cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 23/09/2015 10:44:33 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\LILI\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,37 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 51,76% Memory free
6,74 Gb Paging File | 4,80 Gb Available in Paging File | 71,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,18 Gb Total Space | 114,15 Gb Free Space | 40,89% Space Free | Partition Type: NTFS
Drive D: | 172,48 Gb Total Space | 64,19 Gb Free Space | 37,22% Space Free | Partition Type: NTFS

Computer Name: LILI-PC | User Name: LILI | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\LILI\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\32.0.1948.25\opera_crashreporter.exe (Opera Software)
PRC - C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (IObit)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe (IObit)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe (IObit)
PRC - C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe (IObit)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files (x86)\Opera\32.0.1948.25\opera.dll ()
MOD - C:\Program Files (x86)\Opera\32.0.1948.25\libGLESv2.dll ()
MOD - C:\Program Files (x86)\Opera\32.0.1948.25\libEGL.dll ()
MOD - C:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl ()
MOD - C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll ()
MOD - C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl ()
MOD - C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV:[b]64bit:[/b] - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (AdvancedSystemCareService8) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (IObit)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BstHdUpdaterSvc) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:[b]64bit:[/b] - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:[b]64bit:[/b] - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
DRV:[b]64bit:[/b] - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:[b]64bit:[/b] - (itecir) -- C:\Windows\SysNative\drivers\itecir.sys (ITE Tech. Inc. )
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:[b]64bit:[/b] - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:[b]64bit:[/b] - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:[b]64bit:[/b] - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:[b]64bit:[/b] - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-665182456-594994694-3631856726-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-665182456-594994694-3631856726-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-665182456-594994694-3631856726-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-665182456-594994694-3631856726-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-665182456-594994694-3631856726-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\LILI\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015/05/11 17:43:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015/05/11 17:43:21 | 000,000,000 | ---D | M]

[2015/09/23 09:37:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LILI\AppData\Roaming\mozilla\Firefox\Profiles\o3TrJAzA.default\extensions
[2014/09/26 17:47:52 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\LILI\AppData\Roaming\mozilla\Firefox\Profiles\o3TrJAzA.default\extensions\abs@avira.com
[2015/09/23 09:37:09 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\LILI\AppData\Roaming\mozilla\Firefox\Profiles\o3TrJAzA.default\extensions\iobitascsurfingprotection@iobit.com

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.8.5_0\
CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.5.0_0\
CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.37.2_0\
CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido\1.1.0.0_0\
CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefnafcpbiopdcnjkbmeifmfhaioaabi\1.0_0\
CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndlegkhahmnflppfbcdobghieggempai\1.0_0\
CHR - Extension: No name found = C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - No CLSID value found.
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (no name) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - No CLSID value found.
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-665182456-594994694-3631856726-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-665182456-594994694-3631856726-1001..\Run: [Advanced SystemCare 8] C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe (IObit)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-665182456-594994694-3631856726-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Capture la sélection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:[b]64bit:[/b] - Extra context menu item: Capturer cette page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:[b]64bit:[/b] - Extra context menu item: Capturer l'image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:[b]64bit:[/b] - Extra context menu item: Capturer l'URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Nouvelle note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html File not found
O8 - Extra context menu item: Capture la sélection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Capturer cette page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Capturer l'image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Capturer l'URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nouvelle note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html File not found
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab (Battlefield Play4Free Updater)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{339DED28-04A2-4575-8C35-81C1AA612018}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{339DED28-04A2-4575-8C35-81C1AA612018}: NameServer = 199.203.131.150,82.163.143.168
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2cff4bc8-9373-11e4-9459-000df082af96}\Shell - "" = AutoRun
O33 - MountPoints2\{2cff4bc8-9373-11e4-9459-000df082af96}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{c99e0f12-47f5-11e4-adb4-000df082af96}\Shell - "" = AutoRun
O33 - MountPoints2\{c99e0f12-47f5-11e4-adb4-000df082af96}\Shell\AutoRun\command - "" = G:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpFolder: C:^Users^LILI^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk - Reg Error: Value error. - File not found
MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]GameforgeLive[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: [b]mwlDaemon[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: [b]NCUpdateHelper[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: [b]PhotoGadget[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: [b]Skitch[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: [b]YouCam Mirror Tray icon[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP


SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] mcmscsvc - Service
SafeBootMin:[b]64bit:[/b] MCODS - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] mcmscsvc - Service
SafeBootNet:[b]64bit:[/b] MCODS - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MpfService - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/09/23 10:41:44 | 000,000,000 | ---D | C] -- C:\Users\LILI\Documents\Nouveau dossier
[2015/09/23 10:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2015/09/23 10:24:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/09/23 09:39:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\LILI\Desktop\OTL.exe
[2015/09/23 09:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015/09/23 09:36:24 | 000,000,000 | ---D | C] -- C:\Users\LILI\AppData\Roaming\ProductData
[2015/09/23 07:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/09/23 06:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFreeUp
[2015/09/23 06:03:25 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT
[2015/09/22 11:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
[2015/09/21 15:22:30 | 000,000,000 | ---D | C] -- C:\Users\LILI\AppData\Local\dxhr
[2015/09/21 15:21:37 | 000,000,000 | ---D | C] -- C:\Users\LILI\AppData\Local\238010
[2015/09/21 15:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2015/09/21 07:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2015/09/12 11:12:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2015/09/12 11:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2015/09/12 09:59:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/09/03 18:58:56 | 000,000,000 | ---D | C] -- C:\Users\LILI\AppData\Local\TroveToolbox
[2015/09/03 18:44:40 | 000,000,000 | ---D | C] -- C:\Users\LILI\AppData\Roaming\Trove Toolbox
[2015/06/24 13:05:24 | 002,052,096 | ---- | C] (Com NotificationV25.03) -- C:\Users\LILI\AppData\Roaming\HVFGTX.exe
[2009/11/19 06:24:38 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/09/23 10:26:52 | 000,000,148 | ---- | M] () -- C:\Windows\Reimage.ini
[2015/09/23 09:45:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/09/23 09:44:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/23 09:44:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/23 09:39:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LILI\Desktop\OTL.exe
[2015/09/23 09:35:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/23 09:35:32 | 2715,881,472 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/23 07:21:59 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2015/09/23 06:54:32 | 000,001,330 | ---- | M] () -- C:\Users\LILI\Desktop\Cloned Files Scanner.lnk
[2015/09/23 06:54:16 | 000,001,279 | ---- | M] () -- C:\Users\LILI\Desktop\Disk Cleaner.lnk
[2015/09/23 06:53:59 | 000,001,307 | ---- | M] () -- C:\Users\LILI\Desktop\Registry Cleaner.lnk
[2015/09/23 06:53:06 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\iFreeUp.lnk
[2015/09/23 06:52:52 | 000,001,244 | ---- | M] () -- C:\Users\LILI\Desktop\Win Fix.lnk
[2015/09/22 15:02:18 | 000,000,685 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2015/09/22 11:45:42 | 000,000,222 | ---- | M] () -- C:\Users\LILI\Desktop\Trove.url
[2015/09/22 08:46:39 | 000,000,220 | ---- | M] () -- C:\Users\LILI\Desktop\Garry's Mod.url
[2015/09/21 15:08:54 | 001,668,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/09/21 15:08:54 | 000,747,320 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/09/21 15:08:54 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/09/21 15:08:54 | 000,149,844 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/09/21 15:08:54 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/09/21 12:54:18 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
[2015/09/21 07:26:02 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015/09/21 07:26:00 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2015/09/21 07:25:52 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 4.lnk
[2015/09/20 13:04:59 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015/09/13 09:47:03 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/12 11:29:48 | 000,000,732 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2015/09/12 11:10:09 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2015/09/12 10:03:56 | 000,000,986 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2015/09/11 13:10:07 | 000,364,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/09/23 10:23:06 | 000,000,148 | ---- | C] () -- C:\Windows\Reimage.ini
[2015/09/23 09:45:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/09/23 07:21:59 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2015/09/23 06:54:32 | 000,001,330 | ---- | C] () -- C:\Users\LILI\Desktop\Cloned Files Scanner.lnk
[2015/09/23 06:54:16 | 000,001,279 | ---- | C] () -- C:\Users\LILI\Desktop\Disk Cleaner.lnk
[2015/09/23 06:53:59 | 000,001,307 | ---- | C] () -- C:\Users\LILI\Desktop\Registry Cleaner.lnk
[2015/09/23 06:53:06 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\iFreeUp.lnk
[2015/09/23 06:52:52 | 000,001,244 | ---- | C] () -- C:\Users\LILI\Desktop\Win Fix.lnk
[2015/09/22 11:51:29 | 000,000,685 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2015/09/22 11:45:41 | 000,000,222 | ---- | C] () -- C:\Users\LILI\Desktop\Trove.url
[2015/09/22 08:46:39 | 000,000,220 | ---- | C] () -- C:\Users\LILI\Desktop\Garry's Mod.url
[2015/09/21 07:26:00 | 000,001,298 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
[2015/09/21 07:25:52 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 4.lnk
[2015/09/21 07:25:47 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster 2.lnk
[2015/09/12 11:29:48 | 000,000,732 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2015/09/12 11:10:09 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2015/09/09 13:42:58 | 002,873,856 | ---- | C] () -- C:\Users\LILI\Desktop\Trove Toolbox.exe
[2015/07/11 20:14:18 | 000,000,113 | ---- | C] () -- C:\Users\LILI\AppData\Roaming\D2Info0
[2015/07/11 20:14:18 | 000,000,008 | ---- | C] () -- C:\Users\LILI\AppData\Roaming\DofusAppId0_1
[2015/07/10 12:32:07 | 000,000,000 | ---- | C] () -- C:\Windows\prleth.sys
[2015/07/10 12:32:07 | 000,000,000 | ---- | C] () -- C:\Windows\hgfs.sys
[2015/07/03 11:22:04 | 000,000,093 | ---- | C] () -- C:\Users\LILI\.sutmp
[2015/05/11 17:38:10 | 000,234,129 | ---- | C] () -- C:\Windows\hpoins43.dat
[2015/05/11 17:38:10 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2015/04/09 20:54:57 | 000,000,000 | ---- | C] () -- C:\Users\LILI\AppData\Local\{6AEBC49C-6296-46EC-9B58-21F5A842A2A9}
[2015/04/01 14:41:54 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2015/03/18 18:20:22 | 000,000,119 | ---- | C] () -- C:\Users\LILI\AppData\Roaming\settings.xml
[2015/03/18 18:20:20 | 000,079,872 | ---- | C] () -- C:\Users\LILI\AppData\Roaming\chrtmp
[2015/03/09 23:30:14 | 000,005,487 | ---- | C] () -- C:\Users\LILI\AppData\Roaming\HVFGTX
[2015/01/10 16:19:50 | 000,086,325 | ---- | C] () -- C:\Users\LILI\AppData\Roaming\icarus-dxdiag.xml
[2014/11/10 23:32:40 | 008,551,760 | ---- | C] () -- C:\Users\LILI\ts3_recording_14_11_10_22_32_36.wav
[2014/11/09 19:34:21 | 000,025,600 | ---- | C] () -- C:\Users\LILI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/11/04 22:24:42 | 001,642,388 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/10/01 17:13:34 | 001,029,200 | ---- | C] () -- C:\Users\LILI\ts3_recording_14_10_01_17_13_27.wav
[2014/09/06 13:11:01 | 000,000,124 | ---- | C] () -- C:\Windows\wininit.ini
[2014/08/13 11:17:44 | 122,206,703 | ---- | C] () -- C:\Users\LILI\openoffice1.cab
[2014/08/13 11:16:04 | 002,314,240 | ---- | C] () -- C:\Users\LILI\openoffice411.msi
[2014/06/09 16:56:02 | 000,000,000 | ---- | C] () -- C:\Users\LILI\AppData\Roaming\wklnhst.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/07/10 19:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/10 19:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2014/04/15 16:51:20 | 000,000,000 | -HSD | M] -- C:\Users\LILI\AppData\Roaming\.#
[2015/07/03 12:52:40 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\.DarkTheAngel
[2015/07/29 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\.MCompagnon
[2015/09/22 17:40:29 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\.minecraft
[2015/07/25 11:12:47 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\.Pokedia
[2015/07/10 12:33:09 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\.RoyalAdventure
[2015/07/03 12:56:05 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\.VirusZ
[2015/05/09 15:34:31 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Aeria Games & Entertainment
[2015/07/11 20:14:49 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\AnkamaCertificates
[2014/12/03 13:41:24 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Arc
[2015/04/23 15:09:11 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Audacity
[2015/06/10 12:24:52 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Awesomium
[2014/11/09 11:49:08 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\BANDISOFT
[2014/09/26 16:20:38 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Battle.net
[2014/12/23 14:08:29 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Curse Advertising
[2015/06/10 12:10:22 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\DAEMON Tools Lite
[2015/07/11 20:27:30 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Dofus
[2014/11/08 14:16:43 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\ftblauncher
[2014/04/15 16:51:11 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\GameConsole
[2015/05/25 17:25:10 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\HandBrake
[2015/06/20 23:12:12 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\HeroesAndGeneralsDesktop
[2015/09/23 06:53:02 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\IObit
[2014/11/05 15:03:20 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\java
[2014/11/19 15:28:15 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\LolClient
[2015/03/02 19:49:56 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\MAXON
[2015/04/11 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Mirillis
[2015/09/22 16:40:49 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Mumble
[2015/04/22 14:47:22 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\nBrowser
[2015/05/23 13:15:00 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\OBS
[2015/01/18 19:16:17 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\OpenOffice
[2014/11/20 19:54:45 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Opera Software
[2015/09/23 09:36:24 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\ProductData
[2015/04/11 16:18:27 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Python-Eggs
[2015/02/21 20:50:33 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Riot Games
[2014/12/04 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\StunlockStudios
[2014/06/09 16:56:15 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Template
[2014/11/23 10:47:21 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Trove
[2015/09/16 14:11:45 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Trove Toolbox
[2015/03/18 16:45:37 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\TS3Client
[2015/01/31 18:58:24 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\TuneUp Software
[2014/04/27 21:37:38 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\Unity
[2015/06/21 00:24:40 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\uTorrent
[2015/06/03 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Roaming\VoidLauncher

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< >[/color]
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,482 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/07/17 18:28:06 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/06/20 20:50:50 | 000,000,460 | ---- | C] () -- C:\Windows\Tasks\cinemaplus-9.0v_helper_service.job
[2015/06/20 20:50:53 | 000,001,336 | ---- | C] () -- C:\Windows\Tasks\cinemaplus-9.0v_notification_service.job
[2015/06/24 13:05:26 | 000,001,334 | ---- | C] () -- C:\Windows\Tasks\HVFGTX.job
[2015/07/25 00:56:51 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\Acer]

[HKEY_CURRENT_USER\Software\AcerUtil]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\Aeria Games]

[HKEY_CURRENT_USER\Software\AhnLab]

[HKEY_CURRENT_USER\Software\Aion]

[HKEY_CURRENT_USER\Software\Akamai]

[HKEY_CURRENT_USER\Software\Ankama]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\ASCII]

[HKEY_CURRENT_USER\Software\Avira]

[HKEY_CURRENT_USER\Software\BANDISOFT]

[HKEY_CURRENT_USER\Software\BitTorrent]

[HKEY_CURRENT_USER\Software\Blizzard Entertainment]

[HKEY_CURRENT_USER\Software\BodomChildWorks]

[HKEY_CURRENT_USER\Software\BugSplat]

[HKEY_CURRENT_USER\Software\CD Projekt RED]

[HKEY_CURRENT_USER\Software\Chromium]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\ComNotificationV25.03]

[HKEY_CURRENT_USER\Software\CyberLink]

[HKEY_CURRENT_USER\Software\Deep Silver]

[HKEY_CURRENT_USER\Software\Disc Soft]

[HKEY_CURRENT_USER\Software\Drivers]

[HKEY_CURRENT_USER\Software\Eidos]

[HKEY_CURRENT_USER\Software\Enterbrain]

[HKEY_CURRENT_USER\Software\Evernote]

[HKEY_CURRENT_USER\Software\Fraps3]

[HKEY_CURRENT_USER\Software\Gameforge4d]

[HKEY_CURRENT_USER\Software\GamersFirst]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\Hewlett-Packard]

[HKEY_CURRENT_USER\Software\HngSync]

[HKEY_CURRENT_USER\Software\HP]

[HKEY_CURRENT_USER\Software\HVFGTX]

[HKEY_CURRENT_USER\Software\IGA]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\JaboSoft]

[HKEY_CURRENT_USER\Software\JavaSoft]

[HKEY_CURRENT_USER\Software\JumpStart]

[HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\MC4D]

[HKEY_CURRENT_USER\Software\MCAFEE]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Mirillis]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Mumble]

[HKEY_CURRENT_USER\Software\N64 Emulation]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\NLDT]

[HKEY_CURRENT_USER\Software\NVIDIA Corporation]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\OEM]

[HKEY_CURRENT_USER\Software\OpenAutomate]

[HKEY_CURRENT_USER\Software\OpenOffice]

[HKEY_CURRENT_USER\Software\Opera Software]

[HKEY_CURRENT_USER\Software\Panzar Studio]

[HKEY_CURRENT_USER\Software\Pixelife]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\QtProject]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\Red 5 Studios]

[HKEY_CURRENT_USER\Software\Reimage]

[HKEY_CURRENT_USER\Software\Robot Entertainment]

[HKEY_CURRENT_USER\Software\RPG Maker 2003 Hacker]

[HKEY_CURRENT_USER\Software\RtkPCEE3sMsg]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\System32]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\TuneUp]

[HKEY_CURRENT_USER\Software\Unity]

[HKEY_CURRENT_USER\Software\Valve]

[HKEY_CURRENT_USER\Software\Widcomm]

[HKEY_CURRENT_USER\Software\Win]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKCU\Software\AppDataLow /s >[/color]
[HKEY_CURRENT_USER\Software\AppDataLow\Software]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\JavaSoft\DeploymentProperties]
"deployment.modified.timestamp" = 1440257198752
"deployment.expiration.decision.suppression.11.25.2" = false
"deployment.expiration.decision.11.25.2" = later
"deployment.version" = 8
"deployment.expired.version" = 11.25.2
"deployment.expiration.decision.timestamp.11.25.2" = 1440257198
"deployment.browser.path" = C:\Program Files (x86)\Internet Explorer\iexplore.exe -- [2015/08/18 03:14:51 | 000,816,744 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\RepService]
"i" = DED18794-F1CE-4FAD-A65C-EE0B9D0D50B2 [binary data]
"B" = 50.000000 [binary data]
"A" = .cpl,.exe,.dll,.ocx,.sys,.scr,.drv [Binary data over 200 bytes]
"E" = 1 [binary data]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Silverlight]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Silverlight\Permissions]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Unity]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Unity\WebPlayer]
"" =
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Yahoo]

[color=#A23BEC]< HKLM\Software >[/color]
"License_Time" = 0
"RB" = 0
"" =

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AdwCleaner]

[HKEY_LOCAL_MACHINE\Software\AGEIA Technologies]

[HKEY_LOCAL_MACHINE\Software\America Online]

[HKEY_LOCAL_MACHINE\Software\AppDataLow]

[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]

[HKEY_LOCAL_MACHINE\Software\AviraSpeedup]

[HKEY_LOCAL_MACHINE\Software\BANDISOFT]

[HKEY_LOCAL_MACHINE\Software\bethesda softworks]

[HKEY_LOCAL_MACHINE\Software\BioWare]

[HKEY_LOCAL_MACHINE\Software\Blizzard Entertainment]

[HKEY_LOCAL_MACHINE\Software\BlueStacks]

[HKEY_LOCAL_MACHINE\Software\Caphyon]

[HKEY_LOCAL_MACHINE\Software\CyberLink]

[HKEY_LOCAL_MACHINE\Software\Digital River]

[HKEY_LOCAL_MACHINE\Software\Disc Soft]

[HKEY_LOCAL_MACHINE\Software\Evernote]

[HKEY_LOCAL_MACHINE\Software\Evernote Corp.]

[HKEY_LOCAL_MACHINE\Software\FNOnlineFB]

[HKEY_LOCAL_MACHINE\Software\Fraps]

[HKEY_LOCAL_MACHINE\Software\Gameforge]

[HKEY_LOCAL_MACHINE\Software\Gameforge4d]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\HaaliMkx]

[HKEY_LOCAL_MACHINE\Software\Hewlett-Packard]

[HKEY_LOCAL_MACHINE\Software\IcarusStudios]

[HKEY_LOCAL_MACHINE\Software\ICE]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\InstallShield]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\IObit]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\JreMetrics]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware]

[HKEY_LOCAL_MACHINE\Software\McAfee.com]

[HKEY_LOCAL_MACHINE\Software\McAfeeInstaller]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\NCWest]

[HKEY_LOCAL_MACHINE\Software\Nero]

[HKEY_LOCAL_MACHINE\Software\NewTech Infosystems]

[HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OEM]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Open Broadcaster Software]

[HKEY_LOCAL_MACHINE\Software\OpenOffice]

[HKEY_LOCAL_MACHINE\Software\Opera Software]

[HKEY_LOCAL_MACHINE\Software\Panzar Studio]

[HKEY_LOCAL_MACHINE\Software\Perfect World Entertainment]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Riot Games]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\TeamSpeak 3 Client]

[HKEY_LOCAL_MACHINE\Software\TuneUp]

[HKEY_LOCAL_MACHINE\Software\Valve]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\Webzen]

[HKEY_LOCAL_MACHINE\Software\WinRAR]

[HKEY_LOCAL_MACHINE\Software\XAJH]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< HKCU\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< HKLM\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\RunMRU /s >[/color]

[color=#A23BEC]< HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >[/color]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2014/04/23 18:37:34 | 000,000,426 | ---- | M] () -- C:\AVScanner.ini
[2009/11/19 05:56:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2015/09/23 07:21:59 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2014/11/06 17:35:36 | 000,000,000 | ---- | M] () -- C:\Cookies
[2015/09/23 09:35:32 | 2715,881,472 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/02 09:37:14 | 000,904,704 | -H-- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2015/09/23 09:35:37 | 3621,175,296 | -HS- | M] () -- C:\pagefile.sys
[2015/09/23 09:45:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/16 02:42:40 | 000,608,032 | ---- | M] (McAfee, Inc.) -- C:\SecurityScanner.dll

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2014/11/29 20:17:06 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2015/09/23 06:05:24 | 000,000,000 | -H-D | M] -- C:\$Windows.~BT
[2014/04/15 17:16:55 | 000,000,000 | -H-D | M] -- C:\AcerSW
[2015/09/23 09:55:32 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2015/05/09 15:35:01 | 000,000,000 | ---D | M] -- C:\AeriaGames
[2014/11/29 21:20:12 | 000,000,000 | -H-D | M] -- C:\ArcTemp
[2014/09/27 20:55:30 | 000,000,000 | ---D | M] -- C:\Avis de paiement
[2014/04/15 16:33:53 | 000,000,000 | ---D | M] -- C:\book
[2015/09/23 06:58:13 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2014/04/15 16:34:27 | 000,000,000 | ---D | M] -- C:\deca3bd623c181f627fad18012c7ae
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2015/03/12 22:21:41 | 000,000,000 | ---D | M] -- C:\ElementalTinkerer
[2014/10/20 02:39:54 | 000,000,000 | -HSD | M] -- C:\found.000
[2014/10/19 17:31:22 | 000,000,000 | -HSD | M] -- C:\found.001
[2015/04/22 01:17:28 | 000,000,000 | -HSD | M] -- C:\found.002
[2015/07/04 19:33:47 | 000,000,000 | ---D | M] -- C:\Fraps
[2015/05/31 17:46:11 | 000,000,000 | ---D | M] -- C:\Games
[2015/06/10 12:26:53 | 000,000,000 | ---D | M] -- C:\Intel
[2014/04/15 17:16:55 | 000,000,000 | -H-D | M] -- C:\OEM
[2015/06/10 12:26:53 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2015/09/23 10:25:43 | 000,000,000 | ---D | M] -- C:\Program Files
[2015/09/23 09:08:48 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2015/09/23 10:34:43 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014/04/15 16:30:30 | 000,000,000 | -HSD | M] -- C:\Recovery
[2015/02/21 20:48:35 | 000,000,000 | ---D | M] -- C:\Riot Games
[2015/02/06 22:27:23 | 000,000,000 | ---D | M] -- C:\RomStation
[2015/09/23 10:46:34 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2014/07/14 16:21:47 | 000,000,000 | R--D | M] -- C:\Users
[2015/06/10 12:26:53 | 000,000,000 | ---D | M] -- C:\UT
[2015/09/23 10:23:06 | 000,000,000 | ---D | M] -- C:\Windows
[2014/05/15 12:33:12 | 000,000,000 | ---D | M] -- C:\word
[2015/09/23 10:24:09 | 000,000,000 | ---D | M] -- C:\_OTL

[color=#A23BEC]< %Homedrive%\Recycler\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.vb* /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.exe /s >[/color]
[2015/01/03 21:23:56 | 000,000,544 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-665182456-594994694-3631856726-1001\$IJ2GS82.exe
[2015/01/18 19:53:27 | 000,000,544 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-665182456-594994694-3631856726-1001\$IXSJXI0.exe

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.vb* /s >[/color]

[color=#A23BEC]< %Userprofile%\* >[/color]
[2015/07/10 12:26:38 | 000,000,093 | ---- | M] () -- C:\Users\LILI\.sutmp
[2015/09/23 10:49:11 | 003,407,872 | -HS- | M] () -- C:\Users\LILI\ntuser.dat
[2015/09/23 10:49:11 | 000,262,144 | -HS- | M] () -- C:\Users\LILI\ntuser.dat.LOG1
[2015/05/01 11:49:59 | 000,262,144 | -HS- | M] () -- C:\Users\LILI\ntuser.dat.LOG2
[2015/04/30 17:30:45 | 001,048,576 | -HS- | M] () -- C:\Users\LILI\ntuser.dat{016888bc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.0.regtrans-ms
[2015/04/30 17:30:45 | 001,048,576 | -HS- | M] () -- C:\Users\LILI\ntuser.dat{016888bc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.1.regtrans-ms
[2015/04/30 17:30:45 | 001,048,576 | -HS- | M] () -- C:\Users\LILI\ntuser.dat{016888bc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.2.regtrans-ms
[2015/04/30 17:30:45 | 000,065,536 | -HS- | M] () -- C:\Users\LILI\ntuser.dat{016888bc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.blf
[2014/04/15 16:35:23 | 000,065,536 | -HS- | M] () -- C:\Users\LILI\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2014/04/15 16:35:23 | 000,524,288 | -HS- | M] () -- C:\Users\LILI\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2014/04/15 16:35:23 | 000,524,288 | -HS- | M] () -- C:\Users\LILI\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2014/04/15 16:30:44 | 000,000,020 | -HS- | M] () -- C:\Users\LILI\ntuser.ini
[2014/08/13 11:17:44 | 122,206,703 | ---- | M] () -- C:\Users\LILI\openoffice1.cab
[2014/08/13 11:16:04 | 002,314,240 | ---- | M] () -- C:\Users\LILI\openoffice411.msi
[2014/10/01 17:13:40 | 001,029,200 | ---- | M] () -- C:\Users\LILI\ts3_recording_14_10_01_17_13_27.wav
[2014/11/10 23:33:25 | 008,551,760 | ---- | M] () -- C:\Users\LILI\ts3_recording_14_11_10_22_32_36.wav

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2015/02/01 00:10:41 | 000,000,000 | ---D | M] -- C:\Users\LILI\.swt
[2015/07/11 22:26:42 | 000,000,000 | -H-D | M] -- C:\Users\LILI\AppData
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Application Data
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Contacts
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Cookies
[2015/09/23 10:43:06 | 000,000,000 | R--D | M] -- C:\Users\LILI\Desktop
[2015/09/23 10:41:44 | 000,000,000 | R--D | M] -- C:\Users\LILI\Documents
[2015/09/21 15:10:27 | 000,000,000 | R--D | M] -- C:\Users\LILI\Downloads
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Favorites
[2015/01/18 19:13:30 | 000,000,000 | ---D | M] -- C:\Users\LILI\licenses
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Links
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Local Settings
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Menu Démarrer
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Mes documents
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Modèles
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Music
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Pictures
[2015/01/18 19:13:30 | 000,000,000 | ---D | M] -- C:\Users\LILI\readmes
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Recent
[2015/01/18 19:13:30 | 000,000,000 | ---D | M] -- C:\Users\LILI\redist
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Saved Games
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Searches
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\SendTo
[2014/11/20 20:10:19 | 000,000,000 | ---D | M] -- C:\Users\LILI\Tracing
[2015/08/20 12:45:56 | 000,000,000 | R--D | M] -- C:\Users\LILI\Videos
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Voisinage d'impression
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\Voisinage réseau

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2009/08/02 19:35:40 | 000,036,136 | ---- | M] (Oberon Media) -- C:\ProgramData\FullRemove.exe

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2009/11/19 06:38:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer
[2009/11/19 06:50:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2014/11/25 21:40:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Aeria Games
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/11/19 06:22:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Applications
[2015/06/25 20:44:51 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2015/05/11 16:46:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira
[2009/11/19 06:31:39 | 000,000,000 | ---D | M] -- C:\ProgramData\BackupManager
[2014/09/26 16:15:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Battle.net
[2014/09/26 16:16:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Blizzard Entertainment
[2014/05/29 20:35:20 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacks
[2014/11/20 20:10:19 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacksSetup
[2014/04/28 21:24:08 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2014/04/15 16:30:30 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2015/01/31 18:56:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2014/09/04 15:27:32 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2015/01/04 00:25:01 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/11/19 06:53:08 | 000,000,000 | ---D | M] -- C:\ProgramData\EgisTec
[2009/11/19 06:51:25 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2014/04/15 16:30:30 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2015/06/10 12:23:54 | 000,000,000 | ---D | M] -- C:\ProgramData\GFACE
[2014/09/21 07:58:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Glyph
[2015/05/11 17:46:04 | 000,000,000 | ---D | M] -- C:\ProgramData\HP
[2015/05/11 17:42:48 | 000,000,000 | ---D | M] -- C:\ProgramData\HP Product Assistant
[2015/09/21 15:20:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2015/07/06 11:55:07 | 000,000,000 | ---D | M] -- C:\ProgramData\IObit
[2015/09/23 07:08:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2014/04/18 18:37:18 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2014/04/15 16:33:52 | 000,000,000 | ---D | M] -- C:\ProgramData\McQcModifier-5c47-a7b0
[2014/04/15 16:30:30 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2015/07/18 15:13:07 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2015/07/17 13:01:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2015/04/11 21:28:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Mirillis
[2014/04/15 16:30:30 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2009/11/19 06:45:40 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero
[2014/04/15 16:33:56 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2014/04/15 16:31:01 | 000,000,000 | ---D | M] -- C:\ProgramData\OEM
[2014/11/05 15:01:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2015/06/21 12:45:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2015/09/23 09:37:06 | 000,000,000 | ---D | M] -- C:\ProgramData\ProductData
[2014/11/29 23:57:49 | 000,000,000 | ---D | M] -- C:\ProgramData\pwd
[2014/11/18 21:20:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Riot Games
[2009/11/19 06:44:06 | 000,000,000 | ---D | M] -- C:\ProgramData\SiteAdvisor
[2015/07/01 20:32:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2014/04/16 18:54:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2014/04/15 17:08:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2015/02/06 21:41:07 | 000,000,000 | ---D | M] -- C:\ProgramData\TmForever
[2015/01/31 18:59:30 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2015/05/11 17:47:11 | 000,000,000 | ---D | M] -- C:\ProgramData\WEBREG
[2014/11/28 18:47:11 | 000,000,000 | ---D | M] -- C:\ProgramData\WEBZEN

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2015/01/13 22:08:22 | 000,025,600 | ---- | M] () -- C:\Users\LILI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/07/18 15:16:27 | 000,086,296 | ---- | M] () -- C:\Users\LILI\AppData\Local\GDIPFONTCACHEV1.DAT
[2015/09/23 09:34:49 | 003,529,006 | -H-- | M] () -- C:\Users\LILI\AppData\Local\IconCache.db
[2015/04/09 20:54:57 | 000,000,000 | ---- | M] () -- C:\Users\LILI\AppData\Local\{6AEBC49C-6296-46EC-9B58-21F5A842A2A9}

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2015/09/21 15:21:37 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\238010
[2015/07/25 00:56:27 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Adobe
[2014/11/25 21:40:35 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Aeria Games
[2015/05/09 15:13:21 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Akamai
[2015/09/21 15:19:45 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Ankama
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\AppData\Local\Application Data
[2014/04/16 20:06:38 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Apps
[2015/02/01 15:27:38 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Avg2014
[2015/09/22 16:30:36 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Battle.net
[2014/11/05 13:39:04 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Black_Tree_Gaming
[2014/12/13 21:21:15 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Blizzard
[2014/09/26 16:16:50 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Blizzard Entertainment
[2014/05/21 13:04:09 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Bluestacks
[2014/04/15 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Broadcom
[2015/07/29 17:23:55 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\CEF
[2014/07/09 09:47:37 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\CrashRpt
[2014/09/04 15:27:21 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\CyberLink
[2015/02/01 21:24:51 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Deployment
[2014/11/17 08:54:44 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Diagnostics
[2015/09/21 15:48:28 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\dxhr
[2014/12/04 20:12:26 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\EdgeOfReality
[2014/04/15 16:33:52 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\EgisTec
[2015/08/31 16:44:00 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\ElevatedDiagnostics
[2015/06/11 13:04:04 | 000,000,000 | -HSD | M] -- C:\Users\LILI\AppData\Local\EmieBrowserModeList
[2015/06/11 13:04:04 | 000,000,000 | -HSD | M] -- C:\Users\LILI\AppData\Local\EmieSiteList
[2015/06/11 13:04:04 | 000,000,000 | -HSD | M] -- C:\Users\LILI\AppData\Local\EmieUserList
[2014/06/09 16:56:59 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Evernote
[2015/07/04 21:34:06 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\FalloutNV
[2014/11/08 14:34:02 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\ftblauncher
[2014/04/15 17:06:47 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Gameforge4d
[2015/01/10 14:59:15 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\GamersFirst
[2015/01/10 15:19:58 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\GamersFirst LIVE!
[2015/01/14 18:53:16 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Glyph
[2015/09/21 15:05:43 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Google
[2015/08/19 18:57:09 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\GWX
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\AppData\Local\Historique
[2015/06/03 12:19:57 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\HP
[2015/06/03 07:58:43 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Microsoft
[2014/04/15 17:04:13 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Microsoft Help
[2015/04/11 21:28:11 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Mirillis
[2015/04/01 14:11:13 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Oblivion
[2015/07/14 12:57:16 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\openvr
[2014/11/20 19:54:45 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Opera Software
[2014/05/01 21:32:06 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Pipix-3
[2014/04/15 17:05:44 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Programs
[2014/11/29 15:31:41 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Red 5 Studios
[2015/01/04 19:50:17 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\SCE
[2014/10/15 07:54:10 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Skitch
[2014/05/14 17:18:52 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Skype
[2015/07/29 22:25:41 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Skyrim
[2015/02/25 14:33:07 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Steam
[2015/01/11 00:36:19 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\SWTOR
[2015/01/11 00:05:42 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\SWTORPerf
[2015/09/23 10:49:07 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Temp
[2014/04/15 16:30:44 | 000,000,000 | -HSD | M] -- C:\Users\LILI\AppData\Local\Temporary Internet Files
[2015/08/22 19:46:01 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\The Witcher 2
[2015/09/16 14:12:11 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\TroveToolbox
[2015/01/31 18:58:24 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\TuneUp Software
[2014/06/04 16:48:59 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Ubisoft
[2014/04/27 21:37:13 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Unity
[2014/04/27 18:53:45 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\UWebKit
[2014/04/15 16:33:56 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\VirtualStore
[2014/07/09 09:41:14 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\wf-launcher
[2015/01/21 17:11:26 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\WMTools Downloaded Files

[color=#A23BEC]< %Userprofile%\Local Settings\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\*. >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]
[2015/07/02 17:53:53 | 000,000,000 | ---D | M] -- C:\Users\LILI\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\FAPV7LM6

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*. >[/color]
[2015/07/02 17:53:53 | 000,000,000 | ---D | M] -- C:\Users\LILI\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\FAPV7LM6

[color=#A23BEC]< %programFiles%\* >[/color]
[2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#A23BEC]< %programFiles%\*. >[/color]
[2014/04/15 17:32:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer
[2009/11/19 06:50:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2015/05/09 15:34:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Aeria Games
[2015/09/22 16:01:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battle.net
[2015/03/31 18:19:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bethesda Softworks
[2014/05/29 20:35:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BlueStacks
[2015/09/12 11:12:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2014/04/15 17:09:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2015/01/11 00:01:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2014/07/14 16:22:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Registry Cleaner For Seven
[2015/09/21 19:52:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2015/07/17 11:07:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GUME742.tmp
[2015/05/11 17:34:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2015/05/11 17:43:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hp
[2015/09/21 14:57:48 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/11/19 06:07:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2015/09/11 13:07:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2015/09/23 06:53:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IObit
[2014/04/15 16:50:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ITE
[2014/11/05 15:05:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2009/11/19 06:19:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JMicron
[2014/04/15 17:01:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2015/07/17 12:45:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2009/11/19 06:36:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
[2015/08/20 12:44:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/04/15 17:02:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/11/19 06:22:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Touch Pack for Windows 7
[2015/06/10 12:21:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2015/07/17 12:45:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2009/11/19 06:21:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft XNA
[2015/07/17 12:45:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2015/04/11 21:26:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mirillis
[2014/11/09 19:26:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Movie Maker 2.6
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2015/02/07 18:27:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mumble
[2009/11/19 06:46:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2009/11/19 06:31:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NewTech Infosystems
[2014/06/20 22:31:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/12/05 19:17:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OBS
[2015/01/18 19:14:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice 4
[2015/09/18 18:33:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Opera
[2014/04/15 16:18:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2015/09/21 15:10:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RPG Maker 2003
[2015/07/04 19:24:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RPG Maker 2003Projet 1
[2014/09/27 21:26:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SDGi Europe
[2015/05/27 18:40:57 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2015/06/10 12:21:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SmartPCFixer
[2015/09/23 07:55:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2014/07/14 16:22:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2014/04/15 16:18:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/11/19 06:50:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TouchSettings
[2009/07/14 06:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2014/04/19 20:18:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2014/04/15 17:03:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2014/04/15 17:01:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2014/04/19 09:04:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2015/06/10 21:35:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2014/04/19 09:04:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2014/04/19 09:04:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2015/01/31 18:59:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2014/09/05 18:58:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2015/09/12 10:03:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!

[color=#A23BEC]< %programfiles%\Google\Desktop\*. >[/color]

[color=#A23BEC]< %ProgramFiles%\Common Files\*. >[/color]
[2009/11/19 06:49:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe
[2009/11/19 06:50:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2015/01/11 00:02:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\BioWare
[2015/09/22 11:51:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2015/05/11 17:41:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2015/05/11 17:41:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\HP
[2015/02/02 17:51:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\InstallShield
[2015/06/10 11:54:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\IObit
[2014/11/05 15:03:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Java
[2015/07/17 13:01:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\microsoft shared
[2009/11/19 06:47:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Nero
[2009/11/19 06:24:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Oberon Media
[2009/07/14 05:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Services
[2015/04/24 15:49:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Skype
[2009/07/14 05:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2015/08/22 11:27:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Steam
[2015/07/17 13:01:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\System
[2014/04/15 17:00:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Windows Live

[color=#A23BEC]< %ProgramFiles(X86)%\Common Files\*. >[/color]
[2009/11/19 06:49:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe
[2009/11/19 06:50:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2015/01/11 00:02:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\BioWare
[2015/09/22 11:51:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2015/05/11 17:41:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2015/05/11 17:41:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\HP
[2015/02/02 17:51:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\InstallShield
[2015/06/10 11:54:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\IObit
[2014/11/05 15:03:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Java
[2015/07/17 13:01:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\microsoft shared
[2009/11/19 06:47:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Nero
[2009/11/19 06:24:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Oberon Media
[2009/07/14 05:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Services
[2015/04/24 15:49:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Skype
[2009/07/14 05:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2015/08/22 11:27:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Steam
[2015/07/17 13:01:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\System
[2014/04/15 17:00:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Windows Live

[color=#A23BEC]< %Systemroot%\Installer\*. >[/color]
[2009/11/19 06:21:41 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\$PatchCache$
[2015/04/01 17:39:30 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1052.tmp-
[2014/05/21 13:11:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI108.tmp-
[2015/02/01 12:28:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI10B.tmp-
[2015/04/30 17:33:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI10B4.tmp-
[2015/05/11 16:41:51 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI10DE.tmp-
[2014/05/21 13:09:41 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI11FF.tmp-
[2015/05/11 16:41:52 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1284.tmp-
[2014/05/21 13:11:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI14AF.tmp-
[2015/05/11 16:41:52 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI14F5.tmp-
[2015/05/11 16:41:52 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI15E0.tmp-
[2014/05/21 13:11:54 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1627.tmp-
[2015/04/01 17:39:30 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI162D.tmp-
[2014/05/21 13:09:42 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI16D1.tmp-
[2015/05/11 16:41:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI16DB.tmp-
[2014/05/21 13:09:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1829.tmp-
[2014/05/21 13:11:55 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1869.tmp-
[2015/04/01 17:39:31 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI188E.tmp-
[2014/05/21 13:09:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI19B0.tmp-
[2014/05/21 13:09:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1A6C.tmp-
[2015/04/01 17:39:31 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1AEF.tmp-
[2014/05/21 13:09:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1B48.tmp-
[2015/04/01 17:39:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1D51.tmp-
[2014/05/21 13:11:55 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1D98.tmp-
[2015/04/01 17:39:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1F74.tmp-
[2014/05/21 13:11:56 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI1FAC.tmp-
[2014/09/26 17:46:52 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2121.tmp-
[2015/04/01 17:39:33 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2158.tmp-
[2015/02/01 12:28:58 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI216.tmp-
[2015/02/01 12:29:08 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI21F5.tmp-
[2014/05/21 13:09:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI220C.tmp-
[2014/05/21 13:09:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI22F7.tmp-
[2014/11/08 21:42:27 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2378.tmp-
[2015/04/01 17:39:34 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI23F8.tmp-
[2014/05/21 13:11:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2400.tmp-
[2014/05/21 13:11:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI24DC.tmp-
[2014/10/15 07:59:36 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2532.tmp-
[2014/05/21 13:09:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2587.tmp-
[2014/05/21 13:11:59 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI25D6.tmp-
[2014/05/21 13:09:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI272E.tmp-
[2014/09/26 17:46:55 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2A57.tmp-
[2015/02/01 12:29:08 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2BB6.tmp-
[2014/05/21 13:09:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2BFF.tmp-
[2014/05/29 20:35:06 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2D28.tmp-
[2014/05/21 13:09:49 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2D67.tmp-
[2015/02/01 12:29:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2E08.tmp-
[2014/05/21 13:12:00 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2ECC.tmp-
[2015/02/01 12:29:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI2FED.tmp-
[2014/05/21 13:09:49 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3064.tmp-
[2015/02/01 12:29:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI30E7.tmp-
[2014/09/26 17:46:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI310C.tmp-
[2014/05/21 13:12:00 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI311E.tmp-
[2014/05/29 20:35:06 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI315D.tmp-
[2014/05/21 13:09:49 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI319D.tmp-
[2014/05/21 13:11:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI31C.tmp-
[2015/02/01 12:29:10 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI31F2.tmp-
[2014/05/21 13:12:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3219.tmp-
[2014/05/29 20:35:07 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3303.tmp-
[2014/05/21 13:09:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3305.tmp-
[2014/05/29 20:35:08 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI343C.tmp-
[2015/02/01 12:29:10 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3453.tmp-
[2014/05/21 13:09:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI347D.tmp-
[2014/05/21 13:12:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI34A9.tmp-
[2014/05/21 13:09:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3548.tmp-
[2015/03/06 16:28:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3590.tmp-
[2014/05/21 13:09:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI370E.tmp-
[2014/09/26 17:46:59 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3A5F.tmp-
[2014/11/08 21:42:24 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3A8.tmp-
[2014/05/29 20:35:13 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI3AB3.tmp-
[2014/05/21 13:09:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4090.tmp-
[2015/04/01 17:39:41 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI40CF.tmp-
[2014/05/21 13:09:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4246.tmp-
[2014/05/21 13:12:06 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4261.tmp-
[2014/05/21 13:09:54 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4322.tmp-
[2015/04/01 17:39:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI438E.tmp-
[2014/05/21 13:11:49 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI445.tmp-
[2014/11/08 21:42:33 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI44A3.tmp-
[2014/05/21 13:09:55 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI460F.tmp-
[2014/10/15 07:59:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4652.tmp-
[2014/10/15 07:59:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4807.tmp-
[2015/04/01 17:39:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4978.tmp-
[2014/10/15 07:59:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4B44.tmp-
[2014/05/21 13:09:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4C77.tmp-
[2014/11/04 19:30:35 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4D35.tmp-
[2014/05/29 20:35:13 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4D4A.tmp-
[2014/10/15 07:59:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4DC5.tmp-
[2014/05/29 20:35:14 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI4ED1.tmp-
[2014/05/29 20:35:14 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5077.tmp-
[2015/02/01 12:29:18 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI50FB.tmp-
[2015/04/01 17:39:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5117.tmp-
[2014/05/29 20:35:15 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI51FE.tmp-
[2015/02/01 12:29:19 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5224.tmp-
[2014/05/21 13:12:28 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5252.tmp-
[2014/11/08 21:42:36 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI52A1.tmp-
[2014/05/29 20:35:15 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5347.tmp-
[2014/11/08 21:42:37 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI538C.tmp-
[2014/10/15 07:59:47 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5499.tmp-
[2014/11/08 21:42:37 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI54B6.tmp-
[2014/05/21 13:04:31 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5550.tmp-
[2014/05/29 20:35:16 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5579.tmp-
[2014/11/08 21:42:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI55E0.tmp-
[2014/05/21 13:04:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI587C.tmp-
[2014/05/21 13:10:15 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI58DF.tmp-
[2014/05/29 20:35:17 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5913.tmp-
[2014/09/26 17:46:51 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI595.tmp-
[2014/05/21 13:04:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5967.tmp-
[2014/05/21 13:04:33 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5A52.tmp-
[2014/05/29 20:35:17 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5AA9.tmp-
[2014/05/29 20:35:17 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5C50.tmp-
[2014/05/21 13:11:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5DC.tmp-
[2014/05/29 20:35:18 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5DE7.tmp-
[2014/10/15 07:58:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5E35.tmp-
[2014/11/08 21:42:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5F33.tmp-
[2014/05/21 13:04:36 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI5FCF.tmp-
[2014/12/13 19:45:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI608C.tmp-
[2014/05/29 20:35:19 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI625F.tmp-
[2014/09/26 17:47:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6306.tmp-
[2014/09/26 17:47:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6603.tmp-
[2014/11/08 21:42:42 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6701.tmp-
[2014/11/08 21:42:42 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI67EC.tmp-
[2015/04/30 17:34:06 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI681C.tmp-
[2015/03/06 16:29:21 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI684A.tmp-
[2014/09/26 17:47:11 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI68D2.tmp-
[2014/11/08 21:42:42 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI68E7.tmp-
[2014/11/08 21:42:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6A7D.tmp-
[2015/02/01 12:28:30 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6B01.tmp-
[2014/05/21 13:04:36 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6BA2.tmp-
[2014/11/08 21:42:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6BC6.tmp-
[2014/05/21 13:04:37 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6C7E.tmp-
[2014/11/08 21:42:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6D2E.tmp-
[2014/11/04 19:30:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6E3D.tmp-
[2014/05/29 20:35:22 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6E80.tmp-
[2014/05/21 13:04:37 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6E82.tmp-
[2015/03/06 16:28:18 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6EF8.tmp-
[2015/04/30 17:34:08 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6F2F.tmp-
[2014/05/21 13:04:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI6FDA.tmp-
[2014/05/21 13:04:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7190.tmp-
[2014/05/29 20:35:23 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI71BC.tmp-
[2014/05/29 20:35:24 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI74BA.tmp-
[2014/05/21 13:04:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7613.tmp-
[2015/03/06 16:30:02 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI762.tmp-
[2014/05/29 20:35:24 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7621.tmp-
[2014/05/29 20:35:25 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI77B8.tmp-
[2014/05/21 13:04:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7920.tmp-
[2014/05/21 13:09:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7A4.tmp-
[2014/05/21 13:04:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7A4A.tmp-
[2015/03/06 16:28:23 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7B49.tmp-
[2014/05/21 13:04:41 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7B73.tmp-
[2014/05/21 13:04:41 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7C9D.tmp-
[2014/05/29 20:35:26 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7DB2.tmp-
[2015/04/01 17:38:55 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7DEC.tmp-
[2014/11/08 21:42:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7EAF.tmp-
[2014/12/13 19:46:00 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7EB0.tmp-
[2014/05/29 20:35:27 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7F68.tmp-
[2014/12/13 19:46:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI7FC9.tmp-
[2014/12/13 19:46:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8113.tmp-
[2014/12/13 19:46:03 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI821D.tmp-
[2014/05/21 13:04:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI827C.tmp-
[2014/05/29 20:35:27 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8320.tmp-
[2014/11/04 19:30:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI847.tmp-
[2014/05/29 20:35:29 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI84A7.tmp-
[2015/04/30 17:33:41 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI85A.tmp-
[2014/05/21 13:09:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI87F.tmp-
[2014/10/15 08:00:00 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8847.tmp-
[2014/12/13 19:46:03 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI895F.tmp-
[2014/10/15 07:58:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI89E8.tmp-
[2014/05/21 13:04:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI89FC.tmp-
[2014/05/29 20:35:29 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8A72.tmp-
[2014/10/15 08:00:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8BC1.tmp-
[2014/05/29 20:35:30 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8BDA.tmp-
[2014/05/21 13:04:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8BF0.tmp-
[2014/09/26 17:47:41 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8C5D.tmp-
[2014/10/15 08:00:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8DD4.tmp-
[2014/05/29 20:35:30 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8DDE.tmp-
[2015/04/30 17:34:15 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8E0D.tmp-
[2014/05/21 13:04:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8ECE.tmp-
[2014/05/29 20:35:31 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8FC3.tmp-
[2014/05/21 13:04:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI8FF8.tmp-
[2014/10/15 08:00:02 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9007.tmp-
[2015/04/30 17:34:16 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI90EB.tmp-
[2014/05/21 13:04:47 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9111.tmp-
[2014/05/29 20:35:31 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI91D6.tmp-
[2014/10/15 08:00:02 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI91FB.tmp-
[2015/04/30 17:34:17 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI939B.tmp-
[2014/10/15 08:00:03 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI93E0.tmp-
[2014/05/29 20:35:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9409.tmp-
[2015/03/06 16:29:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI951D.tmp-
[2014/05/29 20:35:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9570.tmp-
[2014/05/21 13:09:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI95B.tmp-
[2015/04/30 17:34:17 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI95DE.tmp-
[2014/05/21 13:04:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI970B.tmp-
[2014/05/29 20:35:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9774.tmp-
[2014/05/21 13:04:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9806.tmp-
[2015/02/01 12:28:33 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9981.tmp-
[2015/03/06 16:29:33 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI99C0.tmp-
[2014/05/21 13:04:49 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9BAF.tmp-
[2014/05/21 13:04:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9CC9.tmp-
[2015/04/01 17:38:59 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9D30.tmp-
[2015/03/06 16:29:34 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9EB2.tmp-
[2014/12/13 19:46:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSI9F11.tmp-
[2014/12/13 19:46:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA01C.tmp-
[2014/12/13 19:46:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA145.tmp-
[2015/03/06 16:29:35 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA20D.tmp-
[2014/05/21 13:04:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA236.tmp-
[2014/12/13 19:46:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA2AD.tmp-
[2014/05/21 13:04:51 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA36F.tmp-
[2014/12/13 19:46:10 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA3C7.tmp-
[2015/04/01 17:39:03 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA452.tmp-
[2014/05/21 13:09:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA46.tmp-
[2014/12/13 19:46:10 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA4F0.tmp-
[2014/05/21 13:04:52 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA65D.tmp-
[2014/05/21 13:04:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIA813.tmp-
[2014/10/15 08:00:09 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIAA80.tmp-
[2014/12/13 19:45:33 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIABA.tmp-
[2014/05/21 13:04:54 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIAD9F.tmp-
[2014/05/21 13:11:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIAEB.tmp-
[2014/05/21 13:04:54 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIAFA3.tmp-
[2014/05/29 20:35:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB081.tmp-
[2014/05/21 13:04:54 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB0EC.tmp-
[2014/05/21 13:04:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB244.tmp-
[2014/05/21 13:09:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB31.tmp-
[2015/04/30 17:34:26 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB59E.tmp-
[2014/05/29 20:35:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB6F7.tmp-
[2014/05/29 20:35:42 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB830.tmp-
[2015/04/30 17:34:26 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB85D.tmp-
[2015/04/30 17:34:26 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIB9F4.tmp-
[2015/04/30 17:34:27 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIBBD8.tmp-
[2014/05/21 13:04:59 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIBC53.tmp-
[2014/12/13 19:46:16 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIBD54.tmp-
[2015/04/30 17:34:27 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIBDEC.tmp-
[2014/05/29 20:35:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIBE88.tmp-
[2015/04/30 17:34:28 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIBFC1.tmp-
[2014/05/21 13:11:51 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC05.tmp-
[2014/05/21 13:09:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC0C.tmp-
[2015/04/30 17:34:28 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC109.tmp-
[2015/03/06 16:29:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC25A.tmp-
[2014/11/04 19:30:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC2E7.tmp-
[2015/04/30 17:34:29 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC38A.tmp-
[2014/05/21 13:04:59 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC4CC.tmp-
[2014/05/21 13:05:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC5E6.tmp-
[2015/03/06 16:29:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIC91E.tmp-
[2014/05/21 13:05:02 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSICBEF.tmp-
[2015/03/06 16:30:05 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSICC0.tmp-
[2015/03/06 16:29:47 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSICCC7.tmp-
[2014/05/29 20:35:47 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSICEDF.tmp-
[2014/05/29 20:35:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID140.tmp-
[2014/05/21 13:09:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID26.tmp-
[2015/03/06 16:29:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID273.tmp-
[2014/11/04 19:31:01 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID299.tmp-
[2014/05/29 20:35:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID49B.tmp-
[2014/11/04 19:31:02 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID49D.tmp-
[2015/05/11 16:41:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID49E.tmp-
[2015/03/06 16:29:49 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID5DE.tmp-
[2014/05/21 13:05:04 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID66D.tmp-
[2014/11/04 19:31:02 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID6A2.tmp-
[2014/05/29 20:35:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID798.tmp-
[2014/12/13 19:45:30 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID7C8.tmp-
[2014/11/04 19:31:03 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID877.tmp-
[2015/04/01 17:39:15 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID95B.tmp-
[2015/03/06 16:29:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSID9B6.tmp-
[2014/05/21 13:11:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDA31.tmp-
[2014/05/21 13:05:23 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDAD3.tmp-
[2014/11/04 19:31:04 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDB45.tmp-
[2014/05/21 13:11:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDBD7.tmp-
[2015/04/30 17:33:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDBDD.tmp-
[2014/05/21 13:11:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDCB2.tmp-
[2014/05/21 13:11:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDD5F.tmp-
[2015/03/06 16:29:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDDEB.tmp-
[2015/04/01 17:39:16 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIDEF8.tmp-
[2015/03/06 16:29:51 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE0BA.tmp-
[2014/05/21 13:09:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE11.tmp-
[2015/04/30 17:34:37 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE1C8.tmp-
[2014/05/21 13:11:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE221.tmp-
[2015/04/30 17:34:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE5EE.tmp-
[2014/05/21 13:11:51 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE76.tmp-
[2015/04/30 17:34:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE775.tmp-
[2015/04/30 17:34:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE91B.tmp-
[2015/05/11 16:41:50 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIE9B.tmp-
[2015/02/01 12:28:52 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEB00.tmp-
[2014/11/04 19:30:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEB0F.tmp-
[2014/11/04 19:30:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEC28.tmp-
[2015/05/11 16:41:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIED9D.tmp-
[2014/11/04 19:30:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEDA0.tmp-
[2014/05/21 13:11:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEDC5.tmp-
[2014/05/21 13:11:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEEC0.tmp-
[2014/11/04 19:30:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEF17.tmp-
[2014/05/21 13:11:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEF8C.tmp-
[2015/04/01 17:39:20 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEFA3.tmp-
[2014/05/21 13:09:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIEFC.tmp-
[2014/11/04 19:30:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF07F.tmp-
[2014/05/21 13:11:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF0A5.tmp-
[2014/05/21 13:11:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF171.tmp-
[2014/11/04 19:30:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF1E7.tmp-
[2015/04/01 17:39:21 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF205.tmp-
[2014/05/21 13:11:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF28B.tmp-
[2014/05/21 13:11:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF3E3.tmp-
[2015/04/01 17:39:21 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF3EA.tmp-
[2015/05/11 16:41:44 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF474.tmp-
[2014/05/21 13:11:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF4FD.tmp-
[2014/05/21 13:11:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF52.tmp-
[2015/04/01 17:39:22 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF5CF.tmp-
[2014/05/21 13:11:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF5D8.tmp-
[2014/05/21 13:11:45 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF6D4.tmp-
[2014/05/21 13:09:34 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF779.tmp-
[2014/05/21 13:09:35 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF8B2.tmp-
[2014/05/21 13:09:35 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF97E.tmp-
[2014/05/21 13:11:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIF9F5.tmp-
[2014/05/21 13:09:36 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFA3A.tmp-
[2015/03/06 16:29:58 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFAC3.tmp-
[2014/05/21 13:09:41 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFD8.tmp-
[2015/02/01 12:28:56 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFE69.tmp-
[2015/03/06 16:30:00 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFEBA.tmp-
[2014/05/21 13:09:38 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFF69.tmp-
[2014/05/21 13:11:48 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFF81.tmp-
[2015/02/01 12:28:57 | 000,000,000 | ---D | M] -- C:\Windows\Installer\MSIFF83.tmp-
[2014/04/15 17:00:06 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
[2014/04/17 12:33:23 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}
[2015/01/18 19:15:22 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{121727D5-FDF3-4723-BA57-EB383440ED72}
[2014/04/15 17:01:35 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}
[2014/04/15 17:02:49 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}
[2015/05/09 15:34:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{22A72F06-FA80-42CB-9A8C-46C6AE53425C}
[2015/07/01 20:32:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
[2014/04/15 17:08:21 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{2637C347-9DAD-11D6-9EA2-00055D0CA761}
[2009/11/19 06:31:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{30075A70-B5D2-440B-AFA3-FB2021740121}
[2009/11/19 06:21:37 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
[2014/04/15 17:03:15 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{4634B21A-CC07-4396-890C-2B8168661FEA}
[2014/05/29 20:35:21 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}
[2015/02/07 18:27:06 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{5D198290-6E7D-426C-9AF0-8DA34CC7E596}
[2014/04/15 17:07:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}
[2014/04/15 17:02:24 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}
[2014/04/17 12:26:22 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{68301905-2DEA-41CE-A4D4-E8B443B099BA}
[2009/11/19 06:21:42 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}
[2015/05/27 18:41:08 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
[2014/04/15 17:09:11 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{70CC0095-AA68-45BE-AE98-D8170182E9EB}
[2014/04/15 17:02:02 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
[2014/05/14 17:18:32 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
[2014/04/15 17:01:28 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
[2014/04/17 21:05:20 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
[2015/08/20 12:24:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2015/05/11 17:43:22 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}
[2014/04/15 17:09:55 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{8FF90DB8-6DED-44A3-B182-244FEC09012F}
[2015/09/09 20:04:05 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}
[2015/06/10 19:08:52 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}
[2015/06/10 19:08:46 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{90120000-006E-040C-0000-0000000FF1CE}
[2015/05/11 17:43:35 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
[2015/09/09 20:04:08 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}
[2014/04/15 16:54:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
[2009/11/19 06:49:54 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}
[2014/04/15 17:02:58 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{B131E59D-202C-43C6-84C9-68F0C37541F1}
[2014/11/09 19:26:20 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}
[2015/06/21 12:46:21 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{B455E95A-B804-439F-B533-336B1635AE97}
[2015/05/11 17:41:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}
[2015/05/11 17:42:23 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}
[2014/04/15 16:15:43 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}
[2014/04/15 17:01:39 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
[2009/11/19 06:36:24 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
[2014/04/15 17:02:30 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
[2014/04/17 21:05:47 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
[2015/05/11 17:34:21 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{FC3C2B77-6800-48C6-A15D-9D1031130C16}

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2015/03/13 03:55:15 | 000,016,303 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2009/07/14 06:55:01 | 000,000,535 | ---- | M] () -- C:\Windows\system32\mapisvc.inf
[2015/04/20 00:39:28 | 001,642,388 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

[color=#A23BEC]< %systemroot%\PSS\* /s >[/color]
[2014/10/19 19:23:17 | 000,024,576 | ---- | M] () -- C:\Windows\PSS\boot.backup
[2014/10/19 19:23:17 | 000,021,504 | -HS- | M] () -- C:\Windows\PSS\boot.backup.LOG
[2014/10/19 19:23:16 | 000,000,000 | -HS- | M] () -- C:\Windows\PSS\boot.backup.LOG1
[2014/10/19 19:23:16 | 000,000,000 | -HS- | M] () -- C:\Windows\PSS\boot.backup.LOG2
[2014/06/11 13:29:06 | 000,001,131 | ---- | M] () -- C:\Windows\PSS\EvernoteClipper.lnk.Startup

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2015/09/20 13:04:59 | 000,001,064 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
[2015/09/13 09:47:03 | 000,001,002 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/07/06 18:29:35 | 000,000,460 | ---- | M] () -- C:\Windows\Tasks\cinemaplus-9.0v_helper_service.job
[2015/07/06 13:19:16 | 000,001,336 | ---- | M] () -- C:\Windows\Tasks\cinemaplus-9.0v_notification_service.job
[2015/07/06 18:29:36 | 000,001,334 | ---- | M] () -- C:\Windows\Tasks\HVFGTX.job
[2015/09/23 09:35:49 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2015/09/20 13:04:59 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]
[2015/07/06 12:28:09 | 000,000,000 | ---D | M] -- C:\Windows\Tasks\ImCleanDisabled

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2009/07/14 05:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\syswow64\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\syswow64\Tasks\*. >[/color]
[2009/07/14 05:20:14 | 000,000,000 | ---D | M] -- C:\Windows\syswow64\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]

[color=#A23BEC]< dir %Homedrive%\* /S /A:L /C >[/color]
Le volume dans le lecteur C s'appelle Acer
Le num ro de s rie du volume est A01C-011C
R pertoire de C:\
14/07/2009 07:08 <JONCTION> Documents and Settings [C:\Users]
0 fichier(s) 0 octets
R pertoire de C:\Program Files
15/04/2014 16:30 <JONCTION> Fichiers communs [C:\Program Files\Common Files]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\Windows NT
15/04/2014 16:30 <JONCTION> Accessoires [C:\Program Files\Windows NT\Accessories]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData
14/07/2009 07:08 <JONCTION> Application Data [C:\ProgramData]
15/04/2014 16:30 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 07:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 07:08 <JONCTION> Documents [C:\Users\Public\Documents]
15/04/2014 16:30 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 07:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
15/04/2014 16:30 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
15/04/2014 16:30 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 07:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 07:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Microsoft\Windows\Start Menu
15/04/2014 16:30 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Oracle\Java\javapath
05/11/2014 15:02 <SYMLINK> java.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe]
05/11/2014 15:02 <SYMLINK> javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe]
05/11/2014 15:02 <SYMLINK> javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users
14/07/2009 07:08 <SYMLINKD> All Users [C:\ProgramData]
14/07/2009 07:08 <JONCTION> Default User [C:\Users\Default]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users
14/07/2009 07:08 <JONCTION> Application Data [C:\ProgramData]
15/04/2014 16:30 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 07:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 07:08 <JONCTION> Documents [C:\Users\Public\Documents]
15/04/2014 16:30 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 07:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
15/04/2014 16:30 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
15/04/2014 16:30 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 07:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 07:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu
15/04/2014 16:30 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Oracle\Java\javapath
05/11/2014 15:02 <SYMLINK> java.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe]
05/11/2014 15:02 <SYMLINK> javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe]
05/11/2014 15:02 <SYMLINK> javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\Default
14/07/2009 07:08 <JONCTION> Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009 07:08 <JONCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009 07:08 <JONCTION> Local Settings [C:\Users\Default\AppData\Local]
15/04/2014 16:30 <JONCTION> Menu D marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
15/04/2014 16:30 <JONCTION> Mes documents [C:\Users\Default\Documents]
15/04/2014 16:30 <JONCTION> Mod`les [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
14/07/2009 07:08 <JONCTION> My Documents [C:\Users\Default\Documents]
14/07/2009 07:08 <JONCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/07/2009 07:08 <JONCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009 07:08 <JONCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009 07:08 <JONCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14/07/2009 07:08 <JONCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009 07:08 <JONCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
15/04/2014 16:30 <JONCTION> Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
15/04/2014 16:30 <JONCTION> Voisinage r seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local
14/07/2009 07:08 <JONCTION> Application Data [C:\Users\Default\AppData\Local]
15/04/2014 16:30 <JONCTION> Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 07:08 <JONCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 07:08 <JONCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
15/04/2014 16:30 <JONCTION> Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\Documents
15/04/2014 16:30 <JONCTION> Ma musique [C:\Users\Default\Music]
15/04/2014 16:30 <JONCTION> Mes images [C:\Users\Default\Pictures]
15/04/2014 16:30 <JONCTION> Mes vid os [C:\Users\Default\Videos]
14/07/2009 07:08 <JONCTION> My Music [C:\Users\Default\Music]
14/07/2009 07:08 <JONCTION> My Pictures [C:\Users\Default\Pictures]
14/07/2009 07:08 <JONCTION> My Videos [C:\Users\Default\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\HULK
13/07/2014 21:40 <JONCTION> Application Data [C:\Users\HULK\AppData\Roaming]
13/07/2014 21:40 <JONCTION> Cookies [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Cookies]
13/07/2014 21:40 <JONCTION> Local Settings [C:\Users\HULK\AppData\Local]
13/07/2014 21:40 <JONCTION> Menu D marrer [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Start Menu]
13/07/2014 21:40 <JONCTION> Mes documents [C:\Users\HULK\Documents]
13/07/2014 21:40 <JONCTION> Mod`les [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Templates]
13/07/2014 21:40 <JONCTION> Recent [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Recent]
13/07/2014 21:40 <JONCTION> SendTo [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\SendTo]
13/07/2014 21:40 <JONCTION> Voisinage d'impression [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
13/07/2014 21:40 <JONCTION> Voisinage r seau [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\HULK\AppData\Local
13/07/2014 21:40 <JONCTION> Application Data [C:\Users\HULK\AppData\Local]
13/07/2014 21:40 <JONCTION> Historique [C:\Users\HULK\AppData\Local\Microsoft\Windows\History]
13/07/2014 21:40 <JONCTION> Temporary Internet Files [C:\Users\HULK\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Start Menu
13/07/2014 21:40 <JONCTION> Programmes [C:\Users\HULK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\HULK\Documents
13/07/2014 21:40 <JONCTION> Ma musique [C:\Users\HULK\Music]
13/07/2014 21:40 <JONCTION> Mes images [C:\Users\HULK\Pictures]
13/07/2014 21:40 <JONCTION> Mes vid os [C:\Users\HULK\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\LILI
15/04/2014 16:30 <JONCTION> Application Data [C:\Users\LILI\AppData\Roaming]
15/04/2014 16:30 <JONCTION> Cookies [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Cookies]
15/04/2014 16:30 <JONCTION> Local Settings [C:\Users\LILI\AppData\Local]
15/04/2014 16:30 <JONCTION> Menu D marrer [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Start Menu]
15/04/2014 16:30 <JONCTION> Mes documents [C:\Users\LILI\Documents]
15/04/2014 16:30 <JONCTION> Mod`les [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Templates]
15/04/2014 16:30 <JONCTION> Recent [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Recent]
15/04/2014 16:30 <JONCTION> SendTo [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\SendTo]
15/04/2014 16:30 <JONCTION> Voisinage d'impression [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
15/04/2014 16:30 <JONCTION> Voisinage r seau [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\LILI\AppData\Local
15/04/2014 16:30 <JONCTION> Application Data [C:\Users\LILI\AppData\Local]
15/04/2014 16:30 <JONCTION> Historique [C:\Users\LILI\AppData\Local\Microsoft\Windows\History]
15/04/2014 16:30 <JONCTION> Temporary Internet Files [C:\Users\LILI\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Start Menu
15/04/2014 16:30 <JONCTION> Programmes [C:\Users\LILI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\LILI\Documents
15/04/2014 16:30 <JONCTION> Ma musique [C:\Users\LILI\Music]
15/04/2014 16:30 <JONCTION> Mes images [C:\Users\LILI\Pictures]
15/04/2014 16:30 <JONCTION> Mes vid os [C:\Users\LILI\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Public\Documents
15/04/2014 16:30 <JONCTION> Ma musique [C:\Users\Public\Music]
15/04/2014 16:30 <JONCTION> Mes images [C:\Users\Public\Pictures]
15/04/2014 16:30 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 07:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 07:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 07:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
Total des fichiers list sÿ:
6 fichier(s) 0 octets
93 R p(s) 122ÿ332ÿ291ÿ072 octets libres

[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2011/12/28 05:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2014/04/19 20:49:06 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=26EF7E0DF4EDCD898EB7A671529410B8 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_366f8b668e482477\afd.sys
[2014/04/19 20:49:06 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=314C17917AC8523EC77A710215012A65 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_35d81beb75355772\afd.sys
[2011/12/28 06:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2013/09/28 03:14:56 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=50AB05903CBEF298D135A943D4432E3C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22467_none_3664bb7a8e504068\afd.sys
[2013/09/28 03:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=79059559E89D06E8B80CE2944BE20228 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18272_none_35cb4b6b753f40b5\afd.sys
[2009/07/14 01:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2014/05/30 08:41:14 | 000,496,640 | ---- | M] (Microsoft Corporation) MD5=BDF76C3CE993FFB6214287272708364F -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22705_none_36a3a0208e215d89\afd.sys
[2011/12/28 06:01:12 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=CCA39961E76B491DDF44B1E90FC8971D -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[2010/11/20 11:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/12/28 05:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[2014/05/30 08:45:52 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=FA886682CFC5D36718D3E436AACF10B9 -- C:\Windows\SysNative\drivers\afd.sys
[2014/05/30 08:45:52 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=FA886682CFC5D36718D3E436AACF10B9 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18489_none_35c7815175410855\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009/10/06 08:06:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/10/06 08:35:29 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/10/06 08:31:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009/10/06 07:53:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009/07/14 01:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

[color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
[2009/06/04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI Generic Driver\IaStor.sys
[2009/06/04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009/06/04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009/06/04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2015/07/17 12:45:34 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2015/07/17 12:45:34 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2015/07/17 12:45:34 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: NETBT.SYS >[/color]
[2010/11/20 11:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys
[2010/11/20 11:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[2009/07/14 01:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys

[color=#A23BEC]< MD5 for: TDX.SYS >[/color]
[2009/07/14 01:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[2015/07/17 13:54:43 | 000,118,272 | ---- | M] (Microsoft Corporation) MD5=5FCF588BBD2358538DB17DD0A0A31813 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.22865_none_48b848380bfa8bbd\tdx.sys
[2015/07/17 13:54:43 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=70988118145F5F10EF24720B97F35F65 -- C:\Windows\SysNative\drivers\tdx.sys
[2015/07/17 13:54:43 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=70988118145F5F10EF24720B97F35F65 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.18658_none_483c7a50f2d21ee0\tdx.sys
[2010/11/20 11:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2012/09/06 22:08:56 | 000,296,304 | ---- | M] (Microsoft Corporation) MD5=523E3C704BEE5326A502BA235D0938D6 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.21320_none_72710b5b2eb7975f\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys
[2012/09/06 19:38:18 | 000,295,792 | ---- | M] (Microsoft Corporation) MD5=9E425AC5C9A5A973273D169F43B4F5E1 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.17122_none_71e96d3e15982d1c\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >

Publicité


Signaler le contenu de ce document

Publicité