC9-97EB52E2D7FC}] : (WebViewer Plugin.-.Samsung Techwin Co., Ltd.) -> MsiExec.exe /I{2DEF112F-847B-4DC4-9FC9-97EB52E2D7FC}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34D3688E-A737-44C5-9E2A-FF73618728E1}] : (AI Suite II.-.ASUSTeK Computer Inc.) -> C:\ProgramData\ASUS\AI Suite II\Setup.exe
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3AAB08A3-F129-4BD5-B409-AE674F93759D}] : (Prerequisite installer.-.Nero AG) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{429D6E81-8E1E-42E6-8AB9-025DD9157F9B}] : (Paragon HFS+ for Windowsâ¢.-.Paragon Software) -> MsiExec.exe /X{429D6E81-8E1E-42E6-8AB9-025DD9157F9B}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5153DBF7-58C5-4C3F-A648-6EA91089F851}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5153DBF7-58C5-4C3F-A648-6EA91089F851}\setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5648F9D9-299E-408C-AC1F-59DC75894A1F}] : (Why ASUS PC.-.ASUSTeK Computer Inc.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5648F9D9-299E-408C-AC1F-59DC75894A1F}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /X{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] : (Nero Update.-.Nero AG) -> MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6C5F8503-55D2-4398-858C-362B7A7AF51C}] : (Firebird SQL Server - MAGIX Edition.-.MAGIX AG) -> MsiExec.exe /X{6C5F8503-55D2-4398-858C-362B7A7AF51C}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{77552F6B-0EB2-426A-B43E-3431E3CFAD3B}] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{799AFA36-4EA5-4323-8689-74C06645A26B}] : (Prerequisite installer.-.Nero AG) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1] : (CDBurnerXP.-.CDBurnerXP) -> "C:\Program Files (x86)\CDBurnerXP\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}] : (Nero Express.-.Nero AG) -> MsiExec.exe /X{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -l0x0409 -removeonly
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}] : (Ad-Aware Web Companion.-.Lavasoft) -> MsiExec.exe /I{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{88B5FBDC-967D-4B1F-B291-39284AE12201}] : (Nuance PaperPort 12.-.Nuance Communications, Inc.) -> MsiExec.exe /I{88B5FBDC-967D-4B1F-B291-39284AE12201}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{916BCEC1-ECB2-4558-9393-05653BF9E6FD}] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{991e67cd-5a70-431e-8073-7809d3b6f36f}] : (Web Companion.-.Lavasoft) -> C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe --uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9C8C5569-AA0B-4FF2-8C14-AF066E3238FE}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C8C5569-AA0B-4FF2-8C14-AF066E3238FE}\setup.exe" -l0x9 
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9D780839-6E97-4E2A-A5F7-711AF221B609}] : (Nero Launcher.-.Nero AG) -> MsiExec.exe /X{9D780839-6E97-4E2A-A5F7-711AF221B609}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9EF2749B-9639-446C-BBCF-00244B39B5AD}] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A923CF0A-44D9-4357-B2E8-0A2352151A3C}] : (LavasoftTcpService.-.Lavasoft) -> MsiExec.exe /I{A923CF0A-44D9-4357-B2E8-0A2352151A3C}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABC88553-8770-4B97-B43E-5A90647A5B63}] : (Nero ControlCenter.-.Nero AG) -> MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}] : (Jumpstart Installation Program.-.Atheros) -> C:\Program Files (x86)\InstallShield Installation Information\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}\setup.exe -runfromtemp -l0x0009 -removeonly
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B3756FCF-13D3-460B-88D5-33CB88CE6CFA}] : (Nero Burning ROM.-.Nero AG) -> MsiExec.exe /X{B3756FCF-13D3-460B-88D5-33CB88CE6CFA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1] : (Spybot - Search & Destroy.-.Safer-Networking Ltd.) -> "C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}] : (Nero Info.-.Nero AG) -> MsiExec.exe /X{B791E0AB-87A9-41A4-8D98-D13C2E37D928}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB2AFBFB-73A5-4D74-931F-F8092EC53D86}] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}] : (Nero Core Components.-.Nero AG) -> MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C0FEE440-FA2F-4C0D-B64C-35F1D4B7A009}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C0FEE440-FA2F-4C0D-B64C-35F1D4B7A009}\setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C83F0BF6-D548-4B98-9319-B94F59A361BF}] : (MetaProducts Flash and Media Capture 2.2.-.MetaProducts corp.) -> MsiExec.exe /X{C83F0BF6-D548-4B98-9319-B94F59A361BF}
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}] : (Nero ControlCenter Help (CHM).-.Nero AG) -> MsiExec.exe /X{C994C746-C6D0-4EBA-B09E-DF7B18381B69}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{d05dd88d-24af-4e68-ae34-b450e9ae8fb3}.RebootRequired] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1] : (Win32DiskImager version 0.9.5.-.ImageWriter Developers) -> "C:\Program Files (x86)\ImageWriter\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}] : (Adobe Photoshop CC 2014.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DD98C438-D769-4677-AA87-3481FA32D20C}] : (Brother MFL-Pro Suite MFC-J4510DW.-.Brother Industries, Ltd.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DD98C438-D769-4677-AA87-3481FA32D20C}\Setup.exe" -runfromtemp -l0x040c UNINSTALL Reg=BHS13 -removeonly
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] : (ASUSDVD.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E452E727-86B8-4233-8CC3-41FD817AFAFF}] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E6931688-DA2B-4E16-8539-3D323D69C677}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E7AA854E-6756-424E-84C2-4E47D5729AFF}] : (ASUS Easy Update.-.ASUSTeK Computer Inc) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E7AA854E-6756-424E-84C2-4E47D5729AFF}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE1F41BE-6DBD-44AE-9F97-4D7F9227329D}_is1] : (Renee Undeleter 2016.10.14.215.-.Rene.E Laboratory) -> "C:\Program Files (x86)\Rene.E Laboratory\Undeleter\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F178DD09-E45A-4C29-979A-1EEAEFC35A5F}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F178DD09-E45A-4C29-979A-1EEAEFC35A5F}\setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F3E35D21-1F9D-431E-BB2D-3447AA1D4085}] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F56DD39D-DDE1-4B47-9193-25DC4BE298AA}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F56DD39D-DDE1-4B47-9193-25DC4BE298AA}\setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}] : (Skypeâ¢ 7.31.-.Skype Technologies S.A.) -> MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}

---------- | Installer

[HKCR\Installer\Products\03FF80700C870B74180F8C6440CD67C9] : Nero Express Help (CHM) -> C:\WINDOWS\Installer\{0708FF30-78C0-47B0-81F0-C84604DC769C}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945
[HKCR\Installer\Products\0490630D6CCC3E119B6C0FD42AA3C585] : Vegas Pro 13.0 (64-bit) -> C:\WINDOWS\Installer\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}\vegas.ico
[HKCR\Installer\Products\068656828274C334A84D1D9A0334B78C] : Nuance PDF Viewer Plus
[HKCR\Installer\Products\09AB59D18F4FCE748A2844C1993DC0E1] : MSXML 4.0 SP3 Parser (KB2758694)
[HKCR\Installer\Products\0CB42836747B3F34893601666DA49D91] : Photo Gallery
[HKCR\Installer\Products\0FDF5B0E04962B442840FC7A646A4BFA] : Movie Maker
[HKCR\Installer\Products\18E6D924E1E86E24A89B20D59D51F7B9] : Paragon HFS+ for Windowsâ¢ -> C:\WINDOWS\Installer\{429D6E81-8E1E-42E6-8AB9-025DD9157F9B}\HFS4Win.ico
[HKCR\Installer\Products\1C49DBC351ABC88488B88DDD92C66CCD] : Fotogalerie
[HKCR\Installer\Products\1F764691F11C67F458B88521DA8CB349] : MSXML 4.0 SP3 Parser
[HKCR\Installer\Products\1F7F1DFF9CA14CB49A8060686D53BAFA] : Apple Software Update -> C:\WINDOWS\Installer\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}\Installer.ico
[HKCR\Installer\Products\23501194982DFFB408C7547B286EA6C7] : Photo Common
[HKCR\Installer\Products\25C7C220492B643488CB7C2CFFF71F7B] : Movie Maker
[HKCR\Installer\Products\3058F5C62D55893458C863B2A7A75FC1] : Firebird SQL Server - MAGIX Edition -> C:\Windows\Installer\{6C5F8503-55D2-4398-858C-362B7A7AF51C}\ProgramIcon.exe
[HKCR\Installer\Products\35588CBA077879B44BE3A50946A7B536] : Nero ControlCenter -> C:\WINDOWS\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3A80BAA3921F5DB44B90EA76F43957D9] : Prerequisite installer -> C:\WINDOWS\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3F03045F6B41D234391687CD1B749302] : Photo Common
[HKCR\Installer\Products\3F8FF16062258724A8BA82C2B120F485] : Photo Common
[HKCR\Installer\Products\411F888D735784D4FA30D59A8CD25704] : Photo Common
[HKCR\Installer\Products\433F402964A21F94984C56EC7BCA9147] : ASUS MX Suite
[HKCR\Installer\Products\455DF347F37A8EF4EBB72C381D26799F] : Photo Common
[HKCR\Installer\Products\47499F033EBE43140AB26FDC83FC2E34] : Photo Gallery
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208130F] : Java 8 Update 31
[HKCR\Installer\Products\52C8A91AA2726DC4B88A732723A120B1] : Î£ÏÎ»Î»Î¿Î³Î® ÏÏÏÎ¿Î³ÏÎ±ÏÎ¹ÏÎ½
[HKCR\Installer\Products\5AEC3F31C2E9E4C4F9F00DBD83C94F9A] : Movie Maker
[HKCR\Installer\Products\5B4408EA3ACFEBE4CA87F03B6A8ECD67] : Movie Maker
[HKCR\Installer\Products\63AFA9975AE432346898470C66542AB6] : Prerequisite installer -> C:\WINDOWS\Installer\{799AFA36-4EA5-4323-8689-74C06645A26B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\647C499C0D6CABE40BE9FDB78183B196] : Nero ControlCenter Help (CHM) -> C:\WINDOWS\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
[HKCR\Installer\Products\6FB0F38C845D89B439919BF4953A16FB] : MetaProducts Flash and Media Capture 2.2 -> C:\WINDOWS\Installer\{C83F0BF6-D548-4B98-9319-B94F59A361BF}\MSIIcon
[HKCR\Installer\Products\7017C6CF27D71A140A13C37E1551B9BA] : Photo Gallery
[HKCR\Installer\Products\7040BB568CC47CD459E2E3FEFD5006A2] : Nero Update -> C:\WINDOWS\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\714054F01B5FC9D49BB3D48CF1E39A45] : Nero BurningROM 2015 -> C:\WINDOWS\Installer\{0F450417-F5B1-4D9C-B93B-4DC81F3EA954}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\74A569CF9384AC046B81814F680F246C] : Skypeâ¢ 7.31 -> C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
[HKCR\Installer\Products\74D764464EFFCBF4BAAB0ABD28A971BE] : NVIDIA PhysX
[HKCR\Installer\Products\7A988989D31D4AD40B952B0587D4AFCB] : Photo Common
[HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10
[HKCR\Installer\Products\7D6C4CA2D21587B48AB5C2617E84BAE8] : Movie Maker
[HKCR\Installer\Products\81648BD73E6799949A0A7D7D651E1492] : ASUS Video easy
[HKCR\Installer\Products\85D9CC30231B0CC45A12F46306AA347C] : Movie Maker
[HKCR\Installer\Products\86C7A848CDA03914A898C2AE875EA6C0] : Nero Express -> C:\WINDOWS\Installer\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\8812FFB0E8D22EB4590D3BCC4D6C0A9C] : Photo Common
[HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110
[HKCR\Installer\Products\8F427860EB8D34B4D8DD9BEFE994DF67] : Scansoft PDF Professional
[HKCR\Installer\Products\8F89BEBF4E463AF41AE5A4F924FF69E2] : iTunes -> C:\WINDOWS\Installer\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}\Installer.ico
[HKCR\Installer\Products\8FC921C7F9919624AAEE065B8D7D612E] : Classic Shell -> C:\WINDOWS\Installer\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}\icon.ico
[HKCR\Installer\Products\938087D979E6A2E45A7F17A12F126B90] : Nero Launcher -> C:\WINDOWS\Installer\{9D780839-6E97-4E2A-A5F7-711AF221B609}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\93ADBAB5FC16EE1499D204456B46A9B9] : Movie Maker
[HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper
[HKCR\Installer\Products\94BBE40D589C83A468592600801692A3] : Raccolta foto
[HKCR\Installer\Products\985E2342652631540BFBFE8A3E525D0F] : Nero SharedVideoCodecs
[HKCR\Installer\Products\98B2805D68E2E7440AC229524395F28A] : Photo Common
[HKCR\Installer\Products\99C35FA4D513635478F320D9D272A42E] : Photo Common
[HKCR\Installer\Products\9F77C6DEE7D4C744E90CA912D2705553] : Movie Maker
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper
[HKCR\Installer\Products\A0FC329A9D4475342B8EA0322551A1C3] : LavasoftTcpService -> C:\WINDOWS\Installer\{A923CF0A-44D9-4357-B2E8-0A2352151A3C}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT
[HKCR\Installer\Products\ABDC385235A82264BB76D16173411C4B] : Python 3.4.2
[HKCR\Installer\Products\AC64971A5E810FC4D8555AD60874818F] : Movie Maker
[HKCR\Installer\Products\AE990CA2C1CCE4E4DBCF3035CD1FD30D] : Nero 12 Essentials OEM.a01 -> C:\WINDOWS\Installer\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\BA0E197B9A784A14D8891DC3E2739D82] : Nero Info -> C:\WINDOWS\Installer\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\BBC8E6E885E8C39449F364465F2FEFBD] : Movie Maker
[HKCR\Installer\Products\BE03F1969009A5748B9A1EFB9395F85D] : Apple Application Support (64 bits) -> C:\WINDOWS\Installer\{691F30EB-9009-475A-B8A9-E1BF39598FD5}\WinInstall.ico
[HKCR\Installer\Products\C22AC76FF11C37544860757FB50AB615] : Photo Gallery
[HKCR\Installer\Products\C2A9D3B2B1854EC41BA628BBA2A8A093] : Nero Burning Core
[HKCR\Installer\Products\C8F3021E43FF86944A5A4B1F8F35D3BA] : Photo Common
[HKCR\Installer\Products\CB1EF107A4387584FA26E6AB05FCCB87] : Movie Maker
[HKCR\Installer\Products\CCAAC517B97513845A4F8AA3D83EFE2E] : PaperPort Image Printer 64-bit -> C:\WINDOWS\Installer\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\CDBF5B88D769F1B42B199382A41E2210] : Nuance PaperPort 12 -> C:\WINDOWS\Installer\{88B5FBDC-967D-4B1F-B291-39284AE12201}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\CDDCBB26979495E4D979B5E878C41319] : Movie Maker
[HKCR\Installer\Products\CECEF7F8F880D1345ABFB2951E6E9934] : GalerÃ­a de fotos
[HKCR\Installer\Products\D43EEBEB2A48DDE4B8AE69CC45732136] : Nero Core Components
[HKCR\Installer\Products\D733E710907DC73438BD178FA27AB86F] : ç§çåº
[HKCR\Installer\Products\DE532CED4A8571542A874CE1D8EABAB3] : PowerDVD -> C:\Windows\Installer\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\DEB1E2EE12804424BACD41E9F979053C] : Photo Common
[HKCR\Installer\Products\DFA4044F3FE21C04C890925E3F6B79B2] : IntelÂ® Trusted Connect Service Client
[HKCR\Installer\Products\E1810453A043A7E44B90136643272B7F] : Apple Mobile Device Support -> C:\WINDOWS\Installer\{3540181E-340A-4E7A-B409-31663472B2F7}\Installer.ico
[HKCR\Installer\Products\E3E01B881198CAF46836CC6F3EC3853B] : Ad-Aware Web Companion -> C:\WINDOWS\Installer\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\EC833E5F6C1ED7F4380044BD0DB5F941] : Galeria de Fotografias
[HKCR\Installer\Products\EC8CC64409E07F44DA0D77B442E30F09] : Galerie de photos
[HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64
[HKCR\Installer\Products\F211FED2B7484CD4F99C79BE252E7DCF] : WebViewer Plugin -> C:\WINDOWS\Installer\{2DEF112F-847B-4DC4-9FC9-97EB52E2D7FC}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F4E4C136CDF60CC40A769E78A6B97ADF] : å½±åä¸­å¿
[HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater
[HKCR\Installer\Products\F9FBC9182185993428B0EF44D251AEBF] : ActivePerl 5.20.1 Build 2000 (64-bit)
[HKCR\Installer\Products\FA0364E07BA0E0449A87A187CFF4349B] : Nero Launcher -> C:\WINDOWS\Installer\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\FCCE9AF7ED2A1AD4FB3F1862D0DB6AF8] : Apple Application Support (32 bits) -> C:\WINDOWS\Installer\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}\WinInstall.ico
[HKCR\Installer\Products\FCF6573B3D31B064885D33BC88ECC6AF] : Nero Burning ROM -> C:\WINDOWS\Installer\{B3756FCF-13D3-460B-88D5-33CB88CE6CFA}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\FD8D00E5B5097C145B261C62EDA31476] : ASUS Music Maker
[HKCR\Installer\Products\FF42397161B78AB4896350C5AAEEF480] : SDFormatter -> C:\WINDOWS\Installer\{179324FF-7B16-4BA8-9836-055CAAEE4F08}\ARPPRODUCTICON.exe

---------- | ADS

@C:\WINDOWS\System32:Win32App_1
@C:\WINDOWS\Syswow64:Win32App_1
@C:\ProgramData\Temp:FCA8C9CD

---------- | Drives

 Disk: 0   Size=954G
 Pos MBRndx Type/Name  Size Active Hide Start Sector   Sectors
 --- ------ ---------- ---- ------ ---- ------------ ------------
  0    0    EE-UNKNWN  21.0T   No    No             1  294,967,295

---------- | MBR

Windows Version:		
Windows Information:		 (build 9200), 64-bit
Base Board Manufacturer:	ASUSTeK COMPUTER INC.
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		ASUSTeK Computer INC.
System Product Name:		CM6330_CM6630_CM6730_CM6830-8
Logical Drives Mask:		0x0000001c

Analysis of file "C:\QuickDiag\MBR.bin":
Unknown MBR code

64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

Le package Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy+App a Ã©tÃ© interrompu, car sa suspension a Ã©tÃ© trop longue.
------------


------------


------------

Nom de lâapplication dÃ©faillante wmiprvse.exe, version : 10.0.14393.0, horodatage : 0x57899ab2
Nom du module dÃ©faillant : NetEventPacketCapture.dll, version : 10.0.14393.206, horodatage : 0x57dacea5
Code dâexception : 0xc0000005
DÃ©calage dâerreur : 0x00000000000160d3
ID du processus dÃ©faillant : 0xb5c
Heure de dÃ©but de lâapplication dÃ©faillante : 0x01d2733e572b9828
Chemin dâaccÃ¨s de lâapplication dÃ©faillante : C:\WINDOWS\system32\wbem\wmiprvse.exe
Chemin dâaccÃ¨s du module dÃ©faillant: C:\WINDOWS\system32\wbem\NetEventPacketCapture.dll
ID de rapport : c0a950e6-1761-48cd-ad4c-2ab94e55ace5
Nom complet du package dÃ©faillantÂ : 
ID de lâapplication relative au package dÃ©faillantÂ : 
------------


------------


------------

Le package Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy+App a Ã©tÃ© interrompu, car sa suspension a Ã©tÃ© trop longue.
------------


------------


------------

Nom de lâapplication dÃ©faillante wmiprvse.exe, version : 10.0.14393.0, horodatage : 0x57899ab2
Nom du module dÃ©faillant : NetEventPacketCapture.dll, version : 10.0.14393.206, horodatage : 0x57dacea5
Code dâexception : 0xc0000005
DÃ©calage dâerreur : 0x00000000000160d3
ID du processus dÃ©faillant : 0xe94
Heure de dÃ©but de lâapplication dÃ©faillante : 0x01d2730e9110f2d7
Chemin dâaccÃ¨s de lâapplication dÃ©faillante : C:\WINDOWS\system32\wbem\wmiprvse.exe
Chemin dâaccÃ¨s du module dÃ©faillant: C:\WINDOWS\system32\wbem\NetEventPacketCapture.dll
ID de rapport : d9bf97ee-f66c-4050-9cb6-bfa3b8ed095b
Nom complet du package dÃ©faillantÂ : 
ID de lâapplication relative au package dÃ©faillantÂ : 
------------


------------


------------


------------


------------

Nom de lâapplication dÃ©faillante wmiprvse.exe, version : 10.0.14393.0, horodatage : 0x57899ab2
Nom du module dÃ©faillant : NetEventPacketCapture.dll, version : 10.0.14393.206, horodatage : 0x57dacea5
Code dâexception : 0xc0000005
DÃ©calage dâerreur : 0x00000000000160cc
ID du processus dÃ©faillant : 0xed4
Heure de dÃ©but de lâapplication dÃ©faillante : 0x01d272fc76c8d3d4
Chemin dâaccÃ¨s de lâapplication dÃ©faillante : C:\WINDOWS\system32\wbem\wmiprvse.exe
Chemin dâaccÃ¨s du module dÃ©faillant: C:\WINDOWS\system32\wbem\NetEventPacketCapture.dll
ID de rapport : 8bf9c2e3-3ecd-4917-9528-2f949ee46ecb
Nom complet du package dÃ©faillantÂ : 
ID de lâapplication relative au package dÃ©faillantÂ : 
------------


------------


------------

La crÃ©ation du contexte dâactivation a Ã©chouÃ© pour Â«Â c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exeÂ Â». Erreur dans le fichier de manifeste ou de stratÃ©gie Â«Â Â Â» Ã  la ligne . Une version de composant nÃ©cessaire Ã  lâapplication est en conflit avec une autre version de composant dÃ©jÃ  active. Les composants en conflit sont : Composant 1Â : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. Composant 2Â : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
------------

Le programme SpyHunter-Installer(1).exe version 2.0.399.1551 a cessÃ© d'interagir avec Windows et a Ã©tÃ© fermÃ©. Pour dÃ©terminer si des informations supplÃ©mentaires sont disponibles, consultez l'historique du problÃ¨me dans le panneau de configuration SÃ©curitÃ© et maintenance.
 ID de processusÂ : 2700
 Heure de dÃ©butÂ : 01d2728fe0c6bc9d
 Heure de finÂ : 4294967295
 Chemin d'accÃ¨s de l'application : C:\Users\F-cay\Downloads\SpyHunter-Installer(1).exe
 ID de rapport : 78130f03-de83-11e6-bf85-60a44c242b73
 Nom complet du package dÃ©faillantÂ : 
 ID de l'application relative au package dÃ©faillantÂ : 

------------


----------( EOF)---------- - 4470 | 11:32:48