cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 05/02/2016 19:25:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ACER\Downloads\Programs
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,93 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 31,94% Memory free
5,86 Gb Paging File | 3,28 Gb Available in Paging File | 56,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,39 Gb Total Space | 44,52 Gb Free Space | 30,41% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 8,94 Gb Free Space | 5,89% Space Free | Partition Type: NTFS

Computer Name: ACER-PC | User Name: ACER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/02/05 18:54:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Downloads\Programs\OTL.exe
PRC - [2016/01/20 19:38:54 | 001,163,968 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_286_ActiveX.exe
PRC - [2015/12/18 14:19:14 | 003,931,728 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/12/08 22:53:17 | 000,443,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2015/11/06 09:39:16 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Program Files\globalUpdate\Update\globalupdate.exe
PRC - [2015/11/02 12:32:49 | 001,508,944 | ---- | M] (Cinema PlusV23.10) -- C:\Program Files\CinemaPlus-3.2cV23.10\efba7dd2-bf83-415d-83c6-4595239075a3-6.exe
PRC - [2015/11/01 16:47:12 | 001,586,768 | ---- | M] (Cinema PlusV23.10) -- C:\Program Files\CinemaPlus-3.2cV23.10\efba7dd2-bf83-415d-83c6-4595239075a3-1-6.exe
PRC - [2015/11/01 11:48:31 | 001,387,600 | ---- | M] (MyBrowser 1.0.2V01.11) -- C:\Program Files\MyBrowser 1.0.2V01.11\297683d1-ef33-4163-b4a9-9f25d76d068f-1-6.exe
PRC - [2015/11/01 11:48:13 | 001,470,032 | ---- | M] (MyBrowser 1.0.2V01.11) -- C:\Program Files\MyBrowser 1.0.2V01.11\297683d1-ef33-4163-b4a9-9f25d76d068f-6.exe
PRC - [2015/10/14 20:10:40 | 000,404,992 | ---- | M] () -- C:\Program Files\62646664-1444852970-6432-3036-1C75082074A7\knsy4A92.tmpfs
PRC - [2015/05/09 04:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015/03/31 10:58:48 | 000,177,624 | ---- | M] (Essentware) -- C:\Program Files\Essentware\Common\AccountService.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/15 09:11:18 | 000,515,152 | ---- | M] () -- C:\Users\ACER\AppData\Roaming\OTi\UltraLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\UltraLink.exe
PRC - [2011/04/26 20:10:55 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/14 05:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
PRC - [2009/09/14 05:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/10/15 09:11:18 | 000,515,152 | ---- | M] () -- C:\Users\ACER\AppData\Roaming\OTi\UltraLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\UltraLink.exe
MOD - [2012/04/13 07:48:54 | 000,038,440 | ---- | M] () -- C:\Users\ACER\AppData\Roaming\OTi\UltraLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\OSW08.dll
MOD - [2011/05/13 11:06:06 | 000,073,728 | ---- | M] () -- C:\Users\ACER\AppData\Roaming\OTi\UltraLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\ProdLic.DLL
MOD - [2011/04/28 07:50:48 | 000,039,760 | ---- | M] () -- C:\Users\ACER\AppData\Roaming\OTi\UltraLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\2208KM_HID.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\ClearThink\bin\utilClearThink.exe -- (Util ClearThink)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Air Globe\bin\utilAirGlobe.exe -- (Util Air Globe)
SRV - File not found [Auto | Stopped] -- C:\Program Files\ClearThink\updateClearThink.exe -- (Update ClearThink)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Air Globe\updateAirGlobe.exe -- (Update Air Globe)
SRV - File not found [Disabled | Stopped] -- C:\Users\ACER\AppData\Local\Temp\nsn29B1.tmp -- (ginoquci)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2016/01/20 19:38:58 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/12/12 18:27:29 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/11/06 09:39:16 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\globalupdate.exe -- (globalUpdatem)
SRV - [2015/11/06 09:39:16 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files\globalUpdate\Update\globalupdate.exe -- (globalUpdate)
SRV - [2015/10/14 20:10:40 | 000,404,992 | ---- | M] () [Auto | Running] -- C:\Program Files\62646664-1444852970-6432-3036-1C75082074A7\knsy4A92.tmpfs -- (kuxugoqu)
SRV - [2015/07/22 18:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/03/31 10:58:48 | 000,177,624 | ---- | M] (Essentware) [Auto | Running] -- C:\Program Files\Essentware\Common\AccountService.exe -- (AccountService)
SRV - [2014/04/20 14:32:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/12/19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/06/01 05:36:46 | 000,310,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV - [2010/11/20 22:29:25 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 22:29:25 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 22:29:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/09/14 05:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04)
SRV - [2009/09/14 05:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:36 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2009/07/14 02:14:48 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSVC)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ACER\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - [2015/12/29 13:18:10 | 000,124,992 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2015/11/05 10:48:20 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2013/07/18 06:54:29 | 000,110,280 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2013/07/17 22:43:40 | 000,016,880 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2013/03/05 20:49:30 | 000,527,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStorA.sys -- (iaStorA)
DRV - [2013/03/05 20:49:28 | 000,026,096 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStorF.sys -- (iaStorF)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2007/10/01 11:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp&ts=1426262928&from=cvs&uid=HitachiXHTS545032B9A300_101009PBP304D6DSANXMX
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1426262898&from=cvs&uid=HitachiXHTS545032B9A300_101009PBP304D6DSANXMX&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1426262898&from=cvs&uid=HitachiXHTS545032B9A300_101009PBP304D6DSANXMX&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130858672722235748&GUID=00000000-0000-0000-0000-000000000000
IE - HKLM\..\SearchScopes,DefaultScope = {ielnksrch}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?type=ds&ts=1426262898&from=cvs&uid=HitachiXHTS545032B9A300_101009PBP304D6DSANXMX&q={searchTerms}
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-search.net/search?sid=492&aid=246&itype=n&ver=13467&tm=463&src=ds&p={searchTerms}
IE - HKLM\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm127^YYA^dz&si=GDND2DINDZ&ptb=EFF8C54A-F695-49FD-B9CB-A95695D26292&ind=2014081604&n=780c7244&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=1742&r=2014/05/01&hid=11725606325951362755&lg=EN&cc=DZ&unqvl=51
IE - HKLM\..\SearchScopes\ielnksrch: "URL" = http://www.bing.com/search?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.eshield.com/general/newhometab.php?hometab=home&partner=11433&guid={BD32AB6E-A957-4FB4-B5FC-FDE8D0C6FC1F}&i=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=dspp&ts=1426262928&from=cvs&uid=HitachiXHTS545032B9A300_101009PBP304D6DSANXMX&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://go.microsoft.com/fwlink/?LinkId=69157 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_bNyyAFL3UrQ-ShHbcCtYqIBx4K7d84RBgt8kfL5BsRtijEa4fejNnhqntN6o3C86wVnwhOly2jxqCJwUf1Hn9YsSxdTHUrW9Yx0P4BPJU98b5LMeN6o73GSxz6_jNEUbQy71NjlrLZBv6pvi5Iit5sw95FuBSQTyncg_sS7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms}
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = ielnksrch
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AVND_frDZ588
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
IE - HKCU\..\SearchScopes\{ielnksrch}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\ielnksrch: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.71.2: C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2: C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\ACER\AppData\Roaming\IDM\idmmzcc5 [2015/12/29 00:41:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016/01/27 13:26:40 | 000,030,342 | ---- | M] ()

[2015/10/23 21:03:24 | 000,002,938 | ---- | M] () -- \searchplugins\bing-lavasoft.xml

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00011268-E188-40DF-A514-835FCD78B1BF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [CS Dispatch] C:\Users\ACER\AppData\Roaming\OTi\UltraLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\UltraLink.exe ()
O4 - HKCU..\Run: [EPSON SX125 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON SX125 Series (Copie 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_1C7242A8A5679ED8E174E95F5587BDE3] C:\Program Files\MyBrowser\MyBrowser\Application\mybrowser.exe (MyBrowser)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\RunOnce: [Application Restart #0] C:\Program Files\Google\Chrome\Application\chrome.exe --keep-alive-for-test --silent-launch --disable-breakpad --force-fieldtrials --load-component-extension="C:\Users\ACER\AppData\Local\Pool Comp\Component" --flag-switches-begin --flag-switches-end --restore-last-session File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\LavasoftTcpService.dll (Lavasoft Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: amazon.com ([]https in Sites de confiance)
O15 - HKCU\..Trusted Domains: localhost ([]* in Sites de confiance)
O15 - HKCU\..Trusted Domains: webcompanion.com ([]http in Sites de confiance)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} https://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A16C853-E9DA-418C-A410-97DD0930839F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B31751B-3ACA-4AA8-BD9D-9FFDA8BCF1DB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B31751B-3ACA-4AA8-BD9D-9FFDA8BCF1DB}: NameServer = 199.203.131.152,82.163.143.182
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\settings manager\smdmf\x64\sysapcrt.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} -
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} -
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} -
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} -
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} -
ActiveX: {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} -
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} -
ActiveX: {7D715857-A67C-4C2F-A929-038448584D63} -
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} -
ActiveX: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\system32\Rundll32.exe" "C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} -
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} -

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/02/03 20:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2016/02/03 20:24:27 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Roaming\Sun
[2016/02/03 20:24:26 | 000,000,000 | ---D | C] -- C:\Users\ACER\.oracle_jre_usage
[2016/02/03 16:24:40 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Roaming\Mozilla
[2016/02/01 21:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2016/02/01 21:22:40 | 000,095,840 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016/02/01 21:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2016/02/01 21:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2016/02/01 21:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2016/02/01 16:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\Essentware
[2016/02/01 16:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Essentware
[2016/01/29 19:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2016/01/29 19:52:18 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2016/01/25 16:48:53 | 000,000,000 | ---D | C] -- C:\Users\ACER\Desktop\externat medecine
[2016/01/23 16:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2016/01/23 16:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\RCP
[2016/01/13 10:11:05 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016/01/13 10:11:05 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016/01/13 10:11:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016/01/13 10:11:05 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016/01/13 10:11:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016/01/13 10:11:04 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016/01/13 10:11:02 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016/01/13 10:11:02 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016/01/13 10:11:02 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016/01/13 10:11:02 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016/01/13 10:11:02 | 000,341,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016/01/13 10:11:02 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016/01/13 10:11:02 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016/01/13 10:11:01 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016/01/13 10:11:00 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016/01/13 10:11:00 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016/01/13 10:11:00 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016/01/13 10:10:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016/01/13 10:10:58 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016/01/13 10:10:58 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016/01/13 10:10:56 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016/01/13 10:10:55 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016/01/13 10:10:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016/01/13 10:10:52 | 004,610,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016/01/13 10:07:56 | 001,230,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016/01/13 10:07:56 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2016/01/13 10:07:56 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2016/01/13 10:07:56 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2016/01/13 10:07:56 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2016/01/13 10:07:56 | 000,022,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016/01/13 10:07:40 | 003,993,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016/01/13 10:07:40 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016/01/13 10:07:40 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016/01/13 10:07:38 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016/01/13 10:07:38 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016/01/13 10:07:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016/01/13 10:07:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016/01/13 10:07:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016/01/13 10:07:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016/01/13 10:07:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016/01/13 10:07:37 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016/01/13 10:07:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016/01/13 10:07:30 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016/01/13 10:07:30 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016/01/13 10:07:30 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2016/01/13 10:07:28 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2016/01/13 10:07:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2016/01/13 10:07:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2016/01/13 10:07:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fixmapi.exe
[2016/01/13 10:07:22 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2016/01/13 10:07:22 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2adec.dll
[2016/01/13 10:07:22 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2016/01/13 10:07:21 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2016/01/13 10:07:21 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2016/01/13 10:07:20 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2016/01/13 10:07:20 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2016/01/13 10:07:20 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2016/01/13 10:07:20 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2016/01/13 10:07:20 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2016/01/13 10:07:20 | 000,728,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2016/01/13 10:07:20 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2016/01/13 10:07:20 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2016/01/13 10:07:20 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2016/01/13 10:07:20 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2016/01/13 10:07:20 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2016/01/13 10:07:20 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2016/01/13 10:07:20 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2016/01/13 10:07:20 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2016/01/13 10:07:20 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2016/01/13 10:07:20 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2016/01/13 10:07:20 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2016/01/13 10:07:19 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2016/01/13 10:07:19 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2016/01/13 10:07:19 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2016/01/13 10:07:19 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2016/01/13 10:07:19 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2016/01/13 10:07:19 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2016/01/13 10:07:19 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2016/01/13 10:07:19 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2016/01/13 10:07:19 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2016/01/13 10:07:19 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2016/01/13 10:07:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2016/01/13 10:07:19 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2016/01/13 10:07:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2016/01/13 10:07:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2016/01/13 10:07:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2016/01/13 10:07:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
[2016/01/13 10:07:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2016/01/12 21:03:58 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Local\ElevatedDiagnostics
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/02/05 19:17:00 | 000,003,124 | ---- | M] () -- C:\Windows\tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-1-6.job
[2016/02/05 19:16:00 | 000,005,504 | ---- | M] () -- C:\Windows\tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-6.job
[2016/02/05 18:39:00 | 000,005,504 | ---- | M] () -- C:\Windows\tasks\efba7dd2-bf83-415d-83c6-4595239075a3-6.job
[2016/02/05 18:39:00 | 000,003,124 | ---- | M] () -- C:\Windows\tasks\efba7dd2-bf83-415d-83c6-4595239075a3-1-6.job
[2016/02/05 18:36:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/02/05 18:17:07 | 000,002,432 | ---- | M] () -- C:\Windows\tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-5_user.job
[2016/02/05 18:17:07 | 000,002,432 | ---- | M] () -- C:\Windows\tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-5.job
[2016/02/05 18:17:01 | 000,003,460 | ---- | M] () -- C:\Windows\tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-1-7.job
[2016/02/05 18:16:03 | 000,004,480 | ---- | M] () -- C:\Windows\tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-3.job
[2016/02/05 18:16:01 | 000,005,504 | ---- | M] () -- C:\Windows\tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-7.job
[2016/02/05 18:09:49 | 000,021,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/02/05 18:09:49 | 000,021,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/02/05 18:04:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/02/05 16:14:42 | 000,800,870 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2016/02/05 16:14:42 | 000,699,528 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016/02/05 16:14:42 | 000,169,070 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2016/02/05 16:14:42 | 000,136,594 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016/02/05 16:12:57 | 000,004,480 | ---- | M] () -- C:\Windows\tasks\efba7dd2-bf83-415d-83c6-4595239075a3-3.job
[2016/02/05 16:12:52 | 000,005,504 | ---- | M] () -- C:\Windows\tasks\efba7dd2-bf83-415d-83c6-4595239075a3-7.job
[2016/02/05 16:12:44 | 000,002,432 | ---- | M] () -- C:\Windows\tasks\efba7dd2-bf83-415d-83c6-4595239075a3-5_user.job
[2016/02/05 16:12:34 | 000,002,432 | ---- | M] () -- C:\Windows\tasks\efba7dd2-bf83-415d-83c6-4595239075a3-5.job
[2016/02/05 16:12:31 | 000,003,460 | ---- | M] () -- C:\Windows\tasks\efba7dd2-bf83-415d-83c6-4595239075a3-1-7.job
[2016/02/05 16:12:23 | 000,000,435 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2016/02/05 16:12:20 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\MyBrowser.job
[2016/02/05 16:12:20 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2016/02/05 16:12:20 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2016/02/05 16:11:39 | 2360,848,384 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/05 15:44:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2016/02/05 15:33:12 | 000,000,244 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2016/02/04 21:31:20 | 409,058,907 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2016/02/04 16:19:30 | 000,001,417 | ---- | M] () -- C:\Users\ACER\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/02/03 20:23:52 | 000,095,840 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016/02/03 17:01:58 | 000,016,888 | ---- | M] () -- C:\Users\ACER\Desktop\imagesJ7FP8X2J.jpg
[2016/02/03 16:40:15 | 000,000,252 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2016/02/03 16:24:30 | 000,002,389 | ---- | M] () -- C:\Windows\System32\findit.xml
[2016/02/01 16:33:06 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat
[2016/01/26 17:48:45 | 000,040,201 | ---- | M] () -- C:\Users\ACER\Desktop\images[1].jpg
[2016/01/25 19:01:42 | 002,421,060 | ---- | M] () -- C:\Users\ACER\Desktop\img026.jpg
[2016/01/24 21:18:19 | 000,037,313 | ---- | M] () -- C:\Windows\System32\ScanResults.xml
[2016/01/24 21:12:59 | 000,000,464 | ---- | M] () -- C:\Windows\System32\ScannerSettings
[2016/01/23 16:39:49 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2016/01/20 19:38:54 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016/01/20 19:38:54 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2016/01/20 19:38:49 | 003,886,784 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2016/01/13 18:35:44 | 000,413,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016/01/12 18:59:48 | 024,396,353 | ---- | M] () -- C:\Users\ACER\Desktop\Desktop.rar
[2016/01/12 17:21:08 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/02/03 17:03:25 | 000,016,888 | ---- | C] () -- C:\Users\ACER\Desktop\imagesJ7FP8X2J.jpg
[2016/02/03 16:24:30 | 000,002,389 | ---- | C] () -- C:\Windows\System32\findit.xml
[2016/02/01 16:33:06 | 000,003,352 | ---- | C] () -- C:\bootsqm.dat
[2016/02/01 07:30:24 | 409,058,907 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2016/01/23 16:40:01 | 000,000,244 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2016/01/23 16:40:00 | 000,000,252 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2016/01/23 16:39:49 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2016/01/13 07:53:03 | 002,421,060 | ---- | C] () -- C:\Users\ACER\Desktop\img026.jpg
[2016/01/12 18:59:41 | 024,396,353 | ---- | C] () -- C:\Users\ACER\Desktop\Desktop.rar
[2016/01/12 17:21:08 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2015/12/01 17:14:33 | 000,017,840 | ---- | C] () -- C:\Windows\System32\roboot.exe
[2015/11/15 07:17:53 | 000,000,148 | ---- | C] () -- C:\Windows\Reimage.ini
[2015/11/13 09:09:35 | 000,000,017 | ---- | C] () -- C:\Windows\System32\history.dat
[2015/11/07 12:14:12 | 000,413,328 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/10/15 09:09:29 | 000,000,074 | ---- | C] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015/09/26 10:39:15 | 000,002,920 | ---- | C] () -- C:\Windows\System32\LavasoftTcpServiceOff.ini
[2015/04/19 13:20:16 | 000,000,626 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\X5QTn2W
[2015/04/19 13:20:16 | 000,000,626 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\Vcf5k23oswMC0NHvSgZXPF
[2015/04/19 13:20:16 | 000,000,626 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\7EvZbAXFcuZYx5Z7y
[2015/02/23 17:26:14 | 000,173,292 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2015/02/23 17:26:14 | 000,001,496 | ---- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat
[2015/02/23 17:26:14 | 000,001,016 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2015/02/23 17:26:14 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2015/02/23 17:26:14 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2015/02/23 17:26:14 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2015/02/23 17:26:14 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2014/09/23 16:00:40 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/08/24 15:17:21 | 001,708,032 | ---- | C] () -- C:\Users\ACER\game.dll
[2014/07/26 17:29:46 | 000,000,310 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\burnaware.ini
[2014/04/16 15:58:02 | 000,271,264 | ---- | C] () -- C:\Windows\System32\vbrun100.dll
[2014/04/16 15:58:02 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll
[2014/04/16 15:56:42 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2014/04/16 15:56:40 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2014/04/16 15:56:18 | 000,000,245 | ---- | C] () -- C:\Windows\PidList.ini
[2014/04/16 15:25:45 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/04/16 15:25:10 | 005,681,192 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2014/04/16 15:25:10 | 000,681,905 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2014/04/16 15:24:59 | 000,502,584 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2014/04/16 15:24:59 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2014/02/19 12:30:48 | 000,000,002 | ---- | C] () -- C:\Windows\System32\DBDWORK.INI
[2013/02/07 13:22:00 | 000,050,330 | ---- | C] () -- C:\Program Files\AntiDust.exe

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/10 18:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\3rd Eye Solutions]

[HKEY_CURRENT_USER\Software\7-Zip]

[HKEY_CURRENT_USER\Software\Acclaim]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\ArcSoft]

[HKEY_CURRENT_USER\Software\ArenaHD]

[HKEY_CURRENT_USER\Software\Bitberry]

[HKEY_CURRENT_USER\Software\Bitberry Software]

[HKEY_CURRENT_USER\Software\Cadsoft]

[HKEY_CURRENT_USER\Software\Chromium]

[HKEY_CURRENT_USER\Software\Cineform]

[HKEY_CURRENT_USER\Software\CinemaPlus-3.2cV15.10-nv-ie]

[HKEY_CURRENT_USER\Software\CinemaPlus-3.2cV23.10]

[HKEY_CURRENT_USER\Software\CinemaPlus-3.2cV23.10-nv]

[HKEY_CURRENT_USER\Software\CinemaPlus-3.2cV23.10-nv-ie]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\Clubic]

[HKEY_CURRENT_USER\Software\Crossbrowse]

[HKEY_CURRENT_USER\Software\Digital Illusions]

[HKEY_CURRENT_USER\Software\Distromatic]

[HKEY_CURRENT_USER\Software\DownloadManager]

[HKEY_CURRENT_USER\Software\Dropbox]

[HKEY_CURRENT_USER\Software\DropboxUpdate]

[HKEY_CURRENT_USER\Software\drpsu]

[HKEY_CURRENT_USER\Software\EPSON]

[HKEY_CURRENT_USER\Software\Fenomen Games]

[HKEY_CURRENT_USER\Software\File.org]

[HKEY_CURRENT_USER\Software\FileTypeAssistant]

[HKEY_CURRENT_USER\Software\Foxit Software]

[HKEY_CURRENT_USER\Software\globalUpdate]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\HighDefAction]

[HKEY_CURRENT_USER\Software\ICSW]

[HKEY_CURRENT_USER\Software\iLivid]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\InstallCore]

[HKEY_CURRENT_USER\Software\InstalledBrowserExtensions]

[HKEY_CURRENT_USER\Software\InstallPath]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\JavaSoft]

[HKEY_CURRENT_USER\Software\Licenses]

[HKEY_CURRENT_USER\Software\LinkEngine]

[HKEY_CURRENT_USER\Software\Linkey]

[HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\malavida]

[HKEY_CURRENT_USER\Software\MatchWare]

[HKEY_CURRENT_USER\Software\MediaChance]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\MiniGet]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\MPC-BE]

[HKEY_CURRENT_USER\Software\MyBrowser]

[HKEY_CURRENT_USER\Software\MyBrowser 1.0.2V01.11]

[HKEY_CURRENT_USER\Software\MyBrowser 1.0.2V01.11-nv]

[HKEY_CURRENT_USER\Software\MyBrowser 1.0.2V01.11-nv-ie]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\Northcode Inc]

[HKEY_CURRENT_USER\Software\OB]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\Opera Software]

[HKEY_CURRENT_USER\Software\Optimizer Pro]

[HKEY_CURRENT_USER\Software\OTi]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\ProductSetup]

[HKEY_CURRENT_USER\Software\QtProject]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\Reg]

[HKEY_CURRENT_USER\Software\RegisteredApplications]

[HKEY_CURRENT_USER\Software\RegisteredApplicationsEx]

[HKEY_CURRENT_USER\Software\Reimage]

[HKEY_CURRENT_USER\Software\reimagerepair]

[HKEY_CURRENT_USER\Software\Revenger inc.]

[HKEY_CURRENT_USER\Software\Rtp]

[HKEY_CURRENT_USER\Software\SamLab.ws]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\Softonic]

[HKEY_CURRENT_USER\Software\StellarStone]

[HKEY_CURRENT_USER\Software\Super Optimizer]

[HKEY_CURRENT_USER\Software\systweak]

[HKEY_CURRENT_USER\Software\TNT2]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\Unity]

[HKEY_CURRENT_USER\Software\Ut Video Codec Suite]

[HKEY_CURRENT_USER\Software\ValuSoft]

[HKEY_CURRENT_USER\Software\wincy]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\YorkNewCin]

[HKEY_CURRENT_USER\Software\Zyrax Software]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\3de63afe-ab19-4ae7-b115-55811384475e]

[HKEY_LOCAL_MACHINE\Software\5da059a482fd494db3f252126fbc3d5b]

[HKEY_LOCAL_MACHINE\Software\ad9b6789-9f2c-6998-5b70-43a88d523c1c]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AMD]

[HKEY_LOCAL_MACHINE\Software\AppDataLow]

[HKEY_LOCAL_MACHINE\Software\ArcSoft]

[HKEY_LOCAL_MACHINE\Software\ArenaHD]

[HKEY_LOCAL_MACHINE\Software\ATI Technologies]

[HKEY_LOCAL_MACHINE\Software\Attention To Detail]

[HKEY_LOCAL_MACHINE\Software\BrowserChoice]

[HKEY_LOCAL_MACHINE\Software\Bugbear]

[HKEY_LOCAL_MACHINE\Software\c10a40f2-66f4-4cb7-95c8-12955cfb528e]

[HKEY_LOCAL_MACHINE\Software\CBSTEST]

[HKEY_LOCAL_MACHINE\Software\CinemaPlus-3.2cV16.10]

[HKEY_LOCAL_MACHINE\Software\CinemaPlus-3.2cV17.05]

[HKEY_LOCAL_MACHINE\Software\CinemaPlus-3.2cV23.10]

[HKEY_LOCAL_MACHINE\Software\CinemaPlus-3.2cV23.10-nv]

[HKEY_LOCAL_MACHINE\Software\CinemaPlus-3.2cV23.10-nv-ie]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\ClearThink]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Conexant]

[HKEY_LOCAL_MACHINE\Software\Crossbrowse]

[HKEY_LOCAL_MACHINE\Software\Dolby]

[HKEY_LOCAL_MACHINE\Software\Dropbox]

[HKEY_LOCAL_MACHINE\Software\DropboxUpdate]

[HKEY_LOCAL_MACHINE\Software\DTS]

[HKEY_LOCAL_MACHINE\Software\Empire Interactive]

[HKEY_LOCAL_MACHINE\Software\EPSON]

[HKEY_LOCAL_MACHINE\Software\Essentware]

[HKEY_LOCAL_MACHINE\Software\Foxit Software]

[HKEY_LOCAL_MACHINE\Software\GlobalUpdate]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\HighDefAction]

[HKEY_LOCAL_MACHINE\Software\IHProtect]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\InstalledBrowserExtensions]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\Internet Download Manager]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\JreMetrics]

[HKEY_LOCAL_MACHINE\Software\KasperskyLab]

[HKEY_LOCAL_MACHINE\Software\Knowles]

[HKEY_LOCAL_MACHINE\Software\Lavasoft]

[HKEY_LOCAL_MACHINE\Software\LKSoft]

[HKEY_LOCAL_MACHINE\Software\Luxwood]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\MediaCoder]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\mtLightzap]

[HKEY_LOCAL_MACHINE\Software\MyBrowser]

[HKEY_LOCAL_MACHINE\Software\MyBrowser 1.0.2V01.11]

[HKEY_LOCAL_MACHINE\Software\MyBrowser 1.0.2V01.11-nv]

[HKEY_LOCAL_MACHINE\Software\MyBrowser 1.0.2V01.11-nv-ie]

[HKEY_LOCAL_MACHINE\Software\MyBrowser 1.0.2V15.10]

[HKEY_LOCAL_MACHINE\Software\mystartsearchSoftware]

[HKEY_LOCAL_MACHINE\Software\Nikon]

[HKEY_LOCAL_MACHINE\Software\Nuance]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Opera Software]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\Reg]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[HKEY_LOCAL_MACHINE\Software\Reimage]

[HKEY_LOCAL_MACHINE\Software\Rockstar Games]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\SmdmF]

[HKEY_LOCAL_MACHINE\Software\Sonic]

[HKEY_LOCAL_MACHINE\Software\SonicFocus]

[HKEY_LOCAL_MACHINE\Software\SONIX]

[HKEY_LOCAL_MACHINE\Software\SRS Labs]

[HKEY_LOCAL_MACHINE\Software\SupDp]

[HKEY_LOCAL_MACHINE\Software\supTab]

[HKEY_LOCAL_MACHINE\Software\supWindowsMangerProtect]

[HKEY_LOCAL_MACHINE\Software\Symantec]

[HKEY_LOCAL_MACHINE\Software\Systweak]

[HKEY_LOCAL_MACHINE\Software\ValuSoft]

[HKEY_LOCAL_MACHINE\Software\VideoLAN]

[HKEY_LOCAL_MACHINE\Software\Vittalia]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\Waves Audio]

[HKEY_LOCAL_MACHINE\Software\WdsManPro]

[HKEY_LOCAL_MACHINE\Software\WinRAR]

[HKEY_LOCAL_MACHINE\Software\WOW6432Node]

[HKEY_LOCAL_MACHINE\Software\YorkNewCin]

[HKEY_LOCAL_MACHINE\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}]

[HKEY_LOCAL_MACHINE\Software\{12A61307-94CD-4F8E-94BC-918E511FAA81}]

[HKEY_LOCAL_MACHINE\Software\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}]

[HKEY_LOCAL_MACHINE\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}]

[HKEY_LOCAL_MACHINE\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}]

[HKEY_LOCAL_MACHINE\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}]

[HKEY_LOCAL_MACHINE\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}]

[HKEY_LOCAL_MACHINE\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}]

[color=#A23BEC]< HKCU\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< %Homedrive%\* >[/color]
[2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2014/05/01 14:43:42 | 000,000,115 | ---- | M] () -- C:\background.js
[2016/02/01 16:33:06 | 000,003,352 | ---- | M] () -- C:\bootsqm.dat
[2014/05/01 14:43:34 | 000,003,066 | ---- | M] () -- C:\Chrome.reg
[2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2014/05/01 14:43:34 | 000,000,035 | ---- | M] () -- C:\Description.txt
[2015/02/23 12:40:49 | 000,000,009 | ---- | M] () -- C:\END
[2016/02/05 16:11:39 | 2360,848,384 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/01 14:43:47 | 000,047,216 | ---- | M] () -- C:\icon.png
[2014/05/01 14:43:41 | 000,094,019 | ---- | M] () -- C:\jquery.min.js
[2014/05/01 14:43:42 | 000,000,376 | ---- | M] () -- C:\manifest.json
[2016/02/05 16:11:41 | 3147,800,576 | -HS- | M] () -- C:\pagefile.sys
[2014/05/01 14:43:34 | 000,003,153 | ---- | M] () -- C:\Preferences
[2015/10/23 21:03:24 | 000,000,395 | ---- | M] () -- C:\prefs.js
[2015/10/16 21:06:49 | 000,001,480 | ---- | M] () -- C:\task.vbs

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2015/11/17 07:34:31 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2015/08/07 14:50:10 | 000,000,000 | -H-D | M] -- C:\$Windows.~BT
[2015/05/28 08:04:58 | 000,000,000 | ---D | M] -- C:\DCM
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2014/05/01 14:43:47 | 000,000,000 | ---D | M] -- C:\Extensions
[2015/02/14 11:13:57 | 000,000,000 | ---D | M] -- C:\inetpub
[2014/04/16 15:56:03 | 000,000,000 | ---D | M] -- C:\Intel
[2015/10/24 14:12:13 | 000,000,000 | ---D | M] -- C:\Mes documents
[2015/05/28 21:01:20 | 000,000,000 | ---D | M] -- C:\MiniDownload
[2014/04/16 16:13:18 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009/07/14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2016/02/04 21:14:33 | 000,000,000 | ---D | M] -- C:\Program Files
[2016/02/05 09:15:12 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014/04/16 08:39:16 | 000,000,000 | -HSD | M] -- C:\Recovery
[2015/10/23 21:03:24 | 000,000,000 | ---D | M] -- C:\searchplugins
[2016/02/05 19:28:24 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2015/04/13 18:05:27 | 000,000,000 | ---D | M] -- C:\Users
[2016/02/04 21:36:57 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %Userprofile%\* >[/color]
[2004/09/03 21:34:22 | 001,708,032 | ---- | M] () -- C:\Users\ACER\game.dll
[2016/02/05 19:32:52 | 017,825,792 | -HS- | M] () -- C:\Users\ACER\ntuser.dat
[2016/02/05 19:32:52 | 000,262,144 | -HS- | M] () -- C:\Users\ACER\ntuser.dat.LOG1
[2015/06/25 23:38:34 | 000,262,144 | -HS- | M] () -- C:\Users\ACER\ntuser.dat.LOG2
[2015/02/22 23:25:15 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{0c4f83a2-badf-11e4-a7dc-1c75082074a7}.TM.blf
[2015/02/22 23:25:15 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{0c4f83a2-badf-11e4-a7dc-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2015/02/22 23:25:15 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{0c4f83a2-badf-11e4-a7dc-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/08/26 15:51:03 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{303ece53-2d19-11e4-99b7-1c75082074a7}.TM.blf
[2014/08/26 15:51:03 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{303ece53-2d19-11e4-99b7-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2014/08/26 15:51:03 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{303ece53-2d19-11e4-99b7-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/09/01 22:37:35 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{321c3730-3211-11e4-8410-1c75082074a7}.TM.blf
[2014/09/01 22:37:35 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{321c3730-3211-11e4-8410-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2014/09/01 22:37:35 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{321c3730-3211-11e4-8410-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2016/01/12 21:49:24 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{34d7f6f3-b953-11e5-9928-1c75082074a7}.TM.blf
[2016/01/12 21:49:24 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{34d7f6f3-b953-11e5-9928-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2016/01/12 21:49:24 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{34d7f6f3-b953-11e5-9928-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2016/01/31 20:35:59 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{5b5a9cdd-c850-11e5-be80-e826addf2a7f}.TM.blf
[2016/01/31 20:35:59 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{5b5a9cdd-c850-11e5-be80-e826addf2a7f}.TMContainer00000000000000000001.regtrans-ms
[2016/01/31 20:35:59 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{5b5a9cdd-c850-11e5-be80-e826addf2a7f}.TMContainer00000000000000000002.regtrans-ms
[2016/01/31 21:01:16 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{5b5a9d04-c850-11e5-be80-e826addf2a7f}.TM.blf
[2016/01/31 21:01:16 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{5b5a9d04-c850-11e5-be80-e826addf2a7f}.TMContainer00000000000000000001.regtrans-ms
[2016/01/31 21:01:16 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{5b5a9d04-c850-11e5-be80-e826addf2a7f}.TMContainer00000000000000000002.regtrans-ms
[2016/01/31 19:01:41 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{6538baac-c844-11e5-8a96-1c75082074a7}.TM.blf
[2016/01/31 19:01:41 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{6538baac-c844-11e5-8a96-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2016/01/31 19:01:41 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{6538baac-c844-11e5-8a96-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/04/16 16:07:27 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2014/04/16 16:07:27 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2014/04/16 16:07:27 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2015/10/23 18:03:36 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{70bccc98-7963-11e5-88c6-1c75082074a7}.TM.blf
[2015/10/23 18:03:36 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{70bccc98-7963-11e5-88c6-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2015/10/23 18:03:36 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{70bccc98-7963-11e5-88c6-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/07/01 22:01:34 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{7dee50b3-0149-11e4-935b-1c75082074a7}.TM.blf
[2014/07/01 22:01:34 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{7dee50b3-0149-11e4-935b-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2014/07/01 22:01:34 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{7dee50b3-0149-11e4-935b-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/09/01 22:54:12 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{8c23f8cf-321f-11e4-bc93-1c75082074a7}.TM.blf
[2014/09/01 22:54:12 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{8c23f8cf-321f-11e4-bc93-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2014/09/01 22:54:12 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{8c23f8cf-321f-11e4-bc93-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2015/10/28 19:52:12 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{8e893486-7d94-11e5-8b69-1c75082074a7}.TM.blf
[2015/10/28 19:52:12 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{8e893486-7d94-11e5-8b69-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2015/10/28 19:52:12 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{8e893486-7d94-11e5-8b69-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2015/09/26 12:24:24 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{a52baa7a-bae0-11e4-8daf-1c75082074a7}.TM.blf
[2015/09/26 12:24:24 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{a52baa7a-bae0-11e4-8daf-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2015/02/22 23:31:18 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{a52baa7a-bae0-11e4-8daf-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/08/03 18:58:26 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{c9463822-1b2b-11e4-a2c4-1c75082074a7}.TM.blf
[2014/08/03 18:58:26 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{c9463822-1b2b-11e4-a2c4-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2014/08/03 18:58:26 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{c9463822-1b2b-11e4-a2c4-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2015/02/22 23:13:45 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{ca674df9-bad1-11e4-863b-1c75082074a7}.TM.blf
[2015/02/22 23:13:45 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{ca674df9-bad1-11e4-863b-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2015/02/22 23:13:45 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{ca674df9-bad1-11e4-863b-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2016/01/31 18:49:26 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{df611b6a-c842-11e5-a21c-1c75082074a7}.TM.blf
[2016/01/31 18:49:26 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{df611b6a-c842-11e5-a21c-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2016/01/31 18:49:26 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{df611b6a-c842-11e5-a21c-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2015/02/21 09:43:41 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{e49f0ff1-b99b-11e4-bad4-1c75082074a7}.TM.blf
[2015/02/21 09:43:41 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{e49f0ff1-b99b-11e4-bad4-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2015/02/21 09:43:41 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{e49f0ff1-b99b-11e4-bad4-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2016/01/31 19:15:38 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{ec3f2579-c845-11e5-8ac3-1c75082074a7}.TM.blf
[2016/01/31 19:15:38 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{ec3f2579-c845-11e5-8ac3-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2016/01/31 19:15:38 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{ec3f2579-c845-11e5-8ac3-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/09/02 11:15:01 | 000,065,536 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{f82faf6b-326d-11e4-b81d-1c75082074a7}.TM.blf
[2014/09/02 11:15:01 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{f82faf6b-326d-11e4-b81d-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2014/09/02 11:15:01 | 000,524,288 | -HS- | M] () -- C:\Users\ACER\ntuser.dat{f82faf6b-326d-11e4-b81d-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2014/04/16 08:39:24 | 000,000,020 | -HS- | M] () -- C:\Users\ACER\ntuser.ini

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2016/02/03 20:24:26 | 000,000,000 | ---D | M] -- C:\Users\ACER\.oracle_jre_usage
[2014/04/16 08:39:24 | 000,000,000 | -H-D | M] -- C:\Users\ACER\AppData
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Application Data
[2015/08/12 21:36:18 | 000,000,000 | R--D | M] -- C:\Users\ACER\Contacts
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Cookies
[2016/02/04 21:36:14 | 000,000,000 | R--D | M] -- C:\Users\ACER\Desktop
[2016/02/01 07:47:28 | 000,000,000 | R--D | M] -- C:\Users\ACER\Documents
[2016/02/03 16:27:57 | 000,000,000 | R--D | M] -- C:\Users\ACER\Downloads
[2015/08/19 19:09:41 | 000,000,000 | R--D | M] -- C:\Users\ACER\Dropbox
[2015/08/12 21:36:18 | 000,000,000 | R--D | M] -- C:\Users\ACER\Favorites
[2015/11/08 20:40:03 | 000,000,000 | R--D | M] -- C:\Users\ACER\Links
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Local Settings
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Menu Démarrer
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Mes documents
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Modèles
[2016/02/01 07:47:36 | 000,000,000 | R--D | M] -- C:\Users\ACER\Music
[2016/02/03 18:48:19 | 000,000,000 | R--D | M] -- C:\Users\ACER\Pictures
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Recent
[2015/08/12 21:36:19 | 000,000,000 | R--D | M] -- C:\Users\ACER\Saved Games
[2015/08/12 21:36:18 | 000,000,000 | R--D | M] -- C:\Users\ACER\Searches
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\SendTo
[2015/04/25 08:00:00 | 000,000,000 | ---D | M] -- C:\Users\ACER\Tracing
[2016/02/01 07:47:38 | 000,000,000 | R--D | M] -- C:\Users\ACER\Videos
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Voisinage d'impression
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\Voisinage réseau

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2014/04/16 15:25:45 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2016/01/29 19:52:06 | 000,262,144 | ---- | M] () -- C:\ProgramData\ntuser.dat
[2016/02/04 21:36:28 | 000,005,120 | -HS- | M] () -- C:\ProgramData\ntuser.dat.LOG1
[2016/01/29 19:52:06 | 000,000,000 | -HS- | M] () -- C:\ProgramData\ntuser.dat.LOG2
[2016/01/29 19:52:10 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{ce92e6b8-c6b8-11e5-a3b4-1c75082074a7}.TM.blf
[2016/01/29 19:52:10 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{ce92e6b8-c6b8-11e5-a3b4-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2016/01/29 19:52:10 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{ce92e6b8-c6b8-11e5-a3b4-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2016/01/29 19:54:39 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{ce92e6e7-c6b8-11e5-a3b4-1c75082074a7}.TM.blf
[2016/01/29 19:54:39 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{ce92e6e7-c6b8-11e5-a3b4-1c75082074a7}.TMContainer00000000000000000001.regtrans-ms
[2016/01/29 19:54:39 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{ce92e6e7-c6b8-11e5-a3b4-1c75082074a7}.TMContainer00000000000000000002.regtrans-ms
[2015/04/01 21:02:42 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/12/28 19:17:17 | 000,000,074 | ---- | M] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2015/12/28 08:05:31 | 000,000,000 | ---D | M] -- C:\ProgramData\2WMiniPro2
[2014/05/24 21:18:03 | 000,000,000 | ---D | M] -- C:\ProgramData\47db61efe9e345db
[2015/12/28 08:05:31 | 000,000,000 | ---D | M] -- C:\ProgramData\4WMiniPro4
[2015/09/04 10:56:50 | 000,000,000 | ---D | M] -- C:\ProgramData\5177839879641581019
[2015/11/29 07:30:54 | 000,000,000 | ---D | M] -- C:\ProgramData\5fd2ca9d-b04a-4998-b7e8-2d30ebba8fbe
[2015/12/28 08:05:32 | 000,000,000 | ---D | M] -- C:\ProgramData\8WMiniPro8
[2015/09/04 19:43:08 | 000,000,000 | ---D | M] -- C:\ProgramData\a6a0b9200000484a
[2015/12/13 07:42:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2014/09/10 17:28:07 | 000,000,000 | ---D | M] -- C:\ProgramData\ArcSoft
[2014/05/17 13:32:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Autorun Eater
[2016/01/31 22:01:29 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2015/11/29 07:31:44 | 000,000,000 | ---D | M] -- C:\ProgramData\aWdsManProa
[2014/04/16 08:39:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2016/01/01 19:07:26 | 000,000,000 | ---D | M] -- C:\ProgramData\BWdMB
[2015/12/28 08:08:05 | 000,000,000 | ---D | M] -- C:\ProgramData\BWMiniProB
[2015/11/27 14:33:36 | 000,000,000 | ---D | M] -- C:\ProgramData\cWMiniProc
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2015/08/19 07:58:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Dropbox
[2015/10/24 14:38:21 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON
[2016/02/01 16:40:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Essentware
[2014/04/16 08:39:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2015/07/11 13:45:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Fenomen Games
[2015/12/28 08:08:16 | 000,000,000 | ---D | M] -- C:\ProgramData\gWMiniProg
[2015/12/28 08:08:16 | 000,000,000 | ---D | M] -- C:\ProgramData\HWMiniProH
[2014/05/03 20:25:56 | 000,000,000 | ---D | M] -- C:\ProgramData\IDM
[2015/03/13 17:09:01 | 000,000,000 | ---D | M] -- C:\ProgramData\IHProtectUpDate
[2014/05/01 19:53:39 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallMate
[2015/10/15 09:10:33 | 000,000,000 | ---D | M] -- C:\ProgramData\JWdsManProJ
[2016/02/04 21:36:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Kaspersky Lab
[2015/04/01 19:31:13 | 000,000,000 | ---D | M] -- C:\ProgramData\KONAMI
[2015/09/03 20:55:33 | 000,000,000 | ---D | M] -- C:\ProgramData\LighterGeneration
[2014/04/16 08:39:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2015/10/23 17:28:48 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2016/01/13 18:24:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2014/04/16 08:39:15 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2014/04/16 16:20:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2015/10/23 17:34:15 | 000,000,000 | ---D | M] -- C:\ProgramData\MWdsManProM
[2015/09/03 15:46:05 | 000,000,000 | ---D | M] -- C:\ProgramData\mypdfile
[2014/09/02 08:12:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2014/08/21 10:33:55 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2015/12/28 08:07:45 | 000,000,000 | ---D | M] -- C:\ProgramData\nWMiniPron
[2016/02/03 20:27:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2014/04/16 16:01:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2015/09/03 15:46:05 | 000,000,000 | ---D | M] -- C:\ProgramData\ProcessMonitor
[2015/12/28 08:07:46 | 000,000,000 | ---D | M] -- C:\ProgramData\pWMiniProp
[2015/12/28 08:07:46 | 000,000,000 | ---D | M] -- C:\ProgramData\QWMiniProQ
[2014/08/08 14:26:09 | 000,000,000 | ---D | M] -- C:\ProgramData\saaVE ineett
[2014/08/08 14:26:09 | 000,000,000 | ---D | M] -- C:\ProgramData\saave, neT
[2014/05/03 14:31:50 | 000,000,000 | ---D | M] -- C:\ProgramData\saVe net
[2015/09/03 15:46:05 | 000,000,000 | ---D | M] -- C:\ProgramData\SeekerInstance
[2015/09/29 18:38:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2014/05/03 15:06:57 | 000,000,000 | ---D | M] -- C:\ProgramData\SNT
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2015/09/04 20:07:45 | 000,000,000 | ---D | M] -- C:\ProgramData\StatInit
[2015/04/01 19:30:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Steam
[2016/02/01 21:23:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2015/12/28 08:08:02 | 000,000,000 | ---D | M] -- C:\ProgramData\SWMiniProS
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2016/01/01 10:58:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Tmp0x0x
[2015/12/28 08:08:02 | 000,000,000 | ---D | M] -- C:\ProgramData\tWMiniProt
[2015/12/28 08:08:03 | 000,000,000 | ---D | M] -- C:\ProgramData\WWMiniProW
[2015/12/28 08:08:03 | 000,000,000 | ---D | M] -- C:\ProgramData\yWMiniProy
[2015/12/28 08:08:03 | 000,000,000 | ---D | M] -- C:\ProgramData\ZWMiniProZ
[2016/01/07 06:56:31 | 000,000,000 | ---D | M] -- C:\ProgramData\{1919907f-5873-d4c0-1919-9907f58741fd}

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2015/11/09 19:04:19 | 000,109,688 | ---- | M] () -- C:\Users\ACER\AppData\Local\GDIPFONTCACHEV1.DAT
[2016/02/04 21:39:31 | 001,626,843 | -H-- | M] () -- C:\Users\ACER\AppData\Local\IconCache.db

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2015/11/01 11:38:33 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\13D34BD7-D5DD-4A1E-B0A0-BA22507CF234
[2015/11/01 16:39:02 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\24A32583-68F8-477A-89FA-92FCCB4667B1
[2015/12/13 08:16:45 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Adobe
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Local\Application Data
[2014/08/11 07:16:15 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Apps
[2014/08/21 13:31:25 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\ArcSoft
[2015/10/15 09:02:45 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\B5811EEB-B391-4C46-AE2F-57FAD63AAC
[2015/11/04 21:16:17 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\C207C785-DC33-43D3-96EE-D79B22D33A3E
[2015/10/15 21:40:00 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\C60CADEC-2A27-4B7E-937F-E63F71C4AC2
[2015/12/13 08:16:45 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\CEF
[2015/10/28 17:53:28 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\CEFDBB72-A4E1-46A4-99F-5313C709AB4
[2014/05/01 15:40:51 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Chromatic Browser
[2014/05/01 15:40:50 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Comodo
[2015/10/16 12:14:52 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Crossbrowse
[2015/07/15 18:15:12 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Deployment
[2016/02/05 18:14:46 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Diagnostics
[2015/07/13 15:06:00 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\dido
[2015/09/02 20:04:48 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Dropbox
[2016/01/12 21:03:58 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\ElevatedDiagnostics
[2015/06/22 22:20:02 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Local\EmieBrowserModeList
[2015/06/22 22:20:02 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Local\EmieSiteList
[2015/06/22 22:20:02 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Local\EmieUserList
[2015/11/03 07:16:30 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\FE5BFA0C-7343-4775-85FC-FC8ACA24B541
[2014/11/17 18:40:36 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\FileTypeAssistant
[2014/07/20 00:33:15 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\FinalMediaPlayer
[2015/05/18 23:44:11 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Foxit Reader
[2015/10/15 21:33:12 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\globalUpdate
[2016/02/05 09:18:02 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Google
[2015/06/02 15:07:15 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\GWX
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Local\Historique
[2014/08/16 10:20:52 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\IAC
[2014/09/02 08:09:23 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\MapsGalaxy_39
[2016/01/31 20:39:23 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Microsoft
[2014/04/19 15:50:59 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Microsoft Games
[2015/01/26 21:38:40 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Microsoft Help
[2014/04/17 14:16:59 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Mozilla
[2015/10/16 10:09:53 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\MyBrowser
[2015/02/25 14:56:47 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Opera Software
[2014/11/04 07:04:26 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Pay-By-Ads
[2015/11/06 12:23:13 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Pool Comp
[2015/09/03 16:08:40 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Programs
[2015/07/13 15:05:41 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Setup1226183
[2014/08/21 17:14:57 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Skype
[2016/02/05 19:26:26 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Temp
[2014/04/16 08:39:24 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Local\Temporary Internet Files
[2014/05/01 15:40:51 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Torch
[2015/08/15 18:50:28 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\Unity
[2015/05/28 08:07:50 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Local\VirtualStore

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %programFiles%\* >[/color]
[2013/02/07 13:22:00 | 000,050,330 | ---- | M] () -- C:\Program Files\AntiDust.exe
[2009/07/14 05:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2015/12/28 07:51:38 | 000,000,000 | ---D | M] -- C:\Program Files\62646664-1444852970-6432-3036-1C75082074A7
[2015/11/02 12:32:50 | 000,000,000 | ---D | M] -- C:\Program Files\64d65e73-4333-4978-b632-1738040f2251
[2015/10/23 19:47:50 | 000,000,000 | ---D | M] -- C:\Program Files\68823e93-40b0-4386-9844-36ce005c2205
[2015/10/16 12:27:34 | 000,000,000 | ---D | M] -- C:\Program Files\a611c9d9-fd97-45be-82c1-d0c0d606dee6
[2015/12/13 07:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2014/07/18 11:43:04 | 000,000,000 | ---D | M] -- C:\Program Files\AIMP3
[2015/05/31 19:56:06 | 000,000,000 | ---D | M] -- C:\Program Files\Air Globe
[2015/11/02 12:32:50 | 000,000,000 | ---D | M] -- C:\Program Files\be3c4786-834f-4330-88da-6f9473809b1f
[2014/04/16 16:00:10 | 000,000,000 | ---D | M] -- C:\Program Files\BurnAware Free
[2015/10/16 21:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\cd6db29d-2556-428e-b609-55f5935be1a3
[2015/10/16 22:11:43 | 000,000,000 | ---D | M] -- C:\Program Files\CinemaPlus-3.2cV16.10
[2015/11/29 07:28:36 | 000,000,000 | ---D | M] -- C:\Program Files\CinemaPlus-3.2cV17.05
[2015/10/19 08:22:36 | 000,000,000 | ---D | M] -- C:\Program Files\CinemaPlus-3.2cV18.10
[2015/10/23 17:34:15 | 000,000,000 | ---D | M] -- C:\Program Files\CinemaPlus-3.2cV19.10
[2016/01/31 20:40:41 | 000,000,000 | ---D | M] -- C:\Program Files\CinemaPlus-3.2cV23.10
[2016/02/04 16:19:27 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2014/06/05 22:21:46 | 000,000,000 | ---D | M] -- C:\Program Files\DimensionsGeometriques
[2015/11/27 10:08:28 | 000,000,000 | ---D | M] -- C:\Program Files\DNS Unlocker
[2015/09/03 11:42:55 | 000,000,000 | ---D | M] -- C:\Program Files\Dropbox
[2010/11/21 01:39:40 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2015/10/19 08:22:36 | 000,000,000 | ---D | M] -- C:\Program Files\e913a2be-ac60-4874-8b35-08d87e47ce2d
[2015/10/24 14:38:22 | 000,000,000 | ---D | M] -- C:\Program Files\epson
[2016/02/01 16:40:27 | 000,000,000 | ---D | M] -- C:\Program Files\Essentware
[2015/10/15 21:54:48 | 000,000,000 | ---D | M] -- C:\Program Files\f93a7e53-7214-44a0-851e-d40c5c736f39
[2015/10/16 12:26:43 | 000,000,000 | ---D | M] -- C:\Program Files\Feed Notifier
[2014/04/16 08:39:15 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2014/12/17 16:36:16 | 000,000,000 | ---D | M] -- C:\Program Files\Ford Racing 2
[2014/04/16 16:00:01 | 000,000,000 | ---D | M] -- C:\Program Files\Foxit Software
[2014/07/26 17:49:32 | 000,000,000 | ---D | M] -- C:\Program Files\gache
[2015/09/02 20:01:39 | 000,000,000 | ---D | M] -- C:\Program Files\GLISSER DEPOSER
[2015/11/01 11:47:47 | 000,000,000 | ---D | M] -- C:\Program Files\globalUpdate
[2016/02/05 16:11:35 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2015/09/18 21:13:19 | 000,000,000 | ---D | M] -- C:\Program Files\IncrementMonitor
[2015/07/04 17:23:24 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2015/07/14 08:00:53 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2016/01/31 20:40:41 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Download Manager
[2016/01/13 18:33:16 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2016/02/03 20:23:33 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2014/06/05 22:20:42 | 000,000,000 | ---D | M] -- C:\Program Files\Jecris
[2014/06/05 22:21:10 | 000,000,000 | ---D | M] -- C:\Program Files\Jelis
[2016/02/04 21:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\Kaspersky Lab
[2015/10/14 21:23:48 | 000,000,000 | ---D | M] -- C:\Program Files\MiCroCCover
[2015/11/29 07:29:36 | 000,000,000 | ---D | M] -- C:\Program Files\MIcrOCover
[2015/11/29 07:29:36 | 000,000,000 | ---D | M] -- C:\Program Files\MicroeCoveR
[2014/07/26 15:59:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
[2014/04/20 14:46:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2014/08/11 07:22:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2014/07/26 16:05:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014/07/26 16:05:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2014/07/26 16:06:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2014/07/27 14:05:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2015/05/31 19:51:08 | 000,000,000 | ---D | M] -- C:\Program Files\MiniGet
[2014/07/26 16:07:41 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2015/10/16 10:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\MyBrowser
[2016/01/31 20:40:41 | 000,000,000 | ---D | M] -- C:\Program Files\MyBrowser 1.0.2V01.11
[2015/11/09 17:35:32 | 000,000,000 | ---D | M] -- C:\Program Files\MyBrowser 1.0.2V15.10
[2016/01/31 20:41:48 | 000,000,000 | ---D | M] -- C:\Program Files\RCP
[2015/09/04 20:07:51 | 000,000,000 | ---D | M] -- C:\Program Files\ReactorKeeper
[2015/02/22 23:28:30 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/07/14 05:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2014/05/01 15:45:02 | 000,000,000 | ---D | M] -- C:\Program Files\saaVE ineett
[2014/05/01 19:14:04 | 000,000,000 | ---D | M] -- C:\Program Files\saave, neT
[2014/07/18 11:46:12 | 000,000,000 | ---D | M] -- C:\Program Files\SAM CoDeC Pack
[2014/05/01 19:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\saVe net
[2015/10/24 14:39:31 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2015/09/04 17:13:03 | 000,000,000 | ---D | M] -- C:\Program Files\StarCOancueept
[2015/11/29 07:29:27 | 000,000,000 | ---D | M] -- C:\Program Files\StaRConcept
[2015/11/29 07:29:27 | 000,000,000 | ---D | M] -- C:\Program Files\STarConcepta
[2015/07/13 15:03:15 | 000,000,000 | ---D | M] -- C:\Program Files\Table Tennis Pro V2 Lite
[2015/02/23 17:26:56 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2009/07/14 05:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2014/07/27 07:17:08 | 000,000,000 | ---D | M] -- C:\Program Files\Untitled
[2015/04/24 17:29:41 | 000,000,000 | ---D | M] -- C:\Program Files\V8 Challenge
[2015/08/19 08:32:53 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2015/07/13 15:05:40 | 000,000,000 | ---D | M] -- C:\Program Files\Wincy
[2014/04/20 15:45:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2015/11/13 19:52:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/11/21 01:30:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2015/06/22 21:34:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2014/04/16 08:39:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/11/21 01:30:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2010/11/20 22:33:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2010/11/21 01:30:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2015/03/06 14:40:07 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]
[2016/01/30 14:02:32 | 000,571,237 | ---- | M] () -- C:\Windows\Temp\1055.tmp.exe
[2016/02/03 14:06:42 | 000,633,133 | ---- | M] () -- C:\Windows\Temp\187F.tmp.exe
[2016/01/12 21:45:25 | 000,791,032 | ---- | M] () -- C:\Windows\Temp\1CB4.tmp.exe
[2016/01/18 17:15:33 | 000,010,240 | ---- | M] () -- C:\Windows\Temp\1D80.tmp.exe
[2016/01/18 17:15:32 | 000,735,932 | ---- | M] () -- C:\Windows\Temp\203.tmp.exe
[2015/12/20 15:09:41 | 000,064,512 | ---- | M] () -- C:\Windows\Temp\280A.tmp.exe
[2016/02/03 14:06:43 | 000,115,200 | ---- | M] () -- C:\Windows\Temp\2914.tmp.exe
[2015/12/17 16:04:27 | 000,122,880 | ---- | M] () -- C:\Windows\Temp\2A8A.tmp.exe
[2016/02/04 22:22:14 | 000,056,832 | ---- | M] () -- C:\Windows\Temp\30.tmp.exe
[2016/01/16 08:23:02 | 000,812,032 | ---- | M] () -- C:\Windows\Temp\3227.tmp.exe
[2016/01/01 11:20:25 | 000,125,952 | ---- | M] () -- C:\Windows\Temp\3360.tmp.exe
[2015/12/28 19:14:45 | 000,123,392 | ---- | M] () -- C:\Windows\Temp\340C.tmp.exe
[2016/01/30 14:02:34 | 000,122,368 | ---- | M] () -- C:\Windows\Temp\3498.tmp.exe
[2015/12/21 07:40:11 | 000,066,048 | ---- | M] () -- C:\Windows\Temp\3534.tmp.exe
[2016/01/13 07:26:57 | 000,113,664 | ---- | M] () -- C:\Windows\Temp\3F04.tmp.exe
[2016/01/27 16:28:01 | 000,053,248 | ---- | M] () -- C:\Windows\Temp\4BB0.tmp.exe
[2016/01/22 08:51:50 | 000,115,712 | ---- | M] () -- C:\Windows\Temp\51F.tmp.exe
[2015/12/20 08:59:01 | 000,065,024 | ---- | M] () -- C:\Windows\Temp\5522.tmp.exe
[2015/12/19 18:18:07 | 000,062,976 | ---- | M] () -- C:\Windows\Temp\5F.tmp.exe
[2015/11/07 12:44:57 | 000,155,136 | ---- | M] () -- C:\Windows\Temp\6374.tmp.exe
[2016/01/29 18:45:26 | 000,116,736 | ---- | M] () -- C:\Windows\Temp\6529.tmp.exe
[2016/01/31 22:32:21 | 000,056,320 | ---- | M] () -- C:\Windows\Temp\6845.tmp.exe
[2016/01/04 16:19:39 | 000,117,760 | ---- | M] () -- C:\Windows\Temp\6B03.tmp.exe
[2015/11/11 07:37:20 | 000,035,840 | ---- | M] () -- C:\Windows\Temp\81B.tmp.exe
[2016/01/23 12:08:52 | 000,617,312 | ---- | M] () -- C:\Windows\Temp\A4C.tmp.exe
[2016/01/31 21:33:54 | 000,558,169 | ---- | M] () -- C:\Windows\Temp\A7D3.tmp.exe
[2016/01/01 22:14:03 | 000,125,952 | ---- | M] () -- C:\Windows\Temp\ADBE.tmp.exe
[2015/12/19 20:50:00 | 000,058,368 | ---- | M] () -- C:\Windows\Temp\B18.tmp.exe
[2016/01/04 17:44:55 | 000,057,856 | ---- | M] () -- C:\Windows\Temp\BEBD.tmp.exe
[2016/01/29 20:19:27 | 000,556,415 | ---- | M] () -- C:\Windows\Temp\CF9E.tmp.exe
[2016/01/15 14:13:17 | 000,118,784 | ---- | M] () -- C:\Windows\Temp\D2F9.tmp.exe
[2016/02/04 07:51:11 | 000,630,177 | ---- | M] () -- C:\Windows\Temp\D558.tmp.exe
[2016/02/04 15:37:55 | 000,611,191 | ---- | M] () -- C:\Windows\Temp\DEDA.tmp.exe
[2015/12/28 19:14:44 | 001,133,194 | ---- | M] () -- C:\Windows\Temp\E52.tmp.exe
[2016/02/04 07:51:12 | 000,052,224 | ---- | M] () -- C:\Windows\Temp\E705.tmp.exe
[2016/01/26 07:49:40 | 000,715,344 | ---- | M] () -- C:\Windows\Temp\E907.tmp.exe
[2016/02/01 18:34:25 | 000,616,164 | ---- | M] () -- C:\Windows\Temp\E964.tmp.exe
[2016/02/04 22:22:13 | 000,632,552 | ---- | M] () -- C:\Windows\Temp\ED2C.tmp.exe
[2015/11/29 07:08:53 | 000,666,339 | ---- | M] () -- C:\Windows\Temp\ED4B.tmp.exe
[2016/01/12 19:08:26 | 000,728,414 | ---- | M] () -- C:\Windows\Temp\EE44.tmp.exe
[2016/02/04 15:37:57 | 000,051,712 | ---- | M] () -- C:\Windows\Temp\EED2.tmp.exe
[2016/01/29 20:19:29 | 000,123,392 | ---- | M] () -- C:\Windows\Temp\F096.tmp.exe
[2016/01/23 07:34:33 | 000,610,256 | ---- | M] () -- C:\Windows\Temp\F18F.tmp.exe
[2016/01/21 07:46:25 | 000,636,077 | ---- | M] () -- C:\Windows\Temp\F298.tmp.exe
[2016/01/16 14:38:51 | 000,800,934 | ---- | M] () -- C:\Windows\Temp\F315.tmp.exe
[2016/01/20 20:24:36 | 000,652,919 | ---- | M] () -- C:\Windows\Temp\F518.tmp.exe
[2016/01/24 21:39:40 | 000,625,072 | ---- | M] () -- C:\Windows\Temp\F611.tmp.exe
[2016/01/31 21:33:56 | 000,062,464 | ---- | M] () -- C:\Windows\Temp\F631.tmp.exe
[2016/02/01 18:34:25 | 000,055,296 | ---- | M] () -- C:\Windows\Temp\F90F.tmp.exe
[2016/01/31 22:32:16 | 000,558,702 | ---- | M] () -- C:\Windows\Temp\FE6A.tmp.exe
[112 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2014/05/30 08:51:56 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\Temp\16BB767A-0FD5-4754-98D4-77796D536DFB\DismHost.exe

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2014/02/19 12:30:48 | 000,000,002 | ---- | M] () -- C:\Windows\system32\DBDWORK.INI
[2009/07/14 05:42:29 | 000,000,073 | -HS- | M] () -- C:\Windows\system32\desktop.ini
[2015/03/13 02:55:15 | 000,016,303 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2015/09/26 10:39:15 | 000,002,920 | ---- | M] () -- C:\Windows\system32\LavasoftTcpServiceOff.ini
[2009/07/14 05:42:26 | 000,000,535 | ---- | M] () -- C:\Windows\system32\mapisvc.inf
[2014/04/16 15:19:03 | 000,892,356 | ---- | M] () -- C:\Windows\system32\oem2.inf
[2016/02/05 16:14:42 | 001,803,544 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2009/06/10 22:39:59 | 000,060,124 | ---- | M] () -- C:\Windows\system32\tcpmon.ini

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2016/02/05 19:17:00 | 000,003,124 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-1-6.job
[2016/02/05 18:17:01 | 000,003,460 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-1-7.job
[2015/11/09 17:26:25 | 000,002,098 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-10_user.job
[2016/02/05 18:16:03 | 000,004,480 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-3.job
[2016/02/05 18:17:07 | 000,002,432 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-5.job
[2016/02/05 18:17:07 | 000,002,432 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-5_user.job
[2016/02/05 19:16:00 | 000,005,504 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-6.job
[2016/02/05 18:16:01 | 000,005,504 | ---- | M] () -- C:\Windows\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-7.job
[2016/02/05 19:36:04 | 000,001,002 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016/02/05 18:39:00 | 000,003,124 | ---- | M] () -- C:\Windows\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-1-6.job
[2016/02/05 16:12:31 | 000,003,460 | ---- | M] () -- C:\Windows\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-1-7.job
[2016/02/05 16:12:57 | 000,004,480 | ---- | M] () -- C:\Windows\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-3.job
[2016/02/05 16:12:34 | 000,002,432 | ---- | M] () -- C:\Windows\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-5.job
[2016/02/05 16:12:44 | 000,002,432 | ---- | M] () -- C:\Windows\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-5_user.job
[2016/02/05 18:39:00 | 000,005,504 | ---- | M] () -- C:\Windows\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-6.job
[2016/02/05 16:12:52 | 000,005,504 | ---- | M] () -- C:\Windows\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-7.job
[2016/02/05 16:12:20 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2016/02/05 16:12:20 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2016/02/05 15:44:00 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2016/02/05 16:12:20 | 000,001,034 | ---- | M] () -- C:\Windows\Tasks\MyBrowser.job
[2016/02/05 15:33:12 | 000,000,244 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2016/02/03 16:40:15 | 000,000,252 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2014/08/26 13:35:14 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA(35).DAT
[2016/02/05 16:11:53 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2015/01/14 22:23:48 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(19).TXT
[2014/07/06 22:02:47 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(21).TXT
[2015/01/14 22:23:48 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(27).TXT
[2014/08/08 16:04:01 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(36).TXT
[2016/02/01 18:04:14 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]
[2015/11/01 12:17:09 | 000,006,152 | ---- | M] () -- C:\Windows\system32\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-1-6
[2015/11/01 12:17:07 | 000,006,490 | ---- | M] () -- C:\Windows\system32\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-1-7
[2015/11/01 12:16:37 | 000,007,510 | ---- | M] () -- C:\Windows\system32\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-3
[2015/11/01 12:17:24 | 000,005,462 | ---- | M] () -- C:\Windows\system32\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-5
[2015/11/01 12:17:26 | 000,005,454 | ---- | M] () -- C:\Windows\system32\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-5_user
[2015/11/01 12:16:51 | 000,008,532 | ---- | M] () -- C:\Windows\system32\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-6
[2015/11/01 12:16:47 | 000,008,534 | ---- | M] () -- C:\Windows\system32\Tasks\297683d1-ef33-4163-b4a9-9f25d76d068f-7
[2016/01/15 17:18:18 | 000,003,874 | ---- | M] () -- C:\Windows\system32\Tasks\Adobe Acrobat Update Task
[2016/01/20 19:39:02 | 000,003,940 | ---- | M] () -- C:\Windows\system32\Tasks\Adobe Flash Player Updater
[2014/05/09 22:27:00 | 000,003,532 | ---- | M] () -- C:\Windows\system32\Tasks\CreateChoiceProcessTask
[2015/11/27 10:08:27 | 000,022,132 | ---- | M] () -- C:\Windows\system32\Tasks\DNSULEN
[2015/11/06 09:39:50 | 000,006,152 | ---- | M] () -- C:\Windows\system32\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-1-6
[2015/11/06 09:39:49 | 000,006,490 | ---- | M] () -- C:\Windows\system32\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-1-7
[2015/11/06 09:39:22 | 000,007,510 | ---- | M] () -- C:\Windows\system32\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-3
[2015/11/06 09:40:06 | 000,005,462 | ---- | M] () -- C:\Windows\system32\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-5
[2015/11/06 09:40:08 | 000,005,454 | ---- | M] () -- C:\Windows\system32\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-5_user
[2015/11/06 09:39:34 | 000,008,532 | ---- | M] () -- C:\Windows\system32\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-6
[2015/11/06 09:39:30 | 000,008,534 | ---- | M] () -- C:\Windows\system32\Tasks\efba7dd2-bf83-415d-83c6-4595239075a3-7
[2014/07/19 23:44:17 | 000,003,078 | ---- | M] () -- C:\Windows\system32\Tasks\Final Media Player Update Checker
[2015/11/06 09:39:21 | 000,003,704 | ---- | M] () -- C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineCore
[2015/11/06 09:39:22 | 000,003,958 | ---- | M] () -- C:\Windows\system32\Tasks\globalUpdateUpdateTaskMachineUA
[2014/08/17 11:15:06 | 000,004,010 | ---- | M] () -- C:\Windows\system32\Tasks\LaunchApp
[2014/08/21 10:33:18 | 000,004,010 | ---- | M] () -- C:\Windows\system32\Tasks\LaunchSignup
[2014/07/19 23:44:27 | 000,003,556 | ---- | M] () -- C:\Windows\system32\Tasks\ProgramRefresh-ATFST
[2014/07/19 23:44:26 | 000,003,872 | ---- | M] () -- C:\Windows\system32\Tasks\ProgramUpdateCheck
[2016/02/05 18:31:54 | 000,003,078 | ---- | M] () -- C:\Windows\system32\Tasks\RegClean Pro
[2016/01/23 16:40:01 | 000,002,834 | ---- | M] () -- C:\Windows\system32\Tasks\RegClean Pro_DEFAULT
[2016/01/23 16:40:00 | 000,002,990 | ---- | M] () -- C:\Windows\system32\Tasks\RegClean Pro_UPDATES
[2014/05/03 20:34:19 | 000,002,932 | ---- | M] () -- C:\Windows\system32\Tasks\{0799E537-7A7F-4F67-8A98-065198DBA3CF}
[2015/10/26 18:01:14 | 000,002,994 | ---- | M] () -- C:\Windows\system32\Tasks\{0C40EFCF-137F-4065-8263-A89434F33558}
[2014/08/21 22:28:28 | 000,003,140 | ---- | M] () -- C:\Windows\system32\Tasks\{0D890AB8-EA74-430E-9E28-21D13FB8C9DF}
[2015/12/19 08:54:16 | 000,003,146 | ---- | M] () -- C:\Windows\system32\Tasks\{1F7AAE9D-F935-48EB-BF9B-083C786CD739}
[2014/04/29 05:40:16 | 000,002,954 | ---- | M] () -- C:\Windows\system32\Tasks\{2243C976-EBCB-4F09-BB50-C106EC9638FA}
[2015/09/29 07:36:20 | 000,003,180 | ---- | M] () -- C:\Windows\system32\Tasks\{33701830-7955-445D-AEF6-C69191E90DE7}
[2014/05/17 13:24:22 | 000,002,954 | ---- | M] () -- C:\Windows\system32\Tasks\{3CED5D35-4E95-48FB-AE3E-7376905DEE06}
[2014/05/17 13:23:52 | 000,002,954 | ---- | M] () -- C:\Windows\system32\Tasks\{55E39B0A-DA1E-4D12-A620-4BE7BA220162}
[2014/08/21 22:54:59 | 000,003,130 | ---- | M] () -- C:\Windows\system32\Tasks\{66254135-49CA-419B-A207-4AF722357503}
[2014/07/27 07:17:48 | 000,003,196 | ---- | M] () -- C:\Windows\system32\Tasks\{7FFB2B70-73CD-4DA3-BFA9-B4DC4B7A30B3}
[2015/02/28 22:42:49 | 000,002,972 | ---- | M] () -- C:\Windows\system32\Tasks\{85315848-B38D-459D-BCE8-AC76F26ED733}
[2015/10/24 13:18:26 | 000,002,994 | ---- | M] () -- C:\Windows\system32\Tasks\{8650428B-5425-4E48-8F9F-0D633F03D5F2}
[2015/10/26 18:05:43 | 000,002,994 | ---- | M] () -- C:\Windows\system32\Tasks\{AB6D2CB8-F5EE-460B-A875-9E2253B6C473}
[2015/07/04 11:55:43 | 000,003,276 | ---- | M] () -- C:\Windows\system32\Tasks\{BBA762C0-AA62-4CDC-88A7-53B39F7E0CD7}
[2014/08/21 16:41:57 | 000,003,140 | ---- | M] () -- C:\Windows\system32\Tasks\{C30A8A31-706F-4A65-861D-17413F3C123D}
[2015/09/02 15:35:36 | 000,003,316 | ---- | M] () -- C:\Windows\system32\Tasks\{DA977B5A-298C-41EE-B4E4-A411B5BFD1E7}
[2014/05/19 07:35:44 | 000,002,960 | ---- | M] () -- C:\Windows\system32\Tasks\{DDC34BA7-C908-4BEB-8F0C-813783DE0FA5}
[2015/10/26 18:40:20 | 000,002,986 | ---- | M] () -- C:\Windows\system32\Tasks\{F13351F8-7A87-45B6-A5DF-C720FC78DB77}
[2015/10/24 13:17:42 | 000,002,994 | ---- | M] () -- C:\Windows\system32\Tasks\{F768036E-91F7-4C80-8E7A-4F6FFC407F25}
[2014/07/18 11:47:18 | 000,003,072 | ---- | M] () -- C:\Windows\system32\Tasks\{F8742F36-A3BF-4E21-9F77-6FDF41AE8F60}
[2016/02/05 18:14:16 | 000,002,928 | ---- | M] () -- C:\Windows\system32\Tasks\{F90B9E1E-A254-4277-A773-2326362AB2EC}

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2016/01/31 20:40:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\AVAST Software
[2015/03/03 13:09:57 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Games
[2016/01/31 20:40:11 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft
[2014/07/26 16:10:12 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform
[2015/06/24 21:31:11 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\WPD

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]
[2014/05/14 07:51:43 | 000,000,000 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-a8bd6295.exe

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]
[2009/07/13 22:40:41 | 000,009,029 | ---- | M] () -- C:\Windows\system32\ANSI.SYS
[2015/03/04 05:16:14 | 000,249,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfs.sys
[2009/07/13 22:40:44 | 000,027,097 | ---- | M] () -- C:\Windows\system32\country.sys
[2009/07/13 22:40:40 | 000,004,768 | ---- | M] () -- C:\Windows\system32\HIMEM.SYS
[2009/07/13 22:40:43 | 000,042,809 | ---- | M] () -- C:\Windows\system32\KEY01.SYS
[2009/07/13 22:40:43 | 000,042,537 | ---- | M] () -- C:\Windows\system32\KEYBOARD.SYS
[2009/07/13 22:40:23 | 000,027,866 | ---- | M] () -- C:\Windows\system32\NTDOS.SYS
[2009/07/13 22:40:31 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS404.SYS
[2009/07/13 22:40:35 | 000,029,370 | ---- | M] () -- C:\Windows\system32\NTDOS411.SYS
[2009/07/13 22:40:39 | 000,029,274 | ---- | M] () -- C:\Windows\system32\NTDOS412.SYS
[2009/07/13 22:40:27 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS804.SYS
[2009/07/13 22:40:11 | 000,033,952 | ---- | M] () -- C:\Windows\system32\NTIO.SYS
[2009/07/13 22:40:15 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO404.SYS
[2009/07/13 22:40:17 | 000,035,776 | ---- | M] () -- C:\Windows\system32\NTIO411.SYS
[2009/07/13 22:40:19 | 000,035,536 | ---- | M] () -- C:\Windows\system32\NTIO412.SYS
[2009/07/13 22:40:13 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO804.SYS
[2015/12/08 22:00:03 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys

[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2010/11/20 22:29:19 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=1151FD4FB0216CFED887BFDE29EBD516 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys
[2015/10/14 01:41:27 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=3EA58284BD7B72F78D505E82366F7E0C -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.23237_none_da667526d5da9ab2\afd.sys
[2014/05/02 19:13:39 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=66DD39CA12BAEB8D32111581769D9117 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_da50efe2d5eab341\afd.sys
[2015/10/13 17:31:53 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=93B49FA857F7036A4EFF32371F6E7391 -- C:\Windows\System32\drivers\afd.sys
[2015/10/13 17:31:53 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=93B49FA857F7036A4EFF32371F6E7391 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.19031_none_d9d6d4b9bcc265b7\afd.sys
[2014/05/30 07:25:58 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9876CB32F95AB3E7B56A86B8465399BE -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22705_none_da85049cd5c3ec53\afd.sys
[2011/04/25 03:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys
[2011/04/25 04:24:09 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C427F91A748CD342A2B3F9278D9FD6A5 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys
[2014/05/30 07:36:07 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=D0B388DA1D111A34366E04EB4A5DD156 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18489_none_d9a8e5cdbce3971f\afd.sys
[2014/05/02 19:13:39 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=F81BB7E487EDCEAB630A7EE66CF23913 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_d9b98067bcd7e63c\afd.sys
[2015/07/10 09:15:38 | 000,479,072 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\afd.sys
[2015/07/10 09:15:38 | 000,479,072 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-winsock-core_31bf3856ad364e35_10.0.10240.16384_none_83ca18bd40bcf8be\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
[2015/07/10 09:15:33 | 000,023,392 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\atapi.sys
[2015/07/10 09:15:33 | 000,023,392 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_fa3a1dedc863ca97\atapi.sys
[2015/07/10 09:15:33 | 000,023,392 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_10.0.10240.16384_none_8919fe4503d9a80a\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
[2015/07/10 09:15:33 | 000,130,560 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\cdrom.sys
[2015/07/10 09:15:33 | 000,130,560 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_33d5cf7be6b151b5\cdrom.sys
[2015/07/10 09:15:33 | 000,130,560 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_cdrom.inf_31bf3856ad364e35_10.0.10240.16384_none_0b8b320d861743b8\cdrom.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/04/26 20:10:55 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/04/26 20:10:55 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/04/26 20:10:55 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\drivers\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_50ad659974198591\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\i8042prt.sys
[2009/07/14 00:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\i8042prt.sys
[2015/07/10 09:15:32 | 000,090,624 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\i8042prt.sys
[2015/07/10 09:15:32 | 000,090,624 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_fa4bd402ced8862d\i8042prt.sys
[2015/07/10 09:15:32 | 000,090,624 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_keyboard.inf_31bf3856ad364e35_10.0.10240.16384_none_43304403bb48c5ec\i8042prt.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012/08/22 18:05:16 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=15B74B6283CEBCCE3054C1001CA01B5E -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_aa0491cf93ad1c31\ndis.sys
[2015/10/12 23:32:56 | 000,713,152 | ---- | M] (Microsoft Corporation) MD5=43C1C599FF590C875764CB6254A506B6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_aa435dc7937e55cc\ndis.sys
[2012/08/22 18:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) MD5=8C9C922D71F1CD4DEF73F186416B7896 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_a9bdfee47a5cd154\ndis.sys
[2015/10/13 05:50:31 | 000,712,640 | ---- | M] (Microsoft Corporation) MD5=9804FB2E46077F2977552347DFCA7E05 -- C:\Windows\System32\drivers\ndis.sys
[2015/10/13 05:50:31 | 000,712,640 | ---- | M] (Microsoft Corporation) MD5=9804FB2E46077F2977552347DFCA7E05 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_a9b4bda47a653a28\ndis.sys
[2010/11/20 22:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys
[2015/07/10 09:15:38 | 000,918,880 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\ndis.sys
[2015/07/10 09:15:38 | 000,918,880 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.10240.16384_none_053754600a5be52b\ndis.sys

[color=#A23BEC]< MD5 for: NDISUIO.SYS >[/color]
[2010/11/20 22:29:07 | 000,046,080 | ---- | M] (Microsoft Corporation) MD5=D8A65DAFB3EB41CBB622745676FCD072 -- C:\Windows\System32\drivers\ndisuio.sys
[2010/11/20 22:29:07 | 000,046,080 | ---- | M] (Microsoft Corporation) MD5=D8A65DAFB3EB41CBB622745676FCD072 -- C:\Windows\winsxs\x86_microsoft-windows-ndisuio_31bf3856ad364e35_6.1.7601.17514_none_6df871af452036ec\ndisuio.sys
[2015/07/10 09:15:38 | 000,050,688 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\ndisuio.sys
[2015/07/10 09:15:38 | 000,050,688 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-ndisuio_31bf3856ad364e35_10.0.10240.16384_none_17d2ddeec92df74f\ndisuio.sys

[color=#A23BEC]< MD5 for: NETBT.SYS >[/color]
[2010/11/20 22:29:08 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\System32\drivers\netbt.sys
[2010/11/20 22:29:08 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324d55864070\netbt.sys
[2015/07/10 09:15:35 | 000,216,576 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\netbt.sys
[2015/07/10 09:15:35 | 000,216,576 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-netbt-minwin_31bf3856ad364e35_10.0.10240.16384_none_978e576cba2f9f4c\netbt.sys

[color=#A23BEC]< MD5 for: TDX.SYS >[/color]
[2015/10/14 01:41:04 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=0E5C6676F9ABDB1C54C461EA5BA8175B -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.23237_none_ecbbfae053832419\tdx.sys
[2014/11/11 02:32:14 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=7FE680A3DFA421C4A8E4879AE4C5AAB0 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.18658_none_ec1ddecd3a74adaa\tdx.sys
[2010/11/20 22:29:07 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys
[2015/10/13 17:31:24 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=BB8817D0508DD5EA69C770C8DEF5AB67 -- C:\Windows\System32\drivers\tdx.sys
[2015/10/13 17:31:24 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=BB8817D0508DD5EA69C770C8DEF5AB67 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.19031_none_ec2c5a733a6aef1e\tdx.sys
[2014/11/11 02:40:25 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=D4EB5D50A5171245223ED7BC6427FBCD -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.22865_none_ec99acb4539d1a87\tdx.sys
[2015/07/10 09:15:38 | 000,095,072 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\tdx.sys
[2015/07/10 09:15:38 | 000,095,072 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_10.0.10240.16384_none_961f9e76be658225\tdx.sys

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2010/11/20 22:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/20 22:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
[2010/11/20 22:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys
[2015/07/10 09:15:33 | 000,342,368 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\drivers\volsnap.sys
[2015/07/10 09:15:33 | 000,342,368 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\DriverStore\FileRepository\volume.inf_x86_de475ee603abd408\volsnap.sys
[2015/07/10 09:15:33 | 000,342,368 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_volume.inf_31bf3856ad364e35_10.0.10240.16384_none_c1988dabde64d43b\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
[2015/07/10 09:15:38 | 000,191,144 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\wininit.exe
[2015/07/10 09:15:38 | 000,191,144 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-wininit_31bf3856ad364e35_10.0.10240.16384_none_dcd48ef9e6a08010\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2014/07/16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014/03/04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
[2015/07/10 09:15:38 | 000,489,984 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\winlogon.exe
[2015/07/10 09:15:38 | 000,489,984 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_10.0.10240.16384_none_1ba4d741b7415563\winlogon.exe

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2016/01/01 20:32:59 | 000,002,334 | ---- | M] ()(C:\Users\ACER\Desktop\???? ?????? ????? 100 ?? ?? ???????? ??????? ?? ???? ???? ??? ????? - Raccourci.lnk) -- C:\Users\ACER\Desktop\BJ'3 E3'-JQ J3'HJ 100 "1 #H GC*HE*1' E1Q(9'K #H 941) "D'A E*1 E1Q(9 - Raccourci.lnk
[2016/01/01 20:32:59 | 000,002,334 | ---- | C] ()(C:\Users\ACER\Desktop\???? ?????? ????? 100 ?? ?? ???????? ??????? ?? ???? ???? ??? ????? - Raccourci.lnk) -- C:\Users\ACER\Desktop\BJ'3 E3'-JQ J3'HJ 100 "1 #H GC*HE*1' E1Q(9'K #H 941) "D'A E*1 E1Q(9 - Raccourci.lnk
[2016/01/01 20:31:45 | 000,001,874 | ---- | M] ()(C:\Users\ACER\Desktop\???? ????? ???????? ????? - Raccourci.lnk) -- C:\Users\ACER\Desktop\.E3) CDE'* D'*BHDG' DD7AD - Raccourci.lnk
[2016/01/01 20:31:45 | 000,001,874 | ---- | C] ()(C:\Users\ACER\Desktop\???? ????? ???????? ????? - Raccourci.lnk) -- C:\Users\ACER\Desktop\.E3) CDE'* D'*BHDG' DD7AD - Raccourci.lnk
[2016/01/01 20:29:11 | 000,001,840 | ---- | M] ()(C:\Users\ACER\Desktop\??? ???????? ????????? - Raccourci.lnk) -- C:\Users\ACER\Desktop\(96 'DBJ'3'* H'DBH'FJF - Raccourci.lnk
[2016/01/01 20:29:11 | 000,001,840 | ---- | C] ()(C:\Users\ACER\Desktop\??? ???????? ????????? - Raccourci.lnk) -- C:\Users\ACER\Desktop\(96 'DBJ'3'* H'DBH'FJF - Raccourci.lnk
[2015/11/09 20:01:18 | 000,090,112 | ---- | M] ()(C:\Users\ACER\Desktop\????? ?????.doc) -- C:\Users\ACER\Desktop\'3E/) 'JF'3.doc
[2015/11/09 19:10:10 | 000,090,112 | ---- | C] ()(C:\Users\ACER\Desktop\????? ?????.doc) -- C:\Users\ACER\Desktop\'3E/) 'JF'3.doc
[2015/11/09 19:09:58 | 000,110,080 | ---- | M] ()(C:\Users\ACER\Documents\????? ?????.doc) -- C:\Users\ACER\Documents\'3E/) 'JF'3.doc
[2015/11/09 19:09:56 | 000,110,080 | ---- | C] ()(C:\Users\ACER\Documents\????? ?????.doc) -- C:\Users\ACER\Documents\'3E/) 'JF'3.doc
[2015/09/14 12:07:04 | 041,191,198 | ---- | M] ()(C:\Users\ACER\Desktop\---????? ????? ?????? ??????? ????? ? ????? ????? - YouTube.flv) -- C:\Users\ACER\Desktop\---B1'!) C'ED) D*F-J) 'D,F1'D *HAJB H *9JJF 717'B - YouTube.flv
[2015/09/14 12:07:04 | 041,191,198 | ---- | C] ()(C:\Users\ACER\Desktop\---????? ????? ?????? ??????? ????? ? ????? ????? - YouTube.flv) -- C:\Users\ACER\Desktop\---B1'!) C'ED) D*F-J) 'D,F1'D *HAJB H *9JJF 717'B - YouTube.flv
[2015/06/20 14:40:38 | 000,042,215 | ---- | M] ()(C:\Users\ACER\Desktop\????? ???????.docx) -- C:\Users\ACER\Desktop\*1(J) 'D#(F'!.docx
[2015/05/30 09:15:09 | 000,000,162 | -H-- | M] ()(C:\Users\ACER\Desktop\~$???? ????? ?????? ?? ?????.docx) -- C:\Users\ACER\Desktop\~$*#FJ 3(('K C(J1'K AJ F,'-G.docx
[2015/05/30 09:15:09 | 000,000,162 | -H-- | C] ()(C:\Users\ACER\Desktop\~$???? ????? ?????? ?? ?????.docx) -- C:\Users\ACER\Desktop\~$*#FJ 3(('K C(J1'K AJ F,'-G.docx
[2015/05/25 13:11:28 | 000,061,980 | ---- | M] ()(C:\Users\ACER\Desktop\??????? ?????? ? ?? ?????.docx) -- C:\Users\ACER\Desktop\'DAH'&/ 'D941) D :6 'D(51.docx
[2015/05/25 13:08:05 | 000,061,980 | ---- | C] ()(C:\Users\ACER\Desktop\??????? ?????? ? ?? ?????.docx) -- C:\Users\ACER\Desktop\'DAH'&/ 'D941) D :6 'D(51.docx
[2015/05/03 21:13:27 | 000,000,000 | ---D | M](C:\Users\ACER\Desktop\??? ?????? ?????? ???? ??? ???????? ???? ??????? ???????? ?????? ?????_fichiers) -- C:\Users\ACER\Desktop\41- ('D5H1 DCJAJ) *9DE 4:D 'DEC1'EJ D9ED %(/'9'* H/JCH1'* EF2DJ) 1'&9)_fichiers
[2015/03/27 05:13:46 | 014,084,491 | ---- | M] ()(C:\Users\ACER\Desktop\---Samira TV - ???? ?????? (2) - ????? ????? - YouTube.mp4) -- C:\Users\ACER\Desktop\---Samira TV - CA*) ('D*E1 (2) - *HF3J /DJD) - YouTube.mp4
[2015/03/27 05:13:46 | 014,084,491 | ---- | C] ()(C:\Users\ACER\Desktop\---Samira TV - ???? ?????? (2) - ????? ????? - YouTube.mp4) -- C:\Users\ACER\Desktop\---Samira TV - CA*) ('D*E1 (2) - *HF3J /DJD) - YouTube.mp4
[2015/01/20 17:02:35 | 000,054,462 | ---- | M] ()(C:\Users\ACER\Desktop\??? ?????? ?????? ???? ??? ???????? ???? ??????? ???????? ?????? ?????.html) -- C:\Users\ACER\Desktop\41- ('D5H1 DCJAJ) *9DE 4:D 'DEC1'EJ D9ED %(/'9'* H/JCH1'* EF2DJ) 1'&9).html
[2015/01/20 17:02:35 | 000,054,462 | ---- | C] ()(C:\Users\ACER\Desktop\??? ?????? ?????? ???? ??? ???????? ???? ??????? ???????? ?????? ?????.html) -- C:\Users\ACER\Desktop\41- ('D5H1 DCJAJ) *9DE 4:D 'DEC1'EJ D9ED %(/'9'* H/JCH1'* EF2DJ) 1'&9).html
[2015/01/20 17:02:22 | 000,000,000 | ---D | C](C:\Users\ACER\Desktop\??? ?????? ?????? ???? ??? ???????? ???? ??????? ???????? ?????? ?????_fichiers) -- C:\Users\ACER\Desktop\41- ('D5H1 DCJAJ) *9DE 4:D 'DEC1'EJ D9ED %(/'9'* H/JCH1'* EF2DJ) 1'&9)_fichiers
[2015/01/19 13:00:04 | 000,000,162 | -H-- | M] ()(C:\Users\ACER\Desktop\~$? ????.docx) -- C:\Users\ACER\Desktop\~$F 3JF'.docx
[2015/01/19 13:00:04 | 000,000,162 | -H-- | C] ()(C:\Users\ACER\Desktop\~$? ????.docx) -- C:\Users\ACER\Desktop\~$F 3JF'.docx
[2014/12/08 17:01:04 | 000,000,000 | ---D | M](C:\Users\ACER\???? ?????) -- C:\Users\ACER\GE2) 'DH5D
[2014/12/08 17:01:04 | 000,000,000 | ---D | M](C:\Users\ACER\???? ?????) -- C:\Users\ACER\GE2) 'DH5D
[2014/11/27 02:08:31 | 015,443,140 | ---- | M] ()(C:\Users\ACER\Desktop\---( ????? ???? ???????..) ??? ??? ??????? ?????? ????.. - YouTube.flv) -- C:\Users\ACER\Desktop\---( 9F/E' J(CJ 'D2H'DJ..) 913 '(F 'D,F1'D 'DB'J/ 5'D-.. - YouTube.flv
[2014/11/27 02:08:31 | 015,443,140 | ---- | C] ()(C:\Users\ACER\Desktop\---( ????? ???? ???????..) ??? ??? ??????? ?????? ????.. - YouTube.flv) -- C:\Users\ACER\Desktop\---( 9F/E' J(CJ 'D2H'DJ..) 913 '(F 'D,F1'D 'DB'J/ 5'D-.. - YouTube.flv
[2014/11/20 11:58:45 | 000,042,215 | ---- | C] ()(C:\Users\ACER\Desktop\????? ???????.docx) -- C:\Users\ACER\Desktop\*1(J) 'D#(F'!.docx
[2014/11/16 18:47:35 | 000,076,269 | ---- | M] ()(C:\Users\ACER\Desktop\???? ????? ??? ??????.docx) -- C:\Users\ACER\Desktop\3H1) 'DCGA JHE 'D,E9).docx
[2014/11/16 18:41:43 | 000,076,269 | ---- | C] ()(C:\Users\ACER\Desktop\???? ????? ??? ??????.docx) -- C:\Users\ACER\Desktop\3H1) 'DCGA JHE 'D,E9).docx
[2014/06/28 20:56:11 | 1047,971,904 | ---- | M] ()(C:\Users\ACER\Desktop\??? ???????? ???????? ????? ??? ????? ???? ???? 6 ?????? - YouTube.mp4) -- C:\Users\ACER\Desktop\B55 'D#F(J'! ('D5D5'D C'ED) 9DI A(/(H H'-/ E/*G 6 3'9'*, - YouTube.mp4
[2014/06/28 20:56:11 | 1047,971,904 | ---- | C] ()(C:\Users\ACER\Desktop\??? ???????? ???????? ????? ??? ????? ???? ???? 6 ?????? - YouTube.mp4) -- C:\Users\ACER\Desktop\B55 'D#F(J'! ('D5D5'D C'ED) 9DI A(/(H H'-/ E/*G 6 3'9'*, - YouTube.mp4
[2014/06/12 02:15:39 | 054,430,313 | ---- | M] ()(C:\Users\ACER\Desktop\??? ??????? ?? ?????? - ?????? ??????? - ???? ?????? - ????? ?????? - YouTube.mp4) -- C:\Users\ACER\Desktop\B55 'D-JH'F AI 'DB1"F - 'D-DB) 'D941HF - G/G/ 3DJE'F - 'D,2! 'D'HD, - YouTube.mp4
[2014/06/12 02:15:39 | 054,430,313 | ---- | C] ()(C:\Users\ACER\Desktop\??? ??????? ?? ?????? - ?????? ??????? - ???? ?????? - ????? ?????? - YouTube.mp4) -- C:\Users\ACER\Desktop\B55 'D-JH'F AI 'DB1"F - 'D-DB) 'D941HF - G/G/ 3DJE'F - 'D,2! 'D'HD, - YouTube.mp4
(C:\Users\ACER\???? ?????) -- C:\Users\ACER\GE2) 'DH5D

< End of report >

Publicité


Signaler le contenu de ce document

Publicité