OTL.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 28/12/2016 23:27:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bruno\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,93 Gb Total Physical Memory | 6,48 Gb Available Physical Memory | 81,70% Memory free
7,93 Gb Paging File | 6,59 Gb Available in Paging File | 83,08% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 80,27 Gb Total Space | 33,26 Gb Free Space | 41,43% Space Free | Partition Type: NTFS
Drive D: | 196,92 Gb Total Space | 36,41 Gb Free Space | 18,49% Space Free | Partition Type: NTFS
Drive E: | 75,94 Gb Total Space | 29,38 Gb Free Space | 38,70% Space Free | Partition Type: NTFS
Drive F: | 30,10 Gb Total Space | 7,96 Gb Free Space | 26,45% Space Free | Partition Type: NTFS
Drive I: | 100,00 Gb Total Space | 49,48 Gb Free Space | 49,48% Space Free | Partition Type: NTFS

Computer Name: BRUNO-PC | User Name: Bruno | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2016/12/28 23:25:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
PRC - [2016/11/15 11:07:58 | 009,080,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/09/18 12:56:30 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe

[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2016/12/28 23:25:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
MOD - [2016/12/28 22:14:11 | 000,504,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\16122801\aswCmnBS.dll
MOD - [2016/12/28 22:14:11 | 000,463,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\16122801\aswCmnIS.dll
MOD - [2016/12/28 22:14:11 | 000,150,584 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\16122801\aswCmnOS.dll
MOD - [2016/12/28 22:14:11 | 000,067,408 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\16122801\uiext.dll
MOD - [2016/11/20 17:20:03 | 000,666,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2016/11/20 17:20:03 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2016/11/20 17:20:03 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2016/11/20 17:19:57 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2016/11/20 17:19:57 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2016/11/20 17:19:53 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2016/11/20 17:19:43 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2016/11/20 16:52:42 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2016/11/15 11:07:58 | 009,080,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
MOD - [2016/11/12 19:20:21 | 002,287,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2016/11/12 18:05:59 | 002,444,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2016/11/12 18:02:30 | 001,312,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2016/11/10 17:19:40 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2016/11/06 17:16:46 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2016/11/02 16:16:31 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2016/10/27 16:20:17 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2016/10/13 19:35:11 | 004,376,160 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\commonres.dll
MOD - [2016/10/11 16:21:52 | 001,314,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2016/10/11 16:18:43 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2016/10/11 16:18:43 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2016/10/11 16:18:40 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2016/10/11 16:18:29 | 000,829,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2016/10/11 16:18:02 | 000,644,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2016/10/07 16:12:49 | 000,581,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2016/10/04 16:13:15 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2016/10/04 16:13:00 | 001,176,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2016/09/26 19:41:26 | 001,060,176 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashbase.dll
MOD - [2016/09/25 22:54:03 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MOD - [2016/09/25 22:54:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MOD - [2016/09/25 22:54:03 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
MOD - [2016/09/25 22:54:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
MOD - [2016/09/25 22:54:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
MOD - [2016/09/25 22:54:03 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MOD - [2016/09/25 21:43:03 | 000,249,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2016/09/25 21:43:03 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2016/09/25 21:38:52 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2016/09/25 21:38:52 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2016/09/25 21:38:52 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2016/09/25 21:38:52 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2016/09/25 21:38:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2016/09/25 21:38:30 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2016/09/25 21:38:28 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2016/09/25 21:38:28 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2016/09/25 21:38:28 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2016/09/25 21:38:28 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2016/09/25 21:38:28 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2016/09/25 21:38:28 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2016/09/25 21:38:28 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2016/09/25 21:38:20 | 001,668,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2016/09/25 21:38:20 | 001,127,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2016/09/25 21:38:20 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2016/09/25 21:38:20 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2016/09/25 21:38:20 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2016/09/25 21:38:20 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2016/09/25 21:38:19 | 000,316,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2016/09/25 21:38:18 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23403_none_2b180b30457f196c\comctl32.dll
MOD - [2016/09/25 21:38:18 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2016/09/25 21:38:17 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2016/09/25 21:38:17 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2016/09/25 21:38:16 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2016/09/25 21:38:10 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2016/09/25 21:38:10 | 000,689,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2016/09/25 21:38:10 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2016/09/25 21:38:10 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2016/09/25 21:38:10 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2016/09/25 21:38:10 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2016/09/25 21:38:10 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2016/09/25 21:38:06 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2016/09/25 21:38:06 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2016/09/25 21:38:06 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2016/09/25 21:38:06 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2016/09/25 21:38:06 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2016/09/18 12:57:29 | 000,439,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashtask.dll
MOD - [2016/09/18 12:57:27 | 003,748,584 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aavm4h.dll
MOD - [2016/09/18 12:57:26 | 000,456,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswproperty.dll
MOD - [2016/09/18 12:56:42 | 004,775,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.24210.0_none_a338d8ea2df29efb\mfc140u.dll
MOD - [2016/09/18 12:56:39 | 000,921,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\ucrtbase.dll
MOD - [2016/09/18 12:56:39 | 000,440,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\msvcp140.dll
MOD - [2016/09/18 12:56:39 | 000,083,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\vcruntime140.dll
MOD - [2016/09/18 12:56:39 | 000,029,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-math-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,026,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-multibyte-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,024,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-string-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,024,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-stdio-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,023,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-runtime-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,022,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-convert-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,021,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-time-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,021,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-localization-l1-2-0.dll
MOD - [2016/09/18 12:56:39 | 000,020,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-filesystem-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,019,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-heap-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,019,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-conio-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,019,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-utility-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,019,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-locale-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,019,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-crt-environment-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,019,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-synch-l1-2-0.dll
MOD - [2016/09/18 12:56:39 | 000,019,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-processthreads-l1-1-1.dll
MOD - [2016/09/18 12:56:39 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-timezone-l1-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-file-l2-1-0.dll
MOD - [2016/09/18 12:56:39 | 000,018,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-file-l1-2-0.dll
MOD - [2016/09/18 12:56:33 | 001,354,928 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\libeay32.dll
MOD - [2016/09/18 12:56:33 | 000,310,744 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\AVAST Software\Avast\ssleay32.dll
MOD - [2016/09/18 12:56:32 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/09/18 12:56:31 | 000,123,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/09/18 12:56:30 | 000,923,856 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2016/09/18 12:56:30 | 000,755,176 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2016/09/18 12:56:30 | 000,630,952 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommChannel.dll
MOD - [2016/09/18 12:56:30 | 000,597,584 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2016/09/18 12:56:30 | 000,482,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/09/18 12:56:30 | 000,435,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1036\uiLangRes.dll
MOD - [2016/09/18 12:56:30 | 000,403,336 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2016/09/18 12:56:30 | 000,379,032 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2016/09/18 12:56:30 | 000,377,376 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2016/09/18 12:56:30 | 000,333,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2016/09/18 12:56:30 | 000,302,624 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2016/09/18 12:56:30 | 000,245,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_manager.dll
MOD - [2016/09/18 12:56:30 | 000,220,592 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2016/09/18 12:56:30 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/09/18 12:56:30 | 000,142,016 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2016/09/18 12:56:30 | 000,113,376 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1036\Base.dll
MOD - [2016/09/18 12:56:30 | 000,111,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
MOD - [2016/09/18 12:56:30 | 000,096,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastIP.dll
MOD - [2016/09/18 12:56:30 | 000,087,480 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2016/09/18 12:56:30 | 000,087,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\event_manager_rpc.dll
MOD - [2016/09/18 12:55:19 | 003,558,256 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\HTMLayout.dll
MOD - [2016/09/12 20:08:46 | 001,251,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2016/08/29 16:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2016/06/14 16:21:20 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2016/06/14 16:21:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2016/05/12 16:18:23 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2016/05/11 16:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2016/05/11 16:19:25 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2016/05/11 16:19:16 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2015/07/23 15:26:10 | 000,095,744 | ---- | M] (Softros Systems, inc.) -- C:\Program Files\Softros Systems\Process Blocker\HelperLib86.dll
MOD - [2015/04/24 18:56:58 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
MOD - [2010/11/20 13:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010/11/20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010/11/20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010/11/20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010/11/20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/14 02:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshqos.dll
MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll

[color=#E56717]========== Services (All) ==========[/color]

SRV - [2016/12/14 12:20:21 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/11/09 16:55:06 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2016/10/04 16:13:00 | 000,145,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2016/09/25 21:38:52 | 000,256,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2016/09/25 21:38:48 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2016/09/25 21:38:42 | 000,859,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2016/09/25 21:38:32 | 000,696,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2016/09/25 21:38:32 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\appmgmts.dll -- (AppMgmt)
SRV - [2016/09/25 21:38:28 | 000,359,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2016/09/25 21:38:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2016/09/25 21:38:20 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2016/09/25 21:38:20 | 000,119,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2016/09/25 21:38:10 | 000,075,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2016/09/25 21:38:10 | 000,075,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2016/09/25 21:38:06 | 001,508,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2016/09/25 21:38:06 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2016/09/25 21:38:02 | 000,090,776 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2016/09/25 21:38:02 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2016/09/20 11:54:54 | 000,324,224 | ---- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/09/16 10:24:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/09/08 21:34:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2016/07/14 13:43:42 | 000,107,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2016/07/14 13:37:18 | 000,128,696 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2016/07/14 13:37:18 | 000,052,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2016/05/11 16:19:25 | 000,351,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2012/08/21 13:52:14 | 002,039,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2011/07/20 04:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/11/20 14:25:23 | 000,194,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2010/11/20 13:21:35 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2010/11/20 13:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2010/11/05 02:53:03 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/07/14 02:39:09 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/14 02:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/14 02:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009/07/14 02:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2009/07/14 02:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/07/14 02:14:28 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009/07/14 02:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)

[color=#E56717]========== Driver Services (All) ==========[/color]

DRV - [2013/11/21 10:22:10 | 000,115,448 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (All) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131231726100295256&GUID=4BB123CC-697A-43A0-93A8-E01B2557B8C2

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?pc=UE09&ocid=UE09DHP
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 74 FB A2 16 F7 36 D2 01 [binary data]
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = CA E6 60 03 F6 36 D2 01 [binary data]
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\..\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search?bcutc=sp-006"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/?bcutc=sp-006"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - prefs.js..keyword.URL: "https://www.google.com/search?bcutc=sp-006"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/10/10 09:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/10/10 09:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2016/10/17 10:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruno\AppData\Roaming\Mozilla\Extensions
[2016/11/24 12:00:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\ai2e8xqs.default-1473587225518\extensions
[2016/11/24 12:00:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\ai2e8xqs.default-1473587225518\extensions\trash
[2016/11/24 12:00:50 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\ai2e8xqs.default-1473587225518\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/10/28 22:09:19 | 001,054,986 | ---- | M] () (No name found) -- C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\ai2e8xqs.default-1473587225518\extensions\trash\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/10/19 23:01:25 | 000,002,426 | ---- | M] () -- C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\ai2e8xqs.default-1473587225518\searchplugins\google-avast.xml
[2016/12/14 12:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

O1 HOSTS File: ([2016/09/10 19:30:18 | 000,000,841 | -HS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnailsOnNetworkFolders = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\..Trusted Domains: line6.net ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB25D6E6-0F47-4F3D-8BF4-7881202587C9}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e3bd1006-75dc-11e6-baf2-d8cb8aea4dfd}\Shell - "" = AutoRun
O33 - MountPoints2\{e3bd1006-75dc-11e6-baf2-d8cb8aea4dfd}\Shell\AutoRun\command - "" = H:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: ProcessBlocker - (C:\Program Files\Softros Systems\Process Blocker\HelperLib.dll) - C:\Program Files\Softros Systems\Process Blocker\HelperLib.dll (Softros Systems, inc.)
O36 - AppCertDlls: ProcessBlocker86 - (C:\Program Files\Softros Systems\Process Blocker\HelperLib86.dll) - C:\Program Files\Softros Systems\Process Blocker\HelperLib86.dll (Softros Systems, inc.)
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpReg: [b]CCleaner Monitoring[/b] - hkey= - key= - C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig:64bit - StartUpReg: [b]USB3MON[/b] - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

ActiveX: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {63DF5C4B-E3BF-3346-A033-C57B22F44C9E} - .NET Framework
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

SafeBootMin: 17000312.sys - Driver
SafeBootMin: 89075640.sys - Driver
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: 17000312.sys - Driver
SafeBootNet: 89075640.sys - Driver
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/12/28 23:25:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
[2016/12/21 15:08:15 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\AdAnti
[2016/12/20 23:27:48 | 001,394,688 | ---- | C] (Microsoft Corporation) -- C:\Users\Bruno\Desktop\mfc42.dll
[2016/12/17 01:14:44 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\WinRAR
[2016/12/17 01:13:40 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016/12/17 01:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016/12/14 12:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/12/14 09:59:30 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016/12/14 09:59:30 | 003,944,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016/12/14 09:59:29 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016/12/14 09:59:29 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016/12/14 09:59:29 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016/12/14 09:59:29 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2016/12/14 09:59:28 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2016/12/14 09:59:28 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016/12/14 09:59:28 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016/12/14 09:59:28 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016/12/14 09:59:28 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2016/12/14 09:59:27 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016/12/14 09:59:27 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016/12/14 09:59:27 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016/12/14 09:59:27 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016/12/14 09:59:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016/12/14 09:59:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016/12/14 09:59:26 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016/12/14 09:59:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016/12/14 09:59:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016/12/14 09:59:25 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2016/12/14 09:59:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016/12/14 09:59:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2016/12/14 09:59:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016/12/14 09:59:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016/12/14 09:59:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016/12/14 09:59:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016/12/14 09:59:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016/12/14 09:59:25 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016/12/14 09:59:25 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016/12/14 09:59:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016/12/14 09:59:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016/12/14 09:59:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016/12/14 09:59:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/12/14 09:59:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016/12/14 09:59:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016/12/14 09:59:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016/12/14 09:59:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016/12/14 09:59:24 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016/12/14 09:59:24 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016/12/14 09:59:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2016/12/14 09:59:24 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016/12/14 09:59:24 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2016/12/14 09:59:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016/12/14 09:59:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016/12/14 09:59:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016/12/14 09:59:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016/12/13 10:48:26 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Apple Computer
[2016/12/12 19:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2016/12/12 19:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2016/12/12 19:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2016/12/12 19:20:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2016/12/12 19:20:22 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Local\Apple
[2016/12/12 19:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2016/12/12 19:20:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2016/12/11 10:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KaraFun Player 2
[2016/12/03 20:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2016/12/03 20:44:38 | 000,000,000 | ---D | C] -- C:\Users\Bruno\AppData\Roaming\Intel Corporation
[2016/12/03 20:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2016/12/03 20:43:25 | 000,000,000 | ---D | C] -- C:\Users\Bruno\Intel
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/12/28 23:25:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bruno\Desktop\OTL.exe
[2016/12/28 10:11:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/12/27 12:37:58 | 000,011,264 | ---- | M] () -- C:\Users\Bruno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/12/26 16:57:15 | 000,263,587 | ---- | M] () -- C:\Users\Bruno\Documents\Revenu AE Rokia 11 2016.xps
[2016/12/21 18:15:25 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/12/21 18:15:25 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/12/18 22:27:14 | 000,001,130 | ---- | M] () -- C:\Users\Bruno\Desktop\wumt_x64.exe - Raccourci.lnk
[2016/12/17 11:14:37 | 002,751,664 | ---- | M] () -- C:\Users\Public\Documents\Windows6.1-KB3102810-x86.msu
[2016/12/17 01:09:07 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2016/12/12 19:20:37 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016/12/03 20:44:42 | 001,706,688 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016/12/03 09:17:23 | 000,063,008 | ---- | M] () -- C:\Users\Bruno\Desktop\Console1.msc
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/12/26 16:57:13 | 000,263,587 | ---- | C] () -- C:\Users\Bruno\Documents\Revenu AE Rokia 11 2016.xps
[2016/12/18 22:26:40 | 000,001,130 | ---- | C] () -- C:\Users\Bruno\Desktop\wumt_x64.exe - Raccourci.lnk
[2016/12/17 11:14:59 | 002,751,664 | ---- | C] () -- C:\Users\Public\Documents\Windows6.1-KB3102810-x86.msu
[2016/12/17 01:09:07 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2016/12/12 19:20:37 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2016/12/12 19:20:22 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2016/12/03 09:10:50 | 000,063,008 | ---- | C] () -- C:\Users\Bruno\Desktop\Console1.msc
[2016/11/08 16:23:18 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2016/10/11 23:37:14 | 000,000,016 | ---- | C] () -- C:\ProgramData\mntemp
[2016/10/03 10:00:36 | 000,011,264 | ---- | C] () -- C:\Users\Bruno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/09/25 21:38:17 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2016/09/24 09:33:43 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2016/09/24 09:33:43 | 000,002,760 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2016/09/10 13:06:04 | 000,178,359 | ---- | C] () -- C:\Users\Bruno\AppData\Local\census.cache
[2016/09/10 13:06:01 | 000,084,742 | ---- | C] () -- C:\Users\Bruno\AppData\Local\ars.cache
[2016/09/10 12:52:36 | 000,000,036 | ---- | C] () -- C:\Users\Bruno\AppData\Local\housecall.guid.cache
[2016/09/09 12:32:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2016/09/08 16:39:28 | 001,706,688 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/04/24 09:35:42 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2015/04/24 09:35:42 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2015/04/24 09:35:32 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2015/04/24 09:35:02 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2015/04/24 09:35:02 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/08/29 16:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/08/29 16:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2016/12/21 15:08:15 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\AdAnti
[2016/09/13 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\AMD
[2016/09/08 19:15:49 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Auslogics
[2016/10/17 10:31:06 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\AVAST Software
[2016/10/10 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\BANDISOFT
[2016/11/30 12:13:15 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Cakewalk
[2016/09/19 09:54:30 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Guitar Pro 6
[2016/09/08 18:28:59 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Leadertech
[2016/10/10 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Line 6
[2016/10/26 08:40:50 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\LockHunter
[2016/10/11 22:52:31 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\MAGIX
[2016/09/10 10:40:37 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Profiles
[2016/09/13 19:10:59 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Publish Providers
[2016/10/12 09:08:59 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Sony
[2016/10/21 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\TeamViewer
[2016/10/11 23:01:37 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\VEGAS
[2016/10/11 22:52:29 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\VEGAS Pro
[2016/10/10 09:06:23 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\VS Revo Group
[2016/10/10 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\ZHP

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\Acro Software Inc]

[HKEY_CURRENT_USER\Software\AdblockPlus]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]

[HKEY_CURRENT_USER\Software\Apple Inc.]

[HKEY_CURRENT_USER\Software\Arobas Music]

[HKEY_CURRENT_USER\Software\ASProtect]

[HKEY_CURRENT_USER\Software\ATI]

[HKEY_CURRENT_USER\Software\Auslogics]

[HKEY_CURRENT_USER\Software\AVAST Software]

[HKEY_CURRENT_USER\Software\AVS4YOU]

[HKEY_CURRENT_USER\Software\BandiMPEG1]

[HKEY_CURRENT_USER\Software\BANDISOFT]

[HKEY_CURRENT_USER\Software\BugSplat]

[HKEY_CURRENT_USER\Software\Cakewalk Music Software]

[HKEY_CURRENT_USER\Software\Canon]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\DAMN]

[HKEY_CURRENT_USER\Software\DirectShow]

[HKEY_CURRENT_USER\Software\Disc Soft]

[HKEY_CURRENT_USER\Software\dlr]

[HKEY_CURRENT_USER\Software\EasyBoot Systems]

[HKEY_CURRENT_USER\Software\Elaborate Bytes]

[HKEY_CURRENT_USER\Software\FreeTime]

[HKEY_CURRENT_USER\Software\g3n-h@ckm@n]

[HKEY_CURRENT_USER\Software\GNU]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\Icaros]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\JavaSoft]

[HKEY_CURRENT_USER\Software\Kingsoft]

[HKEY_CURRENT_USER\Software\Lavalys]

[HKEY_CURRENT_USER\Software\Leadertech]

[HKEY_CURRENT_USER\Software\LockHunter]

[HKEY_CURRENT_USER\Software\LogiShrd]

[HKEY_CURRENT_USER\Software\Logitech]

[HKEY_CURRENT_USER\Software\LowRegistry]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\madshi]

[HKEY_CURRENT_USER\Software\MAGIX]

[HKEY_CURRENT_USER\Software\MediaInfo]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\MOVAVI]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\MPC-HC]

[HKEY_CURRENT_USER\Software\Native Instruments]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\Neuber GbR]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\PopWnd]

[HKEY_CURRENT_USER\Software\Psicraft]

[HKEY_CURRENT_USER\Software\QiLu Inc.]

[HKEY_CURRENT_USER\Software\QtProject]

[HKEY_CURRENT_USER\Software\Seventh String Software]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\Softros]

[HKEY_CURRENT_USER\Software\Sony Creative Software]

[HKEY_CURRENT_USER\Software\Sound Quest]

[HKEY_CURRENT_USER\Software\sysinternals]

[HKEY_CURRENT_USER\Software\TeamViewer]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\vanBasco]

[HKEY_CURRENT_USER\Software\VS Revo Group]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\Wondershare]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\ZebHelpProcess Helper]

[HKEY_CURRENT_USER\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}]

[HKEY_CURRENT_USER\Software\{F51B5B89-A3AC-4BD6-b917-556C2DF511BC}]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKCU\Software\AppDataLow /s >[/color]
[HKEY_CURRENT_USER\Software\AppDataLow\Software]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\AntiPhishing]
"i" = 482B4EE6-09FF-4108-AC25-39B4E1FB0C22 [binary data]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer\Security]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer\Security\AntiPhishing]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\Internet Explorer\Security\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2]
"UserFile" = 01 00 00 00 D0 8C 9D DF 01 15 D1 11 8C 7A 00 C0 4F C2 97 EB 01 00 00 00 F4 B3 0F 25 F9 96 42 49 A3 DB 04 8C 91 E4 7C 20 00 00 00 00 12 00 00 00 55 00 73 00 65 00 72 00 46 00 69 00 6C 00 65 00 00 00 10 66 00 00 00 01 00 00 20 00 00 00 E0 39 09 2A F0 49 7E C4 CA 0C 2E F6 E7 85 00 34 5F C7 34 05 7A 1A AB 5A 6F 3D AF 8A 91 EC D5 34 00 00 00 00 0E 80 00 00 00 02 00 00 20 00 00 00 C6 6A 13 C7 68 3C 4B 0C E9 12 12 17 72 72 5E A4 96 56 38 E9 61 DF 69 59 8F EF 2D 3C 3B 8B AA 0E 10 00 00 00 9D 49 B5 42 31 1E 0D F4 8E A8 0F DA 1B 03 08 35 40 00 00 00 AF 8F BF 8C 90 41 3B 6C 9F 07 7B F9 1D 9B CB C1 B2 BF E2 07 67 AD CB 2E 3A 15 19 BD 66 1F 10 EF 5E 96 2C CD 68 B8 80 CB D0 92 48 A7 0E 5E 9A B1 3E 5C 06 F6 82 93 D4 2B 42 49 65 52 42 EE 98 B9 [Binary data over 200 bytes]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Microsoft\RepService]
"i" = 71ADA985-B48C-4DAA-8213-08D4027839E4 [binary data]

[color=#A23BEC]< HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]
"NoDriveTypeAutoRun" = 255
"NoThumbnailCache" = 1
"DisableThumbnailsOnNetworkFolders" = 1

[color=#A23BEC]< HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\ACE Compression Software]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AMD]

[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]

[HKEY_LOCAL_MACHINE\Software\Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\ASIO]

[HKEY_LOCAL_MACHINE\Software\ATI]

[HKEY_LOCAL_MACHINE\Software\ATI Technologies]

[HKEY_LOCAL_MACHINE\Software\AVAST Software]

[HKEY_LOCAL_MACHINE\Software\AVS4YOU]

[HKEY_LOCAL_MACHINE\Software\BandiMPEG1]

[HKEY_LOCAL_MACHINE\Software\BANDISOFT]

[HKEY_LOCAL_MACHINE\Software\Cakewalk Music Software]

[HKEY_LOCAL_MACHINE\Software\CDDB]

[HKEY_LOCAL_MACHINE\Software\DAMN]

[HKEY_LOCAL_MACHINE\Software\EasyBoot Systems]

[HKEY_LOCAL_MACHINE\Software\EDIROL]

[HKEY_LOCAL_MACHINE\Software\Elaborate Bytes]

[HKEY_LOCAL_MACHINE\Software\GNU]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\GPL Ghostscript]

[HKEY_LOCAL_MACHINE\Software\Icaros]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\JreMetrics]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\Kingsoft]

[HKEY_LOCAL_MACHINE\Software\KLCodecPack]

[HKEY_LOCAL_MACHINE\Software\LAV]

[HKEY_LOCAL_MACHINE\Software\LDSGameCenter]

[HKEY_LOCAL_MACHINE\Software\ldssrv]

[HKEY_LOCAL_MACHINE\Software\LG Electronics]

[HKEY_LOCAL_MACHINE\Software\Licenses]

[HKEY_LOCAL_MACHINE\Software\Line 6]

[HKEY_LOCAL_MACHINE\Software\logishrd]

[HKEY_LOCAL_MACHINE\Software\Logitech]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\MAGIX]

[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\MimarSinan]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugin]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\MSI]

[HKEY_LOCAL_MACHINE\Software\Native Instruments]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Oracle]

[HKEY_LOCAL_MACHINE\Software\Pocket Soft]

[HKEY_LOCAL_MACHINE\Software\PocketSoft]

[HKEY_LOCAL_MACHINE\Software\QiLu Inc.]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Secunia]

[HKEY_LOCAL_MACHINE\Software\Sensible Vision]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\Sony Creative Software]

[HKEY_LOCAL_MACHINE\Software\Sony Media Software]

[HKEY_LOCAL_MACHINE\Software\SymNRT]

[HKEY_LOCAL_MACHINE\Software\TeamViewer]

[HKEY_LOCAL_MACHINE\Software\TuxGuitar]

[HKEY_LOCAL_MACHINE\Software\VideoLAN]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\WafCX]

[HKEY_LOCAL_MACHINE\Software\Wondershare]

[HKEY_LOCAL_MACHINE\Software\Yahoo]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< HKCU\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< HKLM\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /s >[/color]
"NoActiveDesktop" = 1
"NoActiveDesktopChanges" = 1
"ForceActiveDesktopOn" = 0

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /s >[/color]
"ConsentPromptBehaviorAdmin" = 0
"ConsentPromptBehaviorUser" = 3
"EnableInstallerDetection" = 1
"EnableLUA" = 0
"EnableSecureUIAPaths" = 1
"EnableUIADesktopToggle" = 0
"EnableVirtualization" = 1
"PromptOnSecureDesktop" = 0
"ValidateAdminCodeSignatures" = 0
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"scforceoption" = 0
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"FilterAdministratorToken" = 0
"DisableStartupSound" = 1
"DisableStatusMessages" = 1
"VerboseStatus" = 0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT" = 1
"CF_BITMAP" = 2
"CF_OEMTEXT" = 7
"CF_DIB" = 8
"CF_PALETTE" = 9
"CF_UNICODETEXT" = 13
"CF_DIBV5" = 17

[color=#A23BEC]< HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /s >[/color]

[color=#A23BEC]< HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s >[/color]
"ProcessBlocker" = C:\Program Files\Softros Systems\Process Blocker\HelperLib.dll -- [2015/07/23 15:26:08 | 000,114,176 | ---- | M] (Softros Systems, inc.)
"ProcessBlocker86" = C:\Program Files\Softros Systems\Process Blocker\HelperLib86.dll -- [2015/07/23 15:26:10 | 000,095,744 | ---- | M] (Softros Systems, inc.)

[color=#A23BEC]< %Homedrive%\* >[/color]
[2016/09/12 12:53:44 | 000,014,960 | ---- | M] () -- C:\AdsFix_12_09_2016_13_53_55.txt
[2016/09/08 23:14:36 | 000,001,024 | -H-- | M] () -- C:\AMTAG.BIN
[2016/07/11 11:40:32 | 000,013,361 | ---- | M] () -- C:\app_updater.log
[2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2016/09/09 08:32:08 | 001,263,710 | ---- | M] () -- C:\BESR2010PatchLog.txt
[2016/09/25 21:38:17 | 000,399,860 | RHS- | M] () -- C:\bootmgr
[2016/09/08 17:05:09 | 000,008,192 | -HS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2016/09/10 21:18:33 | 000,001,456 | ---- | M] () -- C:\DelFix.txt
[2016/09/08 16:30:04 | 000,203,308 | -HS- | M] () -- C:\grldr
[2016/03/20 10:23:10 | 000,203,308 | ---- | M] () -- C:\grldr.bak
[2014/12/23 18:16:00 | 000,000,000 | -HS- | M] () -- C:\IO.SYS
[2014/12/23 18:16:00 | 000,000,000 | -HS- | M] () -- C:\MSDOS.SYS
[2016/09/08 16:53:32 | 000,000,189 | ---- | M] () -- C:\mylog.log
[2016/12/04 01:11:59 | 000,453,796 | ---- | M] () -- C:\QuickDiag_04_12_2016_01_12_04.txt
[2016/11/07 14:18:25 | 000,434,454 | ---- | M] () -- C:\QuickDiag_07_11_2016_14_18_29.txt
[2016/09/17 10:47:31 | 000,211,224 | ---- | M] () -- C:\QuickDiag_17_09_2016_11_47_35.txt
[2016/09/27 22:55:01 | 000,212,681 | ---- | M] () -- C:\QuickDiag_27_09_2016_23_55_04.txt
[2016/09/29 23:30:28 | 000,214,565 | ---- | M] () -- C:\QuickDiag_30_09_2016_00_30_31.txt
[2016/09/25 18:14:50 | 000,001,122 | ---- | M] () -- C:\Reset.cmd
[2016/11/26 10:27:53 | 000,000,697 | ---- | M] () -- C:\Seaf guitar.bruno 261116.txt
[2016/12/20 22:00:22 | 000,000,624 | ---- | M] () -- C:\SeafLog.txt
[2016/11/23 18:45:58 | 000,006,388 | ---- | M] () -- C:\TDSSKiller.3.1.0.12_23.11.2016_18.45.35_log.txt
[2016/11/23 18:50:24 | 000,578,362 | ---- | M] () -- C:\TDSSKiller.3.1.0.12_23.11.2016_18.47.07_log.txt
[2016/11/23 19:01:20 | 000,006,388 | ---- | M] () -- C:\TDSSKiller.3.1.0.12_23.11.2016_19.01.06_log.txt
[2016/11/23 19:06:29 | 001,201,902 | ---- | M] () -- C:\TDSSKiller.3.1.0.12_23.11.2016_19.02.31_log.txt
[2016/11/23 20:10:28 | 000,186,358 | ---- | M] () -- C:\TDSSKiller.3.1.0.12_23.11.2016_20.09.47_log.txt
[2016/11/23 20:11:48 | 000,735,178 | ---- | M] () -- C:\TDSSKiller.3.1.0.12_23.11.2016_20.10.33_log.txt
[2016/09/07 23:31:13 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2016/03/20 10:24:01 | 000,000,003 | -HS- | M] () -- C:\win7ldr
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2016/10/26 08:48:14 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2016/11/13 23:57:37 | 000,000,000 | ---D | M] -- C:\@RestoreQuarantine
[2016/10/10 09:27:17 | 000,000,000 | ---D | M] -- C:\AdsFix
[2016/11/05 13:49:28 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2016/11/05 14:00:55 | 000,000,000 | ---D | M] -- C:\AMD
[2016/10/12 08:14:33 | 000,000,000 | -HSD | M] -- C:\Boot
[2016/12/27 12:26:51 | 000,000,000 | ---D | M] -- C:\Cakewalk Projects
[2016/12/14 10:01:54 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2015/01/10 23:11:44 | 000,000,000 | ---D | M] -- C:\Drivers
[2016/07/31 10:04:27 | 000,000,000 | ---D | M] -- C:\FFOutput
[2016/09/09 09:42:06 | 000,000,000 | ---D | M] -- C:\Intel
[2016/10/10 08:53:11 | 000,000,000 | -HSD | M] -- C:\KRECYCLE
[2016/06/21 11:18:04 | 000,000,000 | ---D | M] -- C:\LGMobileUpgrade
[2016/10/10 09:00:27 | 000,000,000 | ---D | M] -- C:\LGP500
[2016/10/10 09:00:27 | 000,000,000 | ---D | M] -- C:\LGP700
[2016/03/09 16:07:26 | 000,000,000 | -H-D | M] -- C:\MSOCache
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2016/12/28 20:09:58 | 000,000,000 | ---D | M] -- C:\Program Files
[2016/12/14 15:17:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2016/12/28 20:11:13 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2016/12/28 19:27:40 | 000,000,000 | ---D | M] -- C:\QuickDiag
[2016/09/08 16:22:05 | 000,000,000 | -HSD | M] -- C:\Recovery
[2016/03/12 11:38:08 | 000,000,000 | -H-D | M] -- C:\Rollback
[2016/07/01 11:08:48 | 000,000,000 | ---D | M] -- C:\Spacekace
[2015/01/10 23:40:52 | 000,000,000 | ---D | M] -- C:\SWTOOLS
[2016/12/28 23:28:48 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2016/11/23 19:06:19 | 000,000,000 | ---D | M] -- C:\TDSSKiller_Quarantine
[2016/09/12 11:47:03 | 000,000,000 | -H-D | M] -- C:\Temp
[2016/09/08 16:22:20 | 000,000,000 | ---D | M] -- C:\Users
[2014/12/23 18:22:33 | 000,000,000 | -H-D | M] -- C:\VProRecovery
[2016/10/12 11:11:59 | 000,000,000 | ---D | M] -- C:\VueScan
[2016/12/18 15:48:31 | 000,000,000 | --SD | M] -- C:\Windows

[color=#A23BEC]< %Homedrive%\Recycler\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\Recycler\*.vb* /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.exe /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.scr /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.pif /s >[/color]

[color=#A23BEC]< %Homedrive%\$Recycle.bin\*.vb* /s >[/color]

[color=#A23BEC]< %Userprofile%\* >[/color]
[2016/12/28 23:30:26 | 002,621,440 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat
[2016/12/28 23:30:26 | 000,262,144 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat.LOG1
[2016/09/08 16:22:21 | 000,000,000 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat.LOG2
[2016/09/08 16:30:21 | 000,065,536 | -HS- | M] () -- C:\Users\Bruno\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2016/09/08 16:30:21 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2016/09/08 16:30:21 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2016/10/10 08:59:01 | 000,065,536 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat{6033665b-8eb9-11e6-92c3-d8cb8aea4dfd}.TM.blf
[2016/10/10 08:59:01 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat{6033665b-8eb9-11e6-92c3-d8cb8aea4dfd}.TMContainer00000000000000000001.regtrans-ms
[2016/10/10 08:59:01 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat{6033665b-8eb9-11e6-92c3-d8cb8aea4dfd}.TMContainer00000000000000000002.regtrans-ms
[2016/10/10 11:05:17 | 000,065,536 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat{6bd7b5a9-8ebe-11e6-82d3-d8cb8aea4dfd}.TM.blf
[2016/10/10 11:05:17 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat{6bd7b5a9-8ebe-11e6-82d3-d8cb8aea4dfd}.TMContainer00000000000000000001.regtrans-ms
[2016/10/10 11:05:17 | 000,524,288 | -HS- | M] () -- C:\Users\Bruno\ntuser.dat{6bd7b5a9-8ebe-11e6-82d3-d8cb8aea4dfd}.TMContainer00000000000000000002.regtrans-ms
[2016/09/08 16:22:21 | 000,000,020 | -HS- | M] () -- C:\Users\Bruno\ntuser.ini

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2016/10/10 22:26:03 | 000,000,000 | ---D | M] -- C:\Users\Bruno\.oracle_jre_usage
[2016/10/10 22:26:04 | 000,000,000 | ---D | M] -- C:\Users\Bruno\.swt
[2016/10/10 22:26:04 | 000,000,000 | ---D | M] -- C:\Users\Bruno\.tuxguitar-1.3.2
[2016/10/17 10:29:59 | 000,000,000 | -H-D | M] -- C:\Users\Bruno\AppData
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Application Data
[2016/10/12 08:15:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Contacts
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Cookies
[2016/12/28 23:25:44 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Desktop
[2016/12/27 15:17:58 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Documents
[2016/12/28 23:25:44 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Downloads
[2016/10/12 08:15:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Favorites
[2016/12/03 20:43:25 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Intel
[2016/10/12 08:15:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Links
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Local Settings
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Menu Démarrer
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Mes documents
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Modèles
[2016/10/12 08:15:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Music
[2016/12/18 15:34:25 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Pictures
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Recent
[2016/10/20 21:22:46 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Saved Games
[2016/10/12 08:15:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Searches
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\SendTo
[2016/09/10 18:47:53 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Start Menu
[2016/10/05 22:44:53 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Tracing
[2016/10/15 21:07:13 | 000,000,000 | ---D | M] -- C:\Users\Bruno\Videos
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Voisinage d'impression
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\Voisinage réseau

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2016/10/11 23:37:14 | 000,000,016 | ---- | M] () -- C:\ProgramData\mntemp

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2016/10/10 09:05:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2016/12/12 19:20:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2016/12/12 19:20:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2016/09/12 09:10:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Auslogics
[2016/10/10 09:05:36 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2016/09/10 10:41:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Avg
[2016/09/16 15:00:32 | 000,000,000 | ---D | M] -- C:\ProgramData\AVS4YOU
[2016/09/08 16:22:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2016/10/10 09:05:40 | 000,000,000 | ---D | M] -- C:\ProgramData\Cakewalk
[2016/09/08 17:16:07 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2016/10/11 21:12:39 | 000,000,000 | ---D | M] -- C:\ProgramData\DriversCloud.com
[2016/09/08 16:22:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2016/10/17 09:15:39 | 000,000,000 | ---D | M] -- C:\ProgramData\GridinSoft
[2016/09/12 16:42:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Guitar Pro 6
[2016/09/08 17:23:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Identities
[2016/12/03 20:44:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2016/10/10 09:05:41 | 000,000,000 | ---D | M] -- C:\ProgramData\kingsoft
[2016/11/27 19:32:19 | 000,000,000 | ---D | M] -- C:\ProgramData\LGMOBILEAX
[2016/10/26 08:48:10 | 000,000,000 | ---D | M] -- C:\ProgramData\LHService
[2016/10/10 09:27:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Line 6
[2016/10/26 08:47:13 | 000,000,000 | ---D | M] -- C:\ProgramData\LockHunter
[2016/10/10 09:05:42 | 000,000,000 | ---D | M] -- C:\ProgramData\LogiShrd
[2016/10/11 22:52:10 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2016/10/10 09:05:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2016/09/08 16:22:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2016/11/08 16:23:20 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2016/10/10 09:27:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2016/09/08 16:22:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2016/10/10 09:27:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Native Instruments
[2016/10/21 10:43:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2016/11/13 23:45:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2016/10/10 09:06:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Psicraft
[2016/11/22 22:57:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2016/10/12 09:09:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Sony
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2016/12/16 10:41:44 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2016/10/12 09:05:39 | 000,000,000 | ---D | M] -- C:\ProgramData\VEGAS
[2016/10/11 22:52:38 | 000,000,000 | ---D | M] -- C:\ProgramData\VEGAS Pro

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2016/09/10 13:06:01 | 000,084,742 | ---- | M] () -- C:\Users\Bruno\AppData\Local\ars.cache
[2016/09/10 13:06:04 | 000,178,359 | ---- | M] () -- C:\Users\Bruno\AppData\Local\census.cache
[2016/12/27 12:37:58 | 000,011,264 | ---- | M] () -- C:\Users\Bruno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2016/12/16 12:22:29 | 000,064,552 | ---- | M] () -- C:\Users\Bruno\AppData\Local\GDIPFONTCACHEV1.DAT
[2016/09/10 12:52:36 | 000,000,036 | ---- | M] () -- C:\Users\Bruno\AppData\Local\housecall.guid.cache
[2016/12/28 00:58:53 | 004,461,222 | -H-- | M] () -- C:\Users\Bruno\AppData\Local\IconCache.db

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2016/12/21 18:14:36 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Adobe
[2016/12/12 19:20:22 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Apple
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\AppData\Local\Application Data
[2016/10/10 09:06:05 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Apps
[2016/09/08 21:11:31 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\CEF
[2016/10/17 18:30:31 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\CutePDF Writer
[2016/09/10 17:47:58 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Deployment
[2016/10/11 22:19:22 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Diagnostics
[2016/10/10 09:06:05 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\fontconfig
[2016/10/10 09:06:05 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Google
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\AppData\Local\Historique
[2016/10/19 10:23:05 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\IIIQF
[2016/10/10 09:27:47 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Intel
[2016/10/10 09:06:08 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Logitech® Webcam Software
[2016/09/28 21:34:42 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Macromedia
[2016/10/10 09:06:09 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Microsoft
[2016/10/20 22:53:59 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Microsoft Games
[2016/09/08 19:40:27 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Microsoft Help
[2016/10/11 23:37:56 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Movavi
[2016/10/10 09:06:15 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Mozilla
[2016/09/08 17:32:12 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Native Instruments
[2016/11/13 23:44:16 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Power Tab
[2016/09/08 16:39:38 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Programs
[2016/10/11 22:52:30 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Sony
[2016/12/28 23:25:31 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Temp
[2016/09/08 16:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Bruno\AppData\Local\Temporary Internet Files
[2016/10/11 22:49:56 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\VEGAS
[2016/10/11 22:52:29 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\VEGAS Pro
[2016/10/11 23:37:56 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\VideoEditor
[2016/10/11 21:38:10 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\VirtualStore
[2016/09/25 19:35:29 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\WindowsUpdate
[2016/10/12 00:04:06 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Local\Wondershare

[color=#A23BEC]< %AppData%\* >[/color]

[color=#A23BEC]< %AppData%\*. >[/color]
[2016/12/21 15:08:15 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\AdAnti
[2016/10/10 09:06:16 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Adobe
[2016/09/13 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\AMD
[2016/12/13 10:48:26 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Apple Computer
[2016/09/08 19:15:49 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Auslogics
[2016/10/17 10:31:06 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\AVAST Software
[2016/10/10 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\BANDISOFT
[2016/11/30 12:13:15 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Cakewalk
[2016/12/28 19:33:05 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\dvdcss
[2016/09/19 09:54:30 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Guitar Pro 6
[2016/09/08 16:23:04 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Identities
[2016/12/03 20:44:38 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Intel Corporation
[2016/09/08 18:28:59 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Leadertech
[2016/10/10 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Line 6
[2016/10/26 08:40:50 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\LockHunter
[2016/09/28 21:34:42 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Macromedia
[2016/10/11 22:52:31 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\MAGIX
[2009/07/14 16:35:02 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Media Center Programs
[2016/11/05 17:54:53 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Microsoft
[2016/10/17 10:35:03 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Mozilla
[2016/09/10 10:40:37 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Profiles
[2016/09/13 19:10:59 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Publish Providers
[2016/12/10 15:32:26 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Skype
[2016/10/12 09:08:59 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Sony
[2016/10/10 21:51:37 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\Sun
[2016/10/21 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\TeamViewer
[2016/10/11 23:01:37 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\VEGAS
[2016/10/11 22:52:29 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\VEGAS Pro
[2016/12/28 20:08:42 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\vlc
[2016/10/10 09:06:23 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\VS Revo Group
[2016/12/17 01:14:44 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\WinRAR
[2016/10/10 09:27:48 | 000,000,000 | ---D | M] -- C:\Users\Bruno\AppData\Roaming\ZHP

[color=#A23BEC]< %Userprofile%\Local Settings\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\*. >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave\FlashWritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave\FlashWritableRoot\#SharedObjects\*. >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave FlashWritableRoot\#SharedObjects\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave FlashWritableRoot\#SharedObjects\*. >[/color]

[color=#A23BEC]< %programFiles%\* >[/color]
[2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2016/10/29 10:02:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acro Software
[2016/10/10 09:00:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2016/12/12 19:20:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2016/10/10 09:00:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Auslogics
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bandicam
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BandiMPEG1
[2016/10/10 09:00:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cakewalk
[2016/12/12 19:20:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2016/10/10 09:27:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAMN NFO Viewer
[2016/10/10 09:01:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Elaborate Bytes
[2016/10/10 09:27:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FormatFactory
[2016/09/10 20:34:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2016/10/10 09:27:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GPLGS
[2016/10/10 09:27:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Guitar Pro 6
[2016/10/13 08:52:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2016/12/03 20:42:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2016/10/10 09:27:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel Driver Update Utility
[2016/12/14 10:04:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2016/10/10 09:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\K-Lite Codec Pack
[2016/12/28 20:11:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KaraFun Player 2
[2016/10/10 08:36:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\kingsoft
[2016/10/11 15:16:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lavalys
[2016/10/10 09:02:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LG Electronics
[2016/10/10 09:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Line6
[2016/10/10 09:27:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Logitech
[2016/10/10 09:27:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/10/10 09:27:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2016/10/10 09:27:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2016/10/10 09:27:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2016/10/11 22:26:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2016/12/14 15:17:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2016/12/14 17:17:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2016/10/10 09:02:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2016/10/10 09:02:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSI
[2016/09/26 08:45:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2016/10/10 09:02:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Psicraft
[2016/12/12 19:20:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2016/10/10 09:02:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2016/10/10 09:02:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2016/10/10 09:27:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SEAF
[2016/09/26 22:15:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Secunia
[2016/10/10 09:27:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Security Task Manager
[2016/11/22 22:57:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Skype
[2016/10/11 20:58:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony
[2016/10/10 09:27:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Transcribe!
[2016/10/10 22:16:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\tuxguitar-1.3.2
[2016/10/30 21:40:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UltraISO
[2016/12/05 14:17:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UnHackMe
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2016/10/28 22:05:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\vanBasco's Karaoke Player
[2016/10/10 09:03:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2016/10/10 09:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2016/10/10 09:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2016/10/12 08:11:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2016/10/10 09:03:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2016/10/10 09:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2016/09/09 20:08:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2016/10/10 09:03:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Resource Kits
[2016/10/10 09:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2016/12/17 10:25:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

[color=#A23BEC]< %programfiles%\Google\Desktop\*. >[/color]

[color=#A23BEC]< %ProgramFiles%\Common Files\* >[/color]

[color=#A23BEC]< %ProgramFiles%\Common Files\*. >[/color]
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe
[2016/12/12 19:20:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Apple
[2016/09/18 12:57:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AV
[2016/09/16 23:50:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AVSMedia
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\DESIGNER
[2016/09/08 17:30:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Digidesign
[2016/10/30 21:40:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\EZB Systems
[2016/12/03 20:49:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2016/10/21 10:39:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Java
[2016/10/10 09:00:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Kingsoft
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\LogiShrd
[2016/10/10 09:27:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\microsoft shared
[2016/09/08 20:40:55 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\nsklog
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Services
[2016/10/17 18:42:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Skype
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2016/10/10 09:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\System

[color=#A23BEC]< %ProgramFiles(X86)%\Common Files\* >[/color]

[color=#A23BEC]< %ProgramFiles(X86)%\Common Files\*. >[/color]
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe
[2016/12/12 19:20:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Apple
[2016/09/18 12:57:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AV
[2016/09/16 23:50:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AVSMedia
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\DESIGNER
[2016/09/08 17:30:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Digidesign
[2016/10/30 21:40:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\EZB Systems
[2016/12/03 20:49:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2016/10/21 10:39:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Java
[2016/10/10 09:00:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Kingsoft
[2016/10/10 09:27:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\LogiShrd
[2016/10/10 09:27:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\microsoft shared
[2016/09/08 20:40:55 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\nsklog
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Services
[2016/10/17 18:42:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Skype
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2016/10/10 09:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\System

[color=#A23BEC]< %Systemroot%\Installer\* >[/color]
[2012/07/25 15:57:06 | 003,157,504 | ---- | M] () -- C:\Windows\Installer\11638d6.msp
[2011/11/01 12:34:58 | 004,225,536 | ---- | M] () -- C:\Windows\Installer\11638ed.msp
[2015/07/14 14:00:26 | 004,939,776 | ---- | M] () -- C:\Windows\Installer\1163904.msp
[2011/04/16 07:44:26 | 002,770,944 | ---- | M] () -- C:\Windows\Installer\11693df.msi
[2016/09/08 17:28:16 | 000,304,128 | ---- | M] () -- C:\Windows\Installer\16a62d.msi
[2016/09/08 17:28:22 | 000,330,752 | ---- | M] () -- C:\Windows\Installer\16a65c.msi
[2016/09/08 17:28:31 | 000,286,720 | ---- | M] () -- C:\Windows\Installer\16a664.msi
[2016/09/08 17:29:09 | 000,286,720 | ---- | M] () -- C:\Windows\Installer\16a66c.msi
[2016/09/08 17:29:49 | 000,286,720 | ---- | M] () -- C:\Windows\Installer\16a674.msi
[2016/09/08 17:30:28 | 001,154,048 | ---- | M] () -- C:\Windows\Installer\16adac.msi
[2015/12/08 15:03:34 | 021,402,624 | ---- | M] () -- C:\Windows\Installer\1d7317d.msi
[2015/12/08 16:43:26 | 002,323,456 | ---- | M] () -- C:\Windows\Installer\1d73186.msi
[2015/12/15 15:18:36 | 028,397,568 | ---- | M] () -- C:\Windows\Installer\1d7318a.msi
[2013/01/23 17:05:40 | 009,765,376 | ---- | M] () -- C:\Windows\Installer\2334bf.msp
[2013/11/01 17:17:42 | 005,009,920 | ---- | M] () -- C:\Windows\Installer\2334d7.msp
[2011/09/15 17:39:56 | 015,017,984 | ---- | M] () -- C:\Windows\Installer\2334e1.msp
[2011/09/15 17:40:24 | 033,243,648 | ---- | M] () -- C:\Windows\Installer\233504.msp
[2011/09/15 17:34:54 | 428,804,608 | ---- | M] () -- C:\Windows\Installer\23360b.msp
[2011/09/15 17:34:14 | 008,499,712 | ---- | M] () -- C:\Windows\Installer\23361c.msp
[2011/09/15 17:35:04 | 001,833,984 | ---- | M] () -- C:\Windows\Installer\233629.msp
[2011/09/15 17:37:06 | 014,140,416 | ---- | M] () -- C:\Windows\Installer\233636.msp
[2011/09/15 17:38:04 | 010,838,528 | ---- | M] () -- C:\Windows\Installer\233643.msp
[2011/09/15 17:39:22 | 011,163,136 | ---- | M] () -- C:\Windows\Installer\233650.msp
[2011/09/15 17:40:36 | 007,959,552 | ---- | M] () -- C:\Windows\Installer\23365b.msp
[2011/09/15 17:40:52 | 004,760,064 | ---- | M] () -- C:\Windows\Installer\233668.msp
[2009/04/14 03:56:48 | 010,826,752 | ---- | M] () -- C:\Windows\Installer\233673.msp
[2009/02/25 18:08:18 | 008,311,808 | ---- | M] () -- C:\Windows\Installer\23368a.msp
[2016/07/11 19:29:16 | 000,038,912 | ---- | M] () -- C:\Windows\Installer\233769.msi
[2016/09/25 22:34:38 | 053,339,648 | ---- | M] () -- C:\Windows\Installer\233774.msp
[2016/07/21 04:18:58 | 011,169,792 | ---- | M] () -- C:\Windows\Installer\2523c48.msp
[2012/09/25 11:39:54 | 001,794,560 | ---- | M] () -- C:\Windows\Installer\2523c56.msp
[2012/09/25 11:38:52 | 011,885,568 | ---- | M] () -- C:\Windows\Installer\2523c87.msp
[2013/05/08 20:36:50 | 010,943,488 | ---- | M] () -- C:\Windows\Installer\2523cad.msp
[2012/02/17 07:45:24 | 002,299,392 | ---- | M] () -- C:\Windows\Installer\2523cc4.msp
[2014/11/19 07:45:32 | 011,059,200 | ---- | M] () -- C:\Windows\Installer\2523cdc.msp
[2012/03/15 01:24:28 | 001,795,584 | ---- | M] () -- C:\Windows\Installer\2523cf4.msp
[2015/01/14 21:35:04 | 010,158,080 | ---- | M] () -- C:\Windows\Installer\2523d0b.msp
[2014/04/16 07:41:38 | 007,844,864 | ---- | M] () -- C:\Windows\Installer\2523d2c.msp
[2012/07/18 14:46:48 | 000,593,408 | ---- | M] () -- C:\Windows\Installer\2523d43.msp
[2011/11/01 12:34:26 | 001,169,920 | ---- | M] () -- C:\Windows\Installer\2523d5a.msp
[2013/11/01 17:15:08 | 006,185,472 | ---- | M] () -- C:\Windows\Installer\2523d72.msp
[2014/04/16 07:40:26 | 007,900,672 | ---- | M] () -- C:\Windows\Installer\2523d8a.msp
[2016/04/14 07:01:50 | 005,959,680 | ---- | M] () -- C:\Windows\Installer\2523da2.msp
[2011/01/15 08:46:32 | 002,049,536 | ---- | M] () -- C:\Windows\Installer\2523dac.msi
[2015/03/18 03:08:56 | 009,019,392 | ---- | M] () -- C:\Windows\Installer\2523dc2.msp
[2015/06/20 02:57:20 | 013,508,608 | ---- | M] () -- C:\Windows\Installer\2523dda.msp
[2016/08/16 23:18:52 | 013,074,432 | ---- | M] () -- C:\Windows\Installer\2523dfb.msp
[2016/06/29 02:24:56 | 009,805,824 | ---- | M] () -- C:\Windows\Installer\2523e13.msp
[2016/08/16 23:15:28 | 009,695,232 | ---- | M] () -- C:\Windows\Installer\2523e2b.msp
[2016/02/10 10:39:52 | 002,584,576 | ---- | M] () -- C:\Windows\Installer\2523e45.msp
[2016/04/14 07:00:42 | 011,554,816 | ---- | M] () -- C:\Windows\Installer\2523e5d.msp
[2015/11/11 21:32:34 | 008,818,688 | ---- | M] () -- C:\Windows\Installer\2523e75.msp
[2015/07/22 08:07:40 | 005,079,040 | ---- | M] () -- C:\Windows\Installer\2523e8d.msp
[2016/08/16 23:15:52 | 016,412,672 | ---- | M] () -- C:\Windows\Installer\2523ea5.msp
[2012/12/19 21:36:38 | 013,662,720 | ---- | M] () -- C:\Windows\Installer\2523ebd.msp
[2016/08/16 23:18:00 | 010,465,280 | ---- | M] () -- C:\Windows\Installer\2523ed5.msp
[2016/05/19 03:14:28 | 004,030,464 | ---- | M] () -- C:\Windows\Installer\2523eee.msp
[2015/07/22 08:10:44 | 010,031,104 | ---- | M] () -- C:\Windows\Installer\2523efa.msp
[2016/07/13 00:04:54 | 001,126,400 | ---- | M] () -- C:\Windows\Installer\2523f1c.msp
[2014/05/16 04:08:36 | 008,179,200 | ---- | M] () -- C:\Windows\Installer\2523f34.msp
[2015/12/10 10:57:36 | 024,256,512 | ---- | M] () -- C:\Windows\Installer\2523f52.msp
[2016/07/21 04:24:44 | 004,337,664 | ---- | M] () -- C:\Windows\Installer\2523f69.msp
[2016/11/22 22:56:53 | 043,524,096 | ---- | M] () -- C:\Windows\Installer\2983bca.msi
[2009/05/07 08:04:18 | 010,289,664 | ---- | M] () -- C:\Windows\Installer\2d484f.msp
[2009/04/14 02:46:40 | 007,391,744 | ---- | M] () -- C:\Windows\Installer\2d485a.msp
[2016/07/13 00:06:16 | 004,984,832 | ---- | M] () -- C:\Windows\Installer\2d4c2a.msp
[2009/04/14 03:22:04 | 007,532,544 | ---- | M] () -- C:\Windows\Installer\2d4c3e.msp
[2014/04/10 16:27:19 | 005,423,104 | ---- | M] () -- C:\Windows\Installer\2ff63b.msi
[2016/10/12 09:08:59 | 000,634,880 | ---- | M] () -- C:\Windows\Installer\2ff646.msi
[2016/07/14 23:38:16 | 001,605,632 | ---- | M] () -- C:\Windows\Installer\311012.msi
[2016/10/10 13:37:48 | 007,573,504 | ---- | M] () -- C:\Windows\Installer\32cbc.msi
[2010/12/27 21:15:53 | 002,358,784 | ---- | M] () -- C:\Windows\Installer\333b24.msi
[2015/07/14 12:51:48 | 000,778,240 | ---- | M] () -- C:\Windows\Installer\38913.msi
[2016/09/08 16:55:57 | 000,025,600 | ---- | M] () -- C:\Windows\Installer\39b1d.msi
[2013/04/03 22:14:43 | 003,059,712 | ---- | M] () -- C:\Windows\Installer\3d4002.msi
[2016/09/11 13:55:08 | 006,541,312 | ---- | M] () -- C:\Windows\Installer\42bb4.msi
[2016/09/25 18:11:33 | 000,379,392 | ---- | M] () -- C:\Windows\Installer\431133.msi
[2012/09/27 00:34:20 | 001,691,648 | ---- | M] () -- C:\Windows\Installer\516a47.msi
[2012/09/13 08:41:18 | 012,635,648 | ---- | M] () -- C:\Windows\Installer\516a4f.msi
[2012/09/13 08:41:16 | 000,734,720 | ---- | M] () -- C:\Windows\Installer\516a57.msi
[2012/09/27 00:46:08 | 000,889,344 | ---- | M] () -- C:\Windows\Installer\516a5f.msi
[2012/07/23 23:15:18 | 000,487,936 | ---- | M] () -- C:\Windows\Installer\516a67.msi
[2012/09/26 23:19:08 | 001,406,976 | ---- | M] () -- C:\Windows\Installer\516a6f.msi
[2012/09/27 00:36:58 | 001,686,528 | ---- | M] () -- C:\Windows\Installer\516a77.msi
[2012/09/13 08:41:22 | 004,807,680 | ---- | M] () -- C:\Windows\Installer\516a7f.msi
[2011/07/27 03:51:16 | 000,468,992 | ---- | M] () -- C:\Windows\Installer\516a87.msi
[2011/06/13 04:26:48 | 000,119,296 | ---- | M] () -- C:\Windows\Installer\516a8f.msi
[2011/11/11 23:14:28 | 000,379,904 | ---- | M] () -- C:\Windows\Installer\516a97.msi
[2015/03/17 09:41:29 | 002,805,760 | ---- | M] () -- C:\Windows\Installer\520f9.msi
[2016/06/30 14:28:39 | 071,077,888 | ---- | M] () -- C:\Windows\Installer\520fa.msp
[2015/01/08 22:56:33 | 003,026,944 | ---- | M] () -- C:\Windows\Installer\6ffa7e.msi
[2016/09/10 10:07:29 | 000,081,920 | ---- | M] () -- C:\Windows\Installer\6ffa94.msi
[2016/10/21 10:38:41 | 031,068,160 | ---- | M] () -- C:\Windows\Installer\7e3379.msi
[2016/10/21 10:38:41 | 000,761,856 | ---- | M] () -- C:\Windows\Installer\7e338c.msi
[2008/09/30 20:07:10 | 006,042,112 | ---- | M] () -- C:\Windows\Installer\a0131.msi
[2009/07/20 23:29:14 | 006,057,984 | ---- | M] () -- C:\Windows\Installer\a013b.msi
[2015/09/22 17:20:46 | 004,911,104 | ---- | M] () -- C:\Windows\Installer\ae429.msi
[2016/02/12 15:29:16 | 003,092,480 | ---- | M] () -- C:\Windows\Installer\af7bbf.msi
[2016/09/13 22:48:10 | 006,299,648 | ---- | M] () -- C:\Windows\Installer\afd5e.msi
[2016/08/11 10:11:02 | 001,060,864 | ---- | M] () -- C:\Windows\Installer\b89a1.msi
[2016/08/11 10:11:30 | 005,042,176 | ---- | M] () -- C:\Windows\Installer\b89aa.msi
[2016/08/02 12:49:06 | 001,511,424 | ---- | M] () -- C:\Windows\Installer\bc3b3.msp
[2012/07/26 21:01:48 | 000,151,552 | ---- | M] () -- C:\Windows\Installer\c11e3.msi
[2012/07/26 21:05:02 | 000,155,648 | ---- | M] () -- C:\Windows\Installer\c11ec.msi
[2012/07/26 20:58:40 | 000,155,648 | ---- | M] () -- C:\Windows\Installer\c11f5.msi
[2012/07/26 21:09:22 | 000,155,648 | ---- | M] () -- C:\Windows\Installer\c11fe.msi
[2016/09/28 15:59:24 | 010,656,768 | ---- | M] () -- C:\Windows\Installer\c126d.msi
[2015/06/25 23:59:22 | 000,147,456 | ---- | M] () -- C:\Windows\Installer\c7f735.msi
[2015/06/25 23:59:42 | 000,143,360 | ---- | M] () -- C:\Windows\Installer\c7f73e.msi
[2016/12/01 01:51:30 | 001,978,368 | ---- | M] () -- C:\Windows\Installer\cf1aa.msp
[2016/10/13 19:40:57 | 000,873,472 | ---- | M] () -- C:\Windows\Installer\d11a7.msi
[2016/10/10 08:29:03 | 036,499,456 | ---- | M] () -- C:\Windows\Installer\d124e.msp
[2016/11/03 08:25:06 | 001,642,496 | ---- | M] () -- C:\Windows\Installer\de89c4.msp
[2016/09/08 19:39:56 | 002,419,200 | ---- | M] () -- C:\Windows\Installer\fb0a0.msi
[2016/09/08 19:39:57 | 001,755,136 | ---- | M] () -- C:\Windows\Installer\fb0a8.msi
[2016/09/08 19:39:58 | 002,029,056 | ---- | M] () -- C:\Windows\Installer\fb0b1.msi
[2016/09/08 19:39:58 | 001,647,104 | ---- | M] () -- C:\Windows\Installer\fb0b9.msi
[2016/09/08 19:40:01 | 002,368,000 | ---- | M] () -- C:\Windows\Installer\fb0c1.msi
[2016/09/08 19:40:02 | 000,506,880 | ---- | M] () -- C:\Windows\Installer\fb0c9.msi
[2016/09/08 19:40:04 | 000,506,368 | ---- | M] () -- C:\Windows\Installer\fb0d1.msi
[2016/09/08 19:40:03 | 000,515,072 | ---- | M] () -- C:\Windows\Installer\fb0d9.msi
[2016/09/08 19:40:03 | 000,514,048 | ---- | M] () -- C:\Windows\Installer\fb0e1.msi
[2016/09/08 19:40:03 | 000,518,144 | ---- | M] () -- C:\Windows\Installer\fb0e9.msi
[2016/09/08 19:40:03 | 000,507,904 | ---- | M] () -- C:\Windows\Installer\fb0f1.msi
[2016/09/08 19:40:02 | 000,515,584 | ---- | M] () -- C:\Windows\Installer\fb0f9.msi
[2016/09/08 19:40:02 | 000,505,856 | ---- | M] () -- C:\Windows\Installer\fb101.msi
[2016/09/08 19:40:04 | 001,667,072 | ---- | M] () -- C:\Windows\Installer\fb109.msi
[2016/09/08 19:40:04 | 001,658,880 | ---- | M] () -- C:\Windows\Installer\fb112.msi
[2016/09/08 19:40:05 | 001,659,392 | ---- | M] () -- C:\Windows\Installer\fb11a.msi
[2016/09/08 19:40:06 | 000,847,872 | ---- | M] () -- C:\Windows\Installer\fb123.msi
[2016/09/08 19:40:07 | 015,831,552 | ---- | M] () -- C:\Windows\Installer\fb12d.msi
[2016/11/13 23:36:28 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}
[2016/09/27 08:30:52 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{20F9CFAA-04FD-423D-869A-279985494E09}
[2016/10/21 10:38:49 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{26A24AE4-039D-4CA4-87B4-2F64180111F0}
[2016/11/05 14:03:26 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
[2016/12/12 19:20:11 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{46F044A5-CE8B-4196-984E-5BD6525E361D}
[2016/10/21 10:39:29 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{4A03706F-666A-4037-7777-5F2748764D10}
[2016/10/11 22:49:40 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{52116C70-79F9-11E6-9541-BB95F5A309BD}
[2016/10/11 22:26:01 | 000,028,672 | ---- | M] () -- C:\Windows\Installer\SourceHash{63DF5C4B-E3BF-3346-A033-C57B22F44C9E}
[2016/12/12 19:20:21 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
[2016/11/05 14:04:27 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{80595353-6197-2EB6-F14C-C1F4AC093311}
[2016/09/26 08:45:41 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
[2016/09/25 22:34:37 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2016/09/26 19:27:11 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{90140000-2005-0000-0000-0000000FF1CE}
[2016/11/05 14:04:16 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}
[2016/11/05 14:04:19 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}
[2016/10/13 19:41:00 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{AC76BA86-0804-1033-1959-001824202044}
[2016/10/11 21:12:37 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{AEEC522D-38DD-46FD-9367-3E32F51B3A42}
[2016/11/13 23:36:37 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}
[2016/10/12 09:09:24 | 000,028,672 | ---- | M] () -- C:\Windows\Installer\SourceHash{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}
[2016/10/12 09:09:13 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}
[2016/09/26 08:47:05 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
[2016/10/05 22:44:34 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{FC965A47-4839-40CA-B618-18F486F042C6}
[2016/11/05 14:03:29 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
[2016/12/12 19:20:28 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
[2016/12/03 20:43:33 | 000,020,480 | ---- | M] () -- C:\Windows\Installer\SourceHash{FF8F5F84-9660-40DB-BDAD-CCD03F6BD1F6}
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

[color=#A23BEC]< %Systemroot%\Installer\*. >[/color]
[2016/10/10 09:09:04 | 000,000,000 | --SD | M] -- C:\Windows\Installer\$PatchCache$
[2016/09/08 16:55:16 | 000,000,000 | --SD | M] -- C:\Windows\Installer\MSI1EF9.tmp-
[2016/09/08 16:55:18 | 000,000,000 | --SD | M] -- C:\Windows\Installer\MSI285E.tmp-
[2016/09/08 16:54:53 | 000,000,000 | --SD | M] -- C:\Windows\Installer\MSIB0D8.tmp-
[2016/09/08 16:54:57 | 000,000,000 | --SD | M] -- C:\Windows\Installer\MSIC949.tmp-
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\MSID7EB.tmp-
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{06DA421D-EE23-487D-878F-F0AF97EF69AD}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{1C9A24E0-CA21-414D-8D21-22BF8981FC9F}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{36DF4580-D1B3-11E3-A23E-F04DA23A5C58}
[2016/12/12 19:20:18 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}
[2016/12/12 19:20:22 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
[2016/11/05 14:04:29 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{80595353-6197-2EB6-F14C-C1F4AC093311}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{90120000-002A-0000-1000-0000000FF1CE}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{90120000-006E-040C-0000-0000000FF1CE}
[2016/10/13 19:41:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824202044}
[2016/11/03 12:57:55 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}
[2016/10/11 21:12:38 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{AEEC522D-38DD-46FD-9367-3E32F51B3A42}
[2016/11/05 14:04:25 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{B8B3C25D-13D3-B5C2-9AD4-32157EFCEA5F}
[2016/10/12 09:09:37 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}
[2016/10/10 09:28:01 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
[2016/11/22 22:57:06 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}
[2016/12/12 19:20:37 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
[2016/12/03 20:44:24 | 000,000,000 | --SD | M] -- C:\Windows\Installer\{FF8F5F84-9660-40DB-BDAD-CCD03F6BD1F6}

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]
[2016/12/28 22:18:23 | 000,321,480 | ---- | M] (Mozilla Foundation) -- C:\Windows\Temp\avast_ash2\Mozilla Firefox\updater.exe

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2016/09/25 22:55:04 | 000,016,303 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2016/11/27 19:34:54 | 000,002,760 | ---- | M] () -- C:\Windows\system32\lgAxconfig.ini
[2009/07/14 05:55:01 | 000,000,535 | ---- | M] () -- C:\Windows\system32\mapisvc.inf
[2016/12/03 20:44:42 | 001,706,688 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

[color=#A23BEC]< %systemroot%\PSS\* /s >[/color]

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2016/10/21 15:10:11 | 000,001,064 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
[2016/12/28 10:11:30 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2016/11/25 10:35:30 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2009/07/14 04:20:14 | 000,000,000 | --SD | M] -- C:\Windows\system32\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\syswow64\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\syswow64\Tasks\*. >[/color]
[2009/07/14 04:20:14 | 000,000,000 | --SD | M] -- C:\Windows\syswow64\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]

[color=#A23BEC]< dir %Homedrive%\* /S /A:L /C >[/color]
Le volume dans le lecteur C s'appelle WINDOWS 7
Le num ro de s rie du volume est 2C3C-E92C
R pertoire de C:\
14/07/2009 06:08 <JONCTION> Documents and Settings [C:\Users]
0 fichier(s) 0 octets
R pertoire de C:\Program Files
08/09/2016 16:22 <JONCTION> Fichiers communs [C:\Program Files\Common Files]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\Windows NT
08/09/2016 16:22 <JONCTION> Accessoires [C:\Program Files\Windows NT\Accessories]
0 fichier(s) 0 octets
R pertoire de C:\Program Files (x86)\Common Files\AV
18/09/2016 12:57 <SYMLINKD> avast! Antivirus [C:\Program Files\Common Files\AV\avast! Antivirus]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [.]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [.]
14/07/2009 06:08 <JONCTION> Documents [.]
08/09/2016 16:22 <JONCTION> Favoris [.]
14/07/2009 06:08 <JONCTION> Favorites [.]
08/09/2016 16:22 <JONCTION> Menu D marrer [.]
08/09/2016 16:22 <JONCTION> Mod`les [.]
14/07/2009 06:08 <JONCTION> Start Menu [.]
14/07/2009 06:08 <JONCTION> Templates [.]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [.]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\ProgramData\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users
14/07/2009 06:08 <SYMLINKD> All Users [C:\ProgramData]
14/07/2009 06:08 <JONCTION> Default User [C:\Users\Default]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
08/09/2016 16:22 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
08/09/2016 16:22 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
14/07/2009 06:08 <JONCTION> Application Data [.]
08/09/2016 16:22 <JONCTION> Bureau [.]
14/07/2009 06:08 <JONCTION> Desktop [.]
14/07/2009 06:08 <JONCTION> Documents [.]
08/09/2016 16:22 <JONCTION> Favoris [.]
14/07/2009 06:08 <JONCTION> Favorites [.]
08/09/2016 16:22 <JONCTION> Menu D marrer [.]
08/09/2016 16:22 <JONCTION> Mod`les [.]
14/07/2009 06:08 <JONCTION> Start Menu [.]
14/07/2009 06:08 <JONCTION> Templates [.]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [.]
08/09/2016 16:22 <JONCTION> Mes images [.]
08/09/2016 16:22 <JONCTION> Mes vid os [.]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [.]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [.]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [.]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Application Data\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Menu D marrer
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Oracle\Java\javapath
21/10/2016 10:39 <SYMLINK> java.exe [C:\Program Files\Java\jre1.8.0_111\bin\java.exe]
21/10/2016 10:39 <SYMLINK> javaw.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaw.exe]
21/10/2016 10:39 <SYMLINK> javaws.exe [C:\Program Files\Java\jre1.8.0_111\bin\javaws.exe]
3 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Bruno
08/09/2016 16:22 <JONCTION> Application Data [C:\Users\Bruno\AppData\Roaming]
08/09/2016 16:22 <JONCTION> Cookies [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Cookies]
08/09/2016 16:22 <JONCTION> Local Settings [C:\Users\Bruno\AppData\Local]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mes documents [C:\Users\Bruno\Documents]
08/09/2016 16:22 <JONCTION> Mod`les [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Templates]
08/09/2016 16:22 <JONCTION> Recent [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Recent]
08/09/2016 16:22 <JONCTION> SendTo [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\SendTo]
08/09/2016 16:22 <JONCTION> Voisinage d'impression [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/09/2016 16:22 <JONCTION> Voisinage r seau [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Bruno\AppData\Local
08/09/2016 16:22 <JONCTION> Application Data [C:\Users\Bruno\AppData\Local]
08/09/2016 16:22 <JONCTION> Historique [C:\Users\Bruno\AppData\Local\Microsoft\Windows\History]
08/09/2016 16:22 <JONCTION> Temporary Internet Files [C:\Users\Bruno\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Bruno\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Bruno\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Bruno\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Bruno\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default
14/07/2009 06:08 <JONCTION> Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009 06:08 <JONCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009 06:08 <JONCTION> Local Settings [C:\Users\Default\AppData\Local]
08/09/2016 16:22 <JONCTION> Menu D marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/09/2016 16:22 <JONCTION> Mes documents [C:\Users\Default\Documents]
08/09/2016 16:22 <JONCTION> Mod`les [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> My Documents [C:\Users\Default\Documents]
14/07/2009 06:08 <JONCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/07/2009 06:08 <JONCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009 06:08 <JONCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009 06:08 <JONCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14/07/2009 06:08 <JONCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
08/09/2016 16:22 <JONCTION> Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/09/2016 16:22 <JONCTION> Voisinage r seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local
14/07/2009 06:08 <JONCTION> Application Data [C:\Users\Default\AppData\Local]
08/09/2016 16:22 <JONCTION> Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 06:08 <JONCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 06:08 <JONCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
08/09/2016 16:22 <JONCTION> Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Default\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Default\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Default\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Default\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Default\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Default\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Public\Documents
08/09/2016 16:22 <JONCTION> Ma musique [C:\Users\Public\Music]
08/09/2016 16:22 <JONCTION> Mes images [C:\Users\Public\Pictures]
08/09/2016 16:22 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
Total des fichiers list sÿ:
78 fichier(s) 0 octets
603 R p(s) 37ÿ274ÿ062ÿ848 octets libres

[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2016/09/25 21:38:30 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=6621364405B22FB2C642CDB6B6DE751C -- C:\Windows\SysNative\drivers\afd.sys
[2016/09/25 21:38:30 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=6621364405B22FB2C642CDB6B6DE751C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.23403_none_36a183128e234d07\afd.sys
[2009/07/14 00:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2010/11/20 10:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
[2016/09/25 21:37:56 | 000,023,784 | ---- | M] (Microsoft Corporation) MD5=C8AA50005E6461D5C2C247DBABBF2008 -- C:\Windows\SysNative\drivers\atapi.sys
[2016/09/25 21:37:56 | 000,023,784 | ---- | M] (Microsoft Corporation) MD5=C8AA50005E6461D5C2C247DBABBF2008 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_f012f5ea068cd6ca\atapi.sys
[2016/09/25 21:37:56 | 000,023,784 | ---- | M] (Microsoft Corporation) MD5=C8AA50005E6461D5C2C247DBABBF2008 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.23403_none_3bf1689a513ffc53\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2016/09/25 21:37:56 | 000,150,016 | ---- | M] (Microsoft Corporation) MD5=7200A15FCDDECA736E97D2815A32A54F -- C:\Windows\SysNative\drivers\cdrom.sys
[2016/09/25 21:37:56 | 000,150,016 | ---- | M] (Microsoft Corporation) MD5=7200A15FCDDECA736E97D2815A32A54F -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_510433adb8471ccf\cdrom.sys
[2016/09/25 21:37:56 | 000,150,016 | ---- | M] (Microsoft Corporation) MD5=7200A15FCDDECA736E97D2815A32A54F -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.23403_none_be629c62d37d9801\cdrom.sys
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2016/08/29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\explorer.exe
[2016/08/29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_b0517adca98752cc\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2016/08/29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\SysWOW64\explorer.exe
[2016/08/29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_baa6252edde814c7\explorer.exe
[2016/09/25 21:38:28 | 003,230,720 | ---- | M] (Microsoft Corporation) MD5=94FDE1A551352E1305E48EA853C4E907 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23403_none_b06de792a9729c76\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2016/09/25 21:38:28 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=DD5FC870BDE759BF621B86C9BEB8FDE6 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23403_none_bac291e4ddd35e71\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2016/09/25 21:37:56 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=55CCD3E5E4DA18FCF0598F42249D47DF -- C:\Windows\SysNative\drivers\i8042prt.sys
[2016/09/25 21:37:56 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=55CCD3E5E4DA18FCF0598F42249D47DF -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_6ccdaaf58e9b21ba\i8042prt.sys
[2016/09/25 21:37:56 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=55CCD3E5E4DA18FCF0598F42249D47DF -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.23403_none_f607ae5908af1a35\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009/07/14 00:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2016/09/25 21:38:30 | 000,948,968 | ---- | M] (Microsoft Corporation) MD5=8664770EC3CF87492AD1CDDA424FD3CB -- C:\Windows\SysNative\drivers\ndis.sys
[2016/09/25 21:38:30 | 000,948,968 | ---- | M] (Microsoft Corporation) MD5=8664770EC3CF87492AD1CDDA424FD3CB -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23403_none_06806c474bc53acf\ndis.sys
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: NETBT.SYS >[/color]
[2010/11/20 10:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[2016/09/25 21:38:28 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=4B446DCE1B5059BEA80430E7C5498F5A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.23403_none_bf1e08e226fa551c\netbt.sys
[2009/07/14 00:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys
[2016/05/11 15:58:23 | 000,262,144 | ---- | M] (Microsoft Corporation) MD5=E47D571FEC2C76E867935109AB2A770C -- C:\Windows\SysNative\drivers\netbt.sys
[2016/05/11 15:58:23 | 000,262,144 | ---- | M] (Microsoft Corporation) MD5=E47D571FEC2C76E867935109AB2A770C -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.23451_none_bee5f8b22724ae23\netbt.sys

[color=#A23BEC]< MD5 for: TDX.SYS >[/color]
[2009/07/14 00:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[2016/09/25 21:38:30 | 000,117,760 | ---- | M] (Microsoft Corporation) MD5=106269AB8623435C130A33DCA499A7EF -- C:\Windows\SysNative\drivers\tdx.sys
[2016/09/25 21:38:30 | 000,117,760 | ---- | M] (Microsoft Corporation) MD5=106269AB8623435C130A33DCA499A7EF -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.23403_none_48f708cc0bcbd66e\tdx.sys
[2010/11/20 10:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2009/07/14 02:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys
[2016/09/25 21:37:56 | 000,297,192 | ---- | M] (Microsoft Corporation) MD5=B52F1F5F55CD773BA89E5739B82E9C34 -- C:\Windows\SysNative\drivers\volsnap.sys
[2016/09/25 21:37:56 | 000,297,192 | ---- | M] (Microsoft Corporation) MD5=B52F1F5F55CD773BA89E5739B82E9C34 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_4574fcaa69621dfb\volsnap.sys
[2016/09/25 21:37:56 | 000,297,192 | ---- | M] (Microsoft Corporation) MD5=B52F1F5F55CD773BA89E5739B82E9C34 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.23403_none_746ff8012bcb2884\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2015/09/03 21:48:21 | 000,038,400 | ---- | M] () MD5=098D1E9C1B749142F999973C794BE54D -- C:\AdsFix\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2016/09/25 21:38:30 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=9562F469F07315BE916AE3B780E2C42C -- C:\Windows\SysNative\winlogon.exe
[2016/09/25 21:38:30 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=9562F469F07315BE916AE3B780E2C42C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.23403_none_ce7c419704a7a9ac\winlogon.exe
[2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2016/07/27 23:38:59 | 000,074,240 | ---- | M] () MD5=A6C645EF2F30ABF61FCDBE5E76999730 -- C:\QuickDiag\MBR\Winlogon.exe
[2016/03/10 13:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:07BF512B

< End of report >

Signaler le contenu de ce document