OTL logfile created on: 29/02/2016 17:46:39 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\samsung\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.18204) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,71 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 35,11% Memory free 7,41 Gb Paging File | 4,53 Gb Available in Paging File | 61,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,66 Gb Total Space | 23,50 Gb Free Space | 24,07% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 134,63 Gb Free Space | 91,91% Space Free | Partition Type: NTFS Drive E: | 221,62 Gb Total Space | 221,24 Gb Free Space | 99,83% Space Free | Partition Type: NTFS Computer Name: SAMSUNG-PC | User Name: samsung | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2016/02/29 17:45:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe PRC - [2016/02/26 17:32:42 | 007,431,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2016/02/26 17:32:36 | 000,241,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2016/02/18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2016/01/07 08:53:04 | 000,859,672 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe PRC - [2016/01/07 08:52:26 | 000,888,344 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe PRC - [2016/01/07 08:50:52 | 000,413,208 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2015/11/16 00:27:59 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Microsoft\BingSvc\BingSvc.exe PRC - [2015/10/26 20:00:00 | 001,143,008 | R--- | M] (Nico Mak Computing) -- C:\Program Files\WinZip\WZUpdateNotifier.exe PRC - [2015/02/03 18:59:20 | 000,695,528 | ---- | M] (Zbshareware Lab) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe PRC - [2013/09/16 11:18:28 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2013/09/16 11:17:42 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2013/07/23 04:47:24 | 000,239,696 | ---- | M] () -- C:\ProgramData\MobileBrServ\mbbService.exe PRC - [2009/06/11 12:14:02 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2016/02/26 17:32:38 | 000,470,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll MOD - [2016/02/26 17:32:38 | 000,123,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll MOD - [2016/02/26 17:32:38 | 000,123,344 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\log.dll MOD - [2016/02/26 17:32:36 | 000,133,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll MOD - [2016/02/26 17:32:36 | 000,133,768 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll MOD - [2016/02/18 05:15:11 | 016,808,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll MOD - [2016/02/18 05:14:44 | 001,630,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll MOD - [2016/02/18 05:14:32 | 000,085,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll MOD - [2016/02/11 17:18:34 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\0897821095be498cf13595c53c7ecf2e\JSON.ni.dll MOD - [2016/02/11 17:18:26 | 001,527,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\6bf6f884857bf0c99d27303af01b369c\HD-Agent.ni.exe MOD - [2016/02/11 17:15:41 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\25433ee5d09d563da10280c1343511f9\System.Web.ni.dll MOD - [2016/02/11 17:15:10 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b622d3d64bb24842fc7c9308a559ab1a\System.Windows.Forms.ni.dll MOD - [2016/02/11 17:15:03 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ca97db61d7b1564dd115248a1439194e\System.Drawing.ni.dll MOD - [2016/02/11 17:02:25 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d6204638b750d650b7cbb3278a5954eb\System.Xml.ni.dll MOD - [2016/02/11 17:02:19 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ae206eff0a9816475cd7dd3d680faa48\System.Configuration.ni.dll MOD - [2016/02/11 17:02:15 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ef80bf7db724bb3ab5fea4c0e2117cae\System.ni.dll MOD - [2015/11/19 19:35:04 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2015/01/30 19:44:34 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\USB Disk Security\locales\french.dll MOD - [2014/11/09 22:41:52 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll MOD - [2013/07/08 13:44:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/05 03:00:03 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc) SRV:[b]64bit:[/b] - [2016/02/26 17:32:36 | 000,241,760 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2016/01/22 07:27:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2013/08/27 13:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2013/08/27 13:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2016/02/10 00:47:59 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2016/01/19 20:46:07 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2016/01/07 08:53:04 | 000,859,672 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc) SRV - [2016/01/07 08:50:52 | 000,413,208 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2016/01/07 08:49:58 | 000,433,688 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013/09/16 11:18:28 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2013/09/16 11:17:42 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2013/07/23 04:47:24 | 000,239,696 | ---- | M] () [Auto | Running] -- C:\ProgramData\MobileBrServ\mbbService.exe -- (Mobile Broadband HL Service) SRV - [2012/12/24 01:22:36 | 000,277,640 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv) DRV:[b]64bit:[/b] - [2016/02/26 17:32:46 | 000,166,432 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,463,744 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,287,528 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:[b]64bit:[/b] - [2016/02/26 17:32:29 | 001,070,904 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2015/06/11 18:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2015/02/13 13:10:16 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap) DRV:[b]64bit:[/b] - [2014/04/09 21:05:52 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice) DRV:[b]64bit:[/b] - [2013/09/23 23:42:52 | 004,021,248 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2013/09/16 11:17:42 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2013/02/12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2012/12/20 13:18:50 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,079,872 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_cdc_acm.sys -- (hspa_zi_cdc_acm) DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,058,880 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_cdc_ecm.sys -- (hspa_zi_cdc_ecm) DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,056,320 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_ecm_enum_filter.sys -- (hspa_zi_ecm_enum_filter) DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,056,320 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_ecm_enum.sys -- (hspa_zi_ecm_enum) DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,010,240 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_wcpo.sys -- (hspa_zi_wcpo) DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2016/01/07 08:50:34 | 000,154,680 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1416000717&from=cor&uid=ST500LT012-9WS142_S0V5B6Z7XXXXS0V5B6Z7 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1416000717&from=cor&uid=ST500LT012-9WS142_S0V5B6Z7XXXXS0V5B6Z7&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1416000717&from=cor&uid=ST500LT012-9WS142_S0V5B6Z7XXXXS0V5B6Z7&q={searchTerms} IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggadg4LWAtEQhgUeFxZTA0UFg0OeFgLUBRHEVYbIg4NUV8XQFAFIk0FA1ADB0VXfVBdFElXTwhkMlxZFX8YT1E= IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAOVgpIEwBAbQ4ABFhcFVAUeBQAAApADAMTIwFaVgxBR1NCJR9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2514}: "URL" = http://www.default-search.net/search?sid=514&aid=101&itype=n&ver=14074&tm=505&src=ds&p={searchTerms} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/?serie=219&b=3&installkey=okhACWbs0rvauOVuLgtp IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2514}: "URL" = http://www.default-search.net/search?sid=514&aid=101&itype=n&ver=14074&tm=505&src=ds&p={searchTerms} IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = http://www.globasearch.com/?serie=219&installkey=okhACWbs0rvauOVuLgtp&b=3&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/?serie=219&b=3&installkey=okhACWbs0rvauOVuLgtp IE - HKCU\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAOVgpIEwBAbQ4ABFhcFVAUeBQAAApADAMTIwFaVgxBR1NCJR9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2514}: "URL" = http://www.default-search.net/search?sid=514&aid=101&itype=n&ver=14074&tm=505&src=ds&p={searchTerms} IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = http://www.globasearch.com/?serie=219&installkey=okhACWbs0rvauOVuLgtp&b=3&q={searchTerms} IE - HKCU\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UP97 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "TN" FF - prefs.js..browser.search.defaultengine: "Google (avast)" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)" FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search?trackid=sp-006" FF - prefs.js..browser.search.order.1: "Google (avast)" FF - prefs.js..browser.search.order.3: "Bing " FF - prefs.js..browser.search.region: "TN" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.globasearch.com/?serie=219&b=2&installkey=okhACWbs0rvauOVuLgtp" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0.2 FF - prefs.js..keyword.URL: "https://www.google.com/search?trackid=sp-006" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/02/26 17:32:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/02/26 17:32:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/02/26 17:32:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: enable FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Market: fr-fr FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Package: DefaultPack FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\OSVersion: 6.1.7601.1 FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\LVersion: 1.7.46.0 FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\MFVersion: MF38.0.1 (x86 fr) [2014/10/18 14:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samsung\AppData\Roaming\mozilla\Extensions [2016/01/30 22:27:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samsung\AppData\Roaming\mozilla\Firefox\Profiles\ktdoqs0f.default\extensions [2015/05/28 20:57:40 | 000,000,000 | ---D | M] ("Bing Search") -- C:\Users\samsung\AppData\Roaming\mozilla\Firefox\Profiles\ktdoqs0f.default\extensions\bingsearch.full@microsoft.com [2014/11/14 21:14:25 | 000,006,057 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\bingp.xml [2014/10/19 17:01:06 | 000,002,579 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\default-search.xml [2016/02/20 11:15:26 | 000,000,921 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\default.xml [2015/12/22 12:25:25 | 000,002,428 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\google-avast.xml [2016/01/19 20:46:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2016/02/12 13:00:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] O1 HOSTS File: ([2016/02/29 17:35:15 | 000,000,826 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe (Zbshareware Lab) O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKCU..\Run: [BingSvc] C:\Users\samsung\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation) O4 - HKCU..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Updates = "C:\system32\SystemProtection.exe" /e:VBScript.Encode "C:\kernel\r00t3r" (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\sdate: sdate = 33 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C0BD0C0-EFC7-4E3B-8F56-79FE82A7A9D4}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35BE5A8A-E9F9-4A73-A5CC-3D9A50776E88}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69BF6DCB-4BDB-4DDF-9C1B-4ED9DFB3BBA9}: NameServer = 77.234.40.79 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E56988BA-D073-4F20-B324-D03A5B45840B}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0efb5f61-6907-11e4-9c83-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{0efb5f61-6907-11e4-9c83-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{0efb5f7c-6907-11e4-9c83-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{0efb5f7c-6907-11e4-9c83-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{0f4758f2-dead-11e4-8feb-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{0f4758f2-dead-11e4-8feb-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{3c5cdf38-91cd-11e4-aadb-001e101f1ed9}\Shell - "" = AutoRun O33 - MountPoints2\{3c5cdf38-91cd-11e4-aadb-001e101f1ed9}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{7d9c98f1-7b12-11e4-96a8-1867b08284d1}\Shell - "" = AutoRun O33 - MountPoints2\{7d9c98f1-7b12-11e4-96a8-1867b08284d1}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{7ee42647-8a2d-11e4-8b66-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{7ee42647-8a2d-11e4-8b66-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{7ee42655-8a2d-11e4-8b66-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{7ee42655-8a2d-11e4-8b66-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{8aa1859c-7a49-11e4-aa38-001e101f50a4}\Shell - "" = AutoRun O33 - MountPoints2\{8aa1859c-7a49-11e4-aa38-001e101f50a4}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{8aa185b0-7a49-11e4-aa38-001e101f50a4}\Shell - "" = AutoRun O33 - MountPoints2\{8aa185b0-7a49-11e4-aa38-001e101f50a4}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{b407d402-59fc-11e4-a9dc-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{b407d402-59fc-11e4-a9dc-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ba9312ed-5792-11e4-991c-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{ba9312ed-5792-11e4-991c-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ba931302-5792-11e4-991c-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{ba931302-5792-11e4-991c-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c9b3ff61-5b9c-11e4-b82d-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{c9b3ff61-5b9c-11e4-b82d-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c9b3ff71-5b9c-11e4-b82d-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{c9b3ff71-5b9c-11e4-b82d-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c9b400ae-5b9c-11e4-b82d-001e101f7fb6}\Shell - "" = AutoRun O33 - MountPoints2\{c9b400ae-5b9c-11e4-b82d-001e101f7fb6}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{c9b9d321-7984-11e4-bfc5-1867b08284d2}\Shell - "" = AutoRun O33 - MountPoints2\{c9b9d321-7984-11e4-bfc5-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{e3781a9a-7a57-11e4-8aeb-001e101f57d0}\Shell - "" = AutoRun O33 - MountPoints2\{e3781a9a-7a57-11e4-8aeb-001e101f57d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{e3781aa8-7a57-11e4-8aeb-001e101f57d0}\Shell - "" = AutoRun O33 - MountPoints2\{e3781aa8-7a57-11e4-8aeb-001e101f57d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ea09050a-7f23-11e4-9920-001e101f1838}\Shell - "" = AutoRun O33 - MountPoints2\{ea09050a-7f23-11e4-9920-001e101f1838}\Shell\AutoRun\command - "" = G:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2016/02/29 17:44:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe [2016/02/29 01:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip [2016/02/29 01:37:47 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\WinZip [2016/02/29 01:35:02 | 000,000,000 | ---D | C] -- C:\Users\samsung\Documents\Add-in Express [2016/02/29 01:32:35 | 000,685,752 | ---- | C] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20_01net.exe [2016/02/29 01:29:20 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\assembly [2016/02/29 01:25:48 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\Nico Mak Computing [2016/02/29 01:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip [2016/02/29 01:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip [2016/02/29 01:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\UniqueId [2016/02/29 01:20:28 | 000,706,016 | ---- | C] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20.exe [2016/02/26 17:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [2016/02/26 17:32:47 | 000,398,152 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2016/02/26 17:32:38 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2016/02/24 22:45:30 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\Saut-longueur [2016/02/24 00:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2016/02/24 00:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2016/02/22 21:36:22 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\Nouveau dossier [2016/02/20 22:20:00 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\fr [2016/02/19 13:55:33 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\prog mental [2016/02/18 21:41:15 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\eps [2016/02/11 21:20:06 | 000,000,000 | ---D | C] -- C:\DRIVERS [2016/02/11 16:51:03 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2016/02/11 16:51:03 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2016/02/11 16:51:03 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2016/02/11 16:51:03 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2016/02/11 16:51:03 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2016/02/11 16:51:03 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2016/02/11 16:51:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2016/02/11 16:51:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2016/02/11 16:51:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2016/02/11 16:51:03 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2016/02/11 16:51:03 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2016/02/11 16:51:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2016/02/11 16:51:01 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2016/02/11 16:51:01 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2016/02/11 16:51:01 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2016/02/11 16:51:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2016/02/11 16:51:00 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2016/02/11 16:51:00 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2016/02/11 16:51:00 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2016/02/11 16:51:00 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2016/02/11 16:51:00 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2016/02/11 16:51:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2016/02/11 16:50:59 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2016/02/11 16:50:59 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2016/02/11 16:50:58 | 002,123,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2016/02/11 16:50:58 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2016/02/11 16:50:57 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2016/02/11 16:50:57 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2016/02/11 16:50:57 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2016/02/11 16:50:57 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2016/02/11 16:50:56 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2016/02/11 16:50:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2016/02/11 16:50:54 | 006,052,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2016/02/11 16:50:54 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2016/02/11 16:50:54 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2016/02/11 16:50:54 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2016/02/11 16:50:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2016/02/11 16:50:52 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2016/02/11 16:50:52 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2016/02/11 16:49:02 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2016/02/11 16:49:01 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2016/02/11 16:49:01 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2016/02/11 16:49:00 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2016/02/11 10:33:40 | 002,085,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2016/02/11 10:33:17 | 005,573,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2016/02/11 10:33:17 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2016/02/11 10:33:17 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2016/02/11 10:33:17 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2016/02/11 10:33:17 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2016/02/11 10:33:16 | 001,733,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2016/02/11 10:33:16 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2016/02/11 10:33:15 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxoci.dll [2016/02/11 10:33:14 | 003,993,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2016/02/11 10:33:14 | 003,938,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2016/02/11 10:33:14 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2016/02/11 10:33:14 | 000,880,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll [2016/02/11 10:33:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxoci.dll [2016/02/11 10:33:13 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll [2016/02/11 10:33:10 | 001,461,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2016/02/11 10:33:10 | 001,214,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2016/02/11 10:33:09 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2016/02/11 10:33:09 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2016/02/11 10:33:08 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2016/02/11 10:33:08 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2016/02/11 10:33:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2016/02/11 10:33:08 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2016/02/11 10:33:08 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2016/02/11 10:33:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2016/02/11 10:33:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll [2016/02/11 10:33:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2016/02/11 10:33:06 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2016/02/11 10:33:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe [2016/02/11 10:33:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll [2016/02/11 10:33:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe [2016/02/11 10:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2016/02/11 10:33:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2016/02/11 10:33:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2016/02/11 10:33:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2016/02/11 10:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2016/02/11 10:33:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2016/02/11 10:33:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2016/02/11 10:33:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2016/02/11 10:33:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2016/02/11 10:33:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2016/02/11 10:33:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2016/02/11 10:33:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2016/02/11 10:33:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2016/02/11 10:33:03 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll [2016/02/11 10:33:03 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll [2016/02/11 10:33:03 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll [2016/02/11 10:33:03 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll [2016/02/11 10:33:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll [2016/02/11 10:33:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll [2016/02/11 10:33:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2016/02/11 10:33:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2016/02/11 10:33:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll [2016/02/11 10:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2016/02/11 10:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2016/02/11 10:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2016/02/11 10:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2016/02/11 10:33:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2016/02/11 10:23:51 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll [2016/02/11 10:23:51 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll [2016/02/11 10:23:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll [2016/02/08 19:59:25 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\divers [2016/02/05 22:31:01 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\quran [2016/02/03 23:04:27 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\Program4Pc [2016/02/03 23:02:47 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\Downloaded Installations [2 C:\Users\samsung\Desktop\*.tmp files -> C:\Users\samsung\Desktop\*.tmp -> ] [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2016/02/29 17:50:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2016/02/29 17:46:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016/02/29 17:45:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe [2016/02/29 17:45:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2016/02/29 17:35:15 | 000,000,826 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2016/02/29 16:43:25 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2016/02/29 16:43:25 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2016/02/29 16:40:30 | 001,579,478 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016/02/29 16:40:30 | 000,721,802 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2016/02/29 16:40:30 | 000,619,146 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2016/02/29 16:40:30 | 000,138,884 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2016/02/29 16:40:30 | 000,107,466 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2016/02/29 16:34:56 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2016/02/29 16:34:45 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job [2016/02/29 16:34:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2016/02/29 16:34:21 | 2984,931,328 | -HS- | M] () -- C:\hiberfil.sys [2016/02/29 01:37:57 | 000,002,309 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk [2016/02/29 01:37:57 | 000,002,301 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2016/02/29 01:37:57 | 000,001,973 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016/02/29 01:37:57 | 000,001,968 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2016/02/29 01:33:44 | 000,685,752 | ---- | M] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20_01net.exe [2016/02/29 01:20:31 | 000,706,016 | ---- | M] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20.exe [2016/02/29 01:19:38 | 001,369,706 | ---- | M] () -- C:\Users\samsung\Desktop\rugby.pdf [2016/02/29 01:15:47 | 017,337,069 | ---- | M] () -- C:\Users\samsung\Desktop\fiches pédago.rar [2016/02/29 01:01:37 | 000,118,215 | ---- | M] () -- C:\Users\samsung\Desktop\1IwFzE5WXoz6f_t3gSV-16X_LoQ.jpg [2016/02/29 01:00:28 | 000,044,551 | ---- | M] () -- C:\Users\samsung\Desktop\1003781-Mike_Powell.jpg [2016/02/28 18:41:14 | 000,059,334 | ---- | M] () -- C:\Users\samsung\Desktop\12794630_607862499364981_1780157688132072237_n.jpg [2016/02/28 17:28:14 | 000,609,422 | ---- | M] () -- C:\Users\samsung\Desktop\Effect_of_a_psychological_skills_trainin.pdf [2016/02/28 17:06:06 | 001,391,105 | ---- | M] () -- C:\Users\samsung\Desktop\corpsfp01.pdf [2016/02/27 00:58:19 | 000,139,411 | ---- | M] () -- C:\Users\samsung\Desktop\10152403_232502303617217_2145859725_n.jpg [2016/02/27 00:56:13 | 000,090,797 | ---- | M] () -- C:\Users\samsung\Desktop\12074899_954698271256535_3870704955156118593_n.jpg [2016/02/27 00:56:04 | 000,058,523 | ---- | M] () -- C:\Users\samsung\Desktop\12036928_954696281256734_5092200780918204481_n.jpg [2016/02/27 00:55:45 | 000,092,783 | ---- | M] () -- C:\Users\samsung\Desktop\12096230_954680564591639_5794214860775811825_n.jpg [2016/02/26 17:32:46 | 000,166,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2016/02/26 17:32:45 | 000,463,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2016/02/26 17:32:45 | 000,398,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2016/02/26 17:32:45 | 000,287,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys [2016/02/26 17:32:45 | 000,107,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2016/02/26 17:32:45 | 000,103,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2016/02/26 17:32:45 | 000,074,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys [2016/02/26 17:32:45 | 000,037,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys [2016/02/26 17:32:38 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2016/02/26 17:32:29 | 001,070,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2016/02/26 16:18:41 | 000,559,267 | ---- | M] () -- C:\Users\samsung\Desktop\E0322227.pdf [2016/02/26 15:08:01 | 000,109,457 | ---- | M] () -- C:\Users\samsung\Desktop\sophrologie_0910_1245326263447.pdf [2016/02/26 13:51:54 | 004,353,115 | ---- | M] () -- C:\Users\samsung\Desktop\GLS_syllabus060613_ok.pdf [2016/02/23 14:28:32 | 001,513,324 | ---- | M] () -- C:\Users\samsung\Desktop\APE_2015020316293706.pdf [2016/02/19 13:33:19 | 000,293,158 | ---- | M] () -- C:\Users\samsung\Desktop\Joueur de demain.pdf [2016/02/17 23:16:22 | 000,018,206 | ---- | M] () -- C:\Users\samsung\Desktop\12715457_1671782459744843_3961137504102243830_n.jpg [2016/02/15 00:23:11 | 000,142,338 | ---- | M] () -- C:\Users\samsung\Desktop\rappor d'avancement.pdf [2016/02/12 18:05:46 | 000,107,039 | ---- | M] () -- C:\Users\samsung\Desktop\56bdf0e9c36188c3648b45c4.jpg [2016/02/12 17:34:27 | 002,111,110 | ---- | M] () -- C:\Users\samsung\Desktop\Carta.pdf [2016/02/11 21:38:27 | 000,107,222 | ---- | M] () -- C:\Users\samsung\Desktop\3069-sont-hormones-liees-stress.pdf [2016/02/11 17:13:27 | 000,409,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016/02/11 14:21:36 | 000,176,495 | ---- | M] () -- C:\Users\samsung\Desktop\v10197-012-0017-y.pdf [2016/02/11 13:46:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\track [2016/02/10 12:36:01 | 000,260,113 | ---- | M] () -- C:\Users\samsung\Desktop\Salah Souissi.pdf [2016/02/10 00:47:57 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2016/02/10 00:47:57 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2016/02/06 11:11:30 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2016/02/06 11:10:21 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2016/02/06 10:38:27 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2016/02/06 10:37:23 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2016/02/01 21:29:41 | 001,369,488 | ---- | M] () -- C:\Users\samsung\Documents\testostérone.pdf [2 C:\Users\samsung\Desktop\*.tmp files -> C:\Users\samsung\Desktop\*.tmp -> ] [10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2016/02/29 17:50:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2016/02/29 01:37:57 | 000,002,309 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk [2016/02/29 01:37:57 | 000,002,301 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2016/02/29 01:37:57 | 000,001,973 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016/02/29 01:37:57 | 000,001,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2016/02/29 01:19:31 | 001,369,706 | ---- | C] () -- C:\Users\samsung\Desktop\rugby.pdf [2016/02/29 01:14:25 | 017,337,069 | ---- | C] () -- C:\Users\samsung\Desktop\fiches pédago.rar [2016/02/29 01:01:36 | 000,118,215 | ---- | C] () -- C:\Users\samsung\Desktop\1IwFzE5WXoz6f_t3gSV-16X_LoQ.jpg [2016/02/29 01:00:17 | 000,044,551 | ---- | C] () -- C:\Users\samsung\Desktop\1003781-Mike_Powell.jpg [2016/02/28 18:41:14 | 000,059,334 | ---- | C] () -- C:\Users\samsung\Desktop\12794630_607862499364981_1780157688132072237_n.jpg [2016/02/28 17:28:13 | 000,609,422 | ---- | C] () -- C:\Users\samsung\Desktop\Effect_of_a_psychological_skills_trainin.pdf [2016/02/28 17:04:39 | 001,391,105 | ---- | C] () -- C:\Users\samsung\Desktop\corpsfp01.pdf [2016/02/27 00:58:12 | 000,139,411 | ---- | C] () -- C:\Users\samsung\Desktop\10152403_232502303617217_2145859725_n.jpg [2016/02/27 00:56:13 | 000,090,797 | ---- | C] () -- C:\Users\samsung\Desktop\12074899_954698271256535_3870704955156118593_n.jpg [2016/02/27 00:56:04 | 000,058,523 | ---- | C] () -- C:\Users\samsung\Desktop\12036928_954696281256734_5092200780918204481_n.jpg [2016/02/27 00:55:43 | 000,092,783 | ---- | C] () -- C:\Users\samsung\Desktop\12096230_954680564591639_5794214860775811825_n.jpg [2016/02/26 16:18:40 | 000,559,267 | ---- | C] () -- C:\Users\samsung\Desktop\E0322227.pdf [2016/02/26 15:08:00 | 000,109,457 | ---- | C] () -- C:\Users\samsung\Desktop\sophrologie_0910_1245326263447.pdf [2016/02/26 13:51:52 | 004,353,115 | ---- | C] () -- C:\Users\samsung\Desktop\GLS_syllabus060613_ok.pdf [2016/02/23 14:28:23 | 001,513,324 | ---- | C] () -- C:\Users\samsung\Desktop\APE_2015020316293706.pdf [2016/02/19 13:33:18 | 000,293,158 | ---- | C] () -- C:\Users\samsung\Desktop\Joueur de demain.pdf [2016/02/17 23:16:02 | 000,018,206 | ---- | C] () -- C:\Users\samsung\Desktop\12715457_1671782459744843_3961137504102243830_n.jpg [2016/02/15 00:23:01 | 000,142,338 | ---- | C] () -- C:\Users\samsung\Desktop\rappor d'avancement.pdf [2016/02/12 18:05:46 | 000,107,039 | ---- | C] () -- C:\Users\samsung\Desktop\56bdf0e9c36188c3648b45c4.jpg [2016/02/12 17:32:24 | 002,111,110 | ---- | C] () -- C:\Users\samsung\Desktop\Carta.pdf [2016/02/11 21:37:16 | 000,107,222 | ---- | C] () -- C:\Users\samsung\Desktop\3069-sont-hormones-liees-stress.pdf [2016/02/11 14:21:36 | 000,176,495 | ---- | C] () -- C:\Users\samsung\Desktop\v10197-012-0017-y.pdf [2016/02/11 13:46:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\track [2016/02/10 12:36:01 | 000,260,113 | ---- | C] () -- C:\Users\samsung\Desktop\Salah Souissi.pdf [2016/02/01 21:29:39 | 001,369,488 | ---- | C] () -- C:\Users\samsung\Documents\testostérone.pdf [2015/11/21 15:57:54 | 000,000,099 | ---- | C] () -- C:\Windows\Reimage.ini [2015/07/09 21:12:36 | 000,004,608 | ---- | C] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015/02/22 23:59:36 | 001,552,872 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014/10/18 17:17:04 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2014/10/18 17:17:01 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2014/10/18 17:17:01 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2014/10/18 14:50:31 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKCU\Software >[/color] [HKEY_CURRENT_USER\Software\Adobe] [HKEY_CURRENT_USER\Software\Andy] [HKEY_CURRENT_USER\Software\AppDataLow] [HKEY_CURRENT_USER\Software\Appscion] [HKEY_CURRENT_USER\Software\AVAST Software] [HKEY_CURRENT_USER\Software\AVG] [HKEY_CURRENT_USER\Software\Bluetooth Driver Installer] [HKEY_CURRENT_USER\Software\BoBrowser] [HKEY_CURRENT_USER\Software\Clients] [HKEY_CURRENT_USER\Software\CyberLink] [HKEY_CURRENT_USER\Software\DownloadManager] [HKEY_CURRENT_USER\Software\DriverToolkit] [HKEY_CURRENT_USER\Software\drpsu] [HKEY_CURRENT_USER\Software\DVDVideoSoft] [HKEY_CURRENT_USER\Software\Facebook] [HKEY_CURRENT_USER\Software\Google] [HKEY_CURRENT_USER\Software\GRETECH] [HKEY_CURRENT_USER\Software\IM Providers] [HKEY_CURRENT_USER\Software\InstallCore] [HKEY_CURRENT_USER\Software\Intel] [HKEY_CURRENT_USER\Software\Licenses] [HKEY_CURRENT_USER\Software\Linkey] [HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications] [HKEY_CURRENT_USER\Software\Macromedia] [HKEY_CURRENT_USER\Software\Magicbit] [HKEY_CURRENT_USER\Software\malavida] [HKEY_CURRENT_USER\Software\Microsoft] [HKEY_CURRENT_USER\Software\Mozilla] [HKEY_CURRENT_USER\Software\MozillaPlugins] [HKEY_CURRENT_USER\Software\Nero] [HKEY_CURRENT_USER\Software\Netscape] [HKEY_CURRENT_USER\Software\Nico Mak Computing] [HKEY_CURRENT_USER\Software\ODBC] [HKEY_CURRENT_USER\Software\Opera Software] [HKEY_CURRENT_USER\Software\Policies] [HKEY_CURRENT_USER\Software\Program4Pc] [HKEY_CURRENT_USER\Software\PySoft] [HKEY_CURRENT_USER\Software\Reg] [HKEY_CURRENT_USER\Software\RegisteredApplications] [HKEY_CURRENT_USER\Software\Skype] [HKEY_CURRENT_USER\Software\SkypeRS] [HKEY_CURRENT_USER\Software\Smart Soft] [HKEY_CURRENT_USER\Software\Softonic] [HKEY_CURRENT_USER\Software\systweak] [HKEY_CURRENT_USER\Software\TeleCharger] [HKEY_CURRENT_USER\Software\Trolltech] [HKEY_CURRENT_USER\Software\Unity] [HKEY_CURRENT_USER\Software\USB Disk Security] [HKEY_CURRENT_USER\Software\VB and VBA Program Settings] [HKEY_CURRENT_USER\Software\Video Download Capture] [HKEY_CURRENT_USER\Software\WinRAR] [HKEY_CURRENT_USER\Software\WinRAR SFX] [HKEY_CURRENT_USER\Software\WinZip Computing] [HKEY_CURRENT_USER\Software\Wow6432Node] [HKEY_CURRENT_USER\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}] [HKEY_CURRENT_USER\Software\Classes] [color=#A23BEC]< HKLM\Software >[/color] "FirstRun" = false "Path" = C:\Program Files (x86)\Word to Pdf Converter 3000\Converter.exe [HKEY_LOCAL_MACHINE\Software\Adobe] [HKEY_LOCAL_MACHINE\Software\Atheros] [HKEY_LOCAL_MACHINE\Software\ATI Technologies] [HKEY_LOCAL_MACHINE\Software\AVAST Software] [HKEY_LOCAL_MACHINE\Software\AVG] [HKEY_LOCAL_MACHINE\Software\BlueStacks] [HKEY_LOCAL_MACHINE\Software\BlueStacksGameManager] [HKEY_LOCAL_MACHINE\Software\Clara] [HKEY_LOCAL_MACHINE\Software\CyberLink] [HKEY_LOCAL_MACHINE\Software\DVDVideoSoft] [HKEY_LOCAL_MACHINE\Software\Eset] [HKEY_LOCAL_MACHINE\Software\FlvPlayer] [HKEY_LOCAL_MACHINE\Software\Google] [HKEY_LOCAL_MACHINE\Software\GRETECH] [HKEY_LOCAL_MACHINE\Software\Huawei technologies] [HKEY_LOCAL_MACHINE\Software\InstallShield] [HKEY_LOCAL_MACHINE\Software\Intel] [HKEY_LOCAL_MACHINE\Software\Internet Download Manager] [HKEY_LOCAL_MACHINE\Software\InterVideo] [HKEY_LOCAL_MACHINE\Software\KasperskyLab] [HKEY_LOCAL_MACHINE\Software\Kaydara] [HKEY_LOCAL_MACHINE\Software\KONAMIPES6] [HKEY_LOCAL_MACHINE\Software\Licenses] [HKEY_LOCAL_MACHINE\Software\Macromedia] [HKEY_LOCAL_MACHINE\Software\McAfee.com] [HKEY_LOCAL_MACHINE\Software\mcafeeupdater] [HKEY_LOCAL_MACHINE\Software\Microsoft] [HKEY_LOCAL_MACHINE\Software\Mozilla] [HKEY_LOCAL_MACHINE\Software\mozilla.org] [HKEY_LOCAL_MACHINE\Software\MozillaPlugins] [HKEY_LOCAL_MACHINE\Software\Nero] [HKEY_LOCAL_MACHINE\Software\Nico Mak Computing] [HKEY_LOCAL_MACHINE\Software\ODBC] [HKEY_LOCAL_MACHINE\Software\OldTimer Tools] [HKEY_LOCAL_MACHINE\Software\Opera Software] [HKEY_LOCAL_MACHINE\Software\PySoft] [HKEY_LOCAL_MACHINE\Software\Qualcomm Atheros] [HKEY_LOCAL_MACHINE\Software\Reg] [HKEY_LOCAL_MACHINE\Software\SJBBB] [HKEY_LOCAL_MACHINE\Software\Skype] [HKEY_LOCAL_MACHINE\Software\SmdmF] [HKEY_LOCAL_MACHINE\Software\SuppHelpDir] [HKEY_LOCAL_MACHINE\Software\sweet-pageSoftware] [HKEY_LOCAL_MACHINE\Software\Systweak] [HKEY_LOCAL_MACHINE\Software\TuneUp] [HKEY_LOCAL_MACHINE\Software\VideoLAN] [HKEY_LOCAL_MACHINE\Software\WinRAR] [HKEY_LOCAL_MACHINE\Software\zbshareware] [HKEY_LOCAL_MACHINE\Software\Classes] [HKEY_LOCAL_MACHINE\Software\Clients] [HKEY_LOCAL_MACHINE\Software\Policies] [HKEY_LOCAL_MACHINE\Software\RegisteredApplications] [color=#A23BEC]< %Homedrive%\* >[/color] [2010/11/20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2014/10/18 15:34:59 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2015/05/20 13:11:55 | 000,008,998 | ---- | M] () -- C:\claraInstaller.txt [2016/02/29 16:34:21 | 2984,931,328 | -HS- | M] () -- C:\hiberfil.sys [2016/02/29 16:34:20 | 3979,911,168 | -HS- | M] () -- C:\pagefile.sys [2016/02/29 17:50:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2014/11/03 18:58:07 | 000,002,426 | ---- | M] () -- C:\RHDSetup.log [2015/11/15 21:57:29 | 000,362,359 | RHS- | M] () -- C:\RYEBH [2014/11/03 18:58:07 | 000,000,206 | ---- | M] () -- C:\setup.log [2015/01/02 21:53:58 | 000,000,027 | -H-- | M] () -- C:\TraFgFr.Tra [2014/11/04 18:55:51 | 000,192,457 | ---- | M] () -- C:\unp304067442455755891.mdmp [color=#A23BEC]< %Homedrive%\*. >[/color] [2015/06/24 00:08:14 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2015/05/19 15:41:45 | 000,000,000 | ---D | M] -- C:\0bb9bc5edac2576f6a0f32a9 [2015/04/26 18:44:40 | 000,000,000 | -HSD | M] -- C:\Boot [2016/02/29 17:38:29 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2016/02/11 21:20:06 | 000,000,000 | ---D | M] -- C:\DRIVERS [2014/10/18 15:46:33 | 000,000,000 | ---D | M] -- C:\Intel [2015/04/04 22:00:37 | 000,000,000 | -HSD | M] -- C:\Kernel [2015/01/02 21:53:57 | 000,000,000 | ---D | M] -- C:\Language [2015/11/16 01:14:31 | 000,000,000 | ---D | M] -- C:\MSDEV [2014/10/18 14:58:24 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2016/02/29 17:35:21 | 000,000,000 | R--D | M] -- C:\Program Files [2016/02/29 17:38:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86) [2016/02/29 17:35:21 | 000,000,000 | -H-D | M] -- C:\ProgramData [2014/10/18 14:42:08 | 000,000,000 | -HSD | M] -- C:\Recovery [2016/02/29 17:50:23 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2015/04/04 22:00:38 | 000,000,000 | -HSD | M] -- C:\system32 [2015/05/22 23:50:16 | 000,000,000 | ---D | M] -- C:\Users [2016/02/29 01:38:04 | 000,000,000 | ---D | M] -- C:\Windows [2015/11/23 20:52:22 | 000,000,000 | ---D | M] -- C:\Windroy [color=#A23BEC]< %Userprofile%\* >[/color] [2016/02/29 17:58:21 | 002,621,440 | -HS- | M] () -- C:\Users\samsung\ntuser.dat [2016/02/29 17:58:21 | 000,262,144 | -HS- | M] () -- C:\Users\samsung\ntuser.dat.LOG1 [2014/10/18 14:42:18 | 000,000,000 | -HS- | M] () -- C:\Users\samsung\ntuser.dat.LOG2 [2014/10/18 14:44:02 | 000,065,536 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2014/10/18 14:44:02 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2014/10/18 14:44:02 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2015/04/21 22:43:30 | 000,065,536 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{33804ce1-e927-11e4-aec6-1867b08284d2}.TM.blf [2015/04/21 22:43:30 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{33804ce1-e927-11e4-aec6-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms [2015/04/21 22:43:30 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{33804ce1-e927-11e4-aec6-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms [2015/11/16 01:06:16 | 000,065,536 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{c98d049e-8be2-11e5-8e74-1867b08284d2}.TM.blf [2015/11/16 01:06:16 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{c98d049e-8be2-11e5-8e74-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms [2015/11/16 01:06:16 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{c98d049e-8be2-11e5-8e74-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms [2014/10/18 14:42:18 | 000,000,020 | -HS- | M] () -- C:\Users\samsung\ntuser.ini [color=#A23BEC]< %Userprofile%\*. >[/color] [2015/11/20 18:13:56 | 000,000,000 | ---D | M] -- C:\Users\samsung\.android [2014/10/18 14:42:18 | 000,000,000 | -H-D | M] -- C:\Users\samsung\AppData [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Application Data [2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Contacts [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Cookies [2016/02/29 17:45:06 | 000,000,000 | R--D | M] -- C:\Users\samsung\Desktop [2016/02/29 01:35:02 | 000,000,000 | R--D | M] -- C:\Users\samsung\Documents [2016/02/29 17:44:54 | 000,000,000 | R--D | M] -- C:\Users\samsung\Downloads [2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Favorites [2015/12/10 17:32:28 | 000,000,000 | R--D | M] -- C:\Users\samsung\Google Drive [2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Links [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Local Settings [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Menu Démarrer [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Mes documents [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Modèles [2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Music [2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Pictures [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Recent [2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Saved Games [2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Searches [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\SendTo [2015/04/27 19:05:54 | 000,000,000 | ---D | M] -- C:\Users\samsung\Tracing [2015/12/09 16:35:37 | 000,000,000 | R--D | M] -- C:\Users\samsung\Videos [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Voisinage d'impression [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Voisinage réseau [2015/11/17 00:24:26 | 000,000,000 | ---D | M] -- C:\Users\samsung\youwave [color=#A23BEC]< %Allusersprofile%\* >[/color] [2015/04/26 14:38:47 | 000,262,144 | ---- | M] () -- C:\ProgramData\ntuser.dat [2015/08/04 23:02:17 | 000,005,120 | -HS- | M] () -- C:\ProgramData\ntuser.dat.LOG1 [2015/04/26 14:38:47 | 000,000,000 | -HS- | M] () -- C:\ProgramData\ntuser.dat.LOG2 [2015/04/26 14:38:47 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be569566-ec0e-11e4-ae0b-1867b08284d2}.TM.blf [2015/04/26 14:38:47 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be569566-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms [2015/04/26 14:38:47 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be569566-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms [2015/04/26 14:40:27 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be56957d-ec0e-11e4-ae0b-1867b08284d2}.TM.blf [2015/04/26 14:40:27 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be56957d-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms [2015/04/26 14:40:27 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be56957d-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms [color=#A23BEC]< %Allusersprofile%\*. >[/color] [2015/04/26 13:11:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2015/02/13 13:09:06 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software [2015/05/19 22:12:11 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG [2016/01/22 13:40:42 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacks [2016/01/22 14:00:13 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacksGameManager [2016/02/29 16:40:17 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacksSetup [2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau [2015/05/19 22:10:41 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files [2015/12/09 16:27:43 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink [2015/02/13 19:36:26 | 000,000,000 | ---D | M] -- C:\ProgramData\DatacardService [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2014/10/24 17:48:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Dim@net [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites [2015/11/19 22:40:19 | 000,000,000 | ---D | M] -- C:\ProgramData\inf [2014/10/18 15:25:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel [2015/11/15 17:49:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Logs [2016/02/24 00:46:01 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee [2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer [2015/04/21 22:22:05 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft [2015/11/16 01:14:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help [2015/11/16 20:36:37 | 000,000,000 | ---D | M] -- C:\ProgramData\MobileBrServ [2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles [2014/10/18 15:38:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla [2015/06/18 18:27:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero [2015/04/28 17:07:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache [2014/10/18 15:27:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Qualcomm Atheros [2015/11/16 01:14:14 | 000,000,000 | ---D | M] -- C:\ProgramData\RogueKiller [2015/06/28 09:51:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2014/10/18 14:53:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2015/01/02 22:24:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Ultralingua7 [2016/02/29 01:20:45 | 000,000,000 | ---D | M] -- C:\ProgramData\UniqueId [2016/02/29 01:38:19 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip [color=#A23BEC]< %localappdata%\* >[/color] [2015/07/09 21:12:38 | 000,004,608 | ---- | M] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014/12/02 20:25:29 | 000,108,840 | ---- | M] () -- C:\Users\samsung\AppData\Local\GDIPFONTCACHEV1.DAT [2016/02/29 13:55:36 | 015,004,781 | -H-- | M] () -- C:\Users\samsung\AppData\Local\IconCache.db [color=#A23BEC]< %localappdata%\*. >[/color] [2016/02/24 00:48:43 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Adobe [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\Application Data [2016/02/29 01:29:20 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\assembly [2015/05/19 22:11:27 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Avg [2016/01/22 13:39:22 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Bluestacks [2015/05/20 22:04:32 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\BoBrowser [2015/08/01 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CEF [2015/11/15 21:52:33 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CrashDumps [2015/11/16 22:28:53 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CrashRpt [2014/10/19 15:17:32 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CyberLink [2016/02/03 23:02:47 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Downloaded Installations [2015/03/16 11:56:43 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\DriverToolkit [2015/07/23 23:03:38 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\ElevatedDiagnostics [2015/09/09 16:06:43 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\EmieBrowserModeList [2015/09/09 16:06:43 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\EmieSiteList [2015/09/09 16:06:43 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\EmieUserList [2015/06/04 23:15:04 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Facebook [2015/12/10 17:36:57 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Google [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\Historique [2014/10/18 17:34:57 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Macromedia [2015/12/30 23:22:14 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Microsoft [2015/01/16 23:59:35 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Microsoft Games [2014/10/18 14:58:50 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Microsoft Help [2014/10/18 15:39:04 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Mozilla [2015/05/09 00:03:23 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Nero [2015/04/28 21:28:04 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Nero_AG [2016/02/29 01:25:48 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Nico Mak Computing [2014/11/14 22:31:49 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Opera Software [2014/10/19 13:31:00 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Programs [2014/10/18 17:29:05 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Skype [2015/11/17 13:58:45 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Softonic [2015/01/06 22:09:06 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\SoftonicAssistant [2016/02/29 17:58:47 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Temp [2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\Temporary Internet Files [2015/01/06 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Ultralingua7 [2015/06/02 15:46:23 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Unity [2014/10/19 15:28:35 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\VirtualStore [2016/02/29 01:38:44 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\WinZip [color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color] [color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color] [color=#A23BEC]< %programFiles%\* >[/color] [2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC]< %programFiles%\*. >[/color] [2015/06/08 16:56:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Abdio Software Inc [2015/04/26 12:52:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe [2014/10/18 14:55:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIMP2 [2016/01/22 13:56:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BlueStacks [2016/02/29 17:38:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files [2014/10/18 14:54:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink [2015/11/16 01:14:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DVDVideoSoft [2015/12/10 17:36:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google [2014/10/27 13:53:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GRETECH [2015/11/16 01:14:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GUPlayer [2016/02/29 17:36:43 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information [2014/10/18 17:18:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel [2014/10/22 14:41:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Download Manager [2016/02/11 17:11:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer [2016/02/24 17:13:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee Security Scan [2015/04/26 19:56:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office [2014/10/18 15:05:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio [2014/10/18 14:59:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2014/11/11 20:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works [2015/04/26 14:33:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET [2016/02/12 13:00:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox [2016/01/22 12:55:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service [2014/10/18 15:06:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild [2015/11/23 20:51:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Opera [2014/10/18 15:28:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Qualcomm Atheros [2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies [2015/02/20 15:17:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp [2015/01/02 22:23:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ultralingua [2015/11/16 00:46:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Uniblue [2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information [2015/06/06 21:33:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\USB Disk Security [2015/11/17 14:01:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vibosoft [2014/10/18 14:50:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN [2014/11/08 21:38:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender [2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail [2015/06/11 22:22:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player [2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT [2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer [2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices [2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar [2014/10/18 14:53:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRar [2015/06/18 18:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Word to Pdf Converter 3000 [color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color] [2016/02/24 17:12:43 | 001,555,928 | ---- | M] (McAfee, Inc.) -- C:\Windows\Temp\contentDATs.exe [2016/02/24 17:12:33 | 008,590,704 | ---- | M] (McAfee, Inc.) -- C:\Windows\Temp\SecurityScan_Release.exe [50 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] [2016/02/29 16:45:10 | 000,300,488 | ---- | M] (Mozilla Foundation) -- C:\Windows\Temp\avast_ash2\Mozilla Firefox\updater.exe [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color] [10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\system32\*.in* >[/color] [2015/03/13 02:55:15 | 000,016,303 | ---- | M] () -- C:\Windows\system32\ieuinit.inf [2009/07/14 05:55:01 | 000,000,535 | ---- | M] () -- C:\Windows\system32\mapisvc.inf [2015/02/22 23:59:36 | 001,552,872 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI [10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\* >[/color] [2016/02/29 17:46:00 | 000,001,002 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2016/02/29 16:34:45 | 000,000,362 | ---- | M] () -- C:\Windows\Tasks\DriverToolkit Autorun.job [2016/02/29 16:34:56 | 000,001,066 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2016/02/29 17:45:00 | 000,001,070 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2016/02/29 16:34:38 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2015/08/27 17:43:43 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(68).TXT [2016/01/14 20:33:08 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#A23BEC]< %systemroot%\Tasks\*. >[/color] [color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color] [color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color] [2009/07/14 04:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft [color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color] [color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.sys >[/color] [color=#A23BEC]< %temp%\*.exe /s >[/color] [2015/03/16 10:27:58 | 001,057,488 | ---- | M] (Adobe) -- C:\Users\samsung\AppData\Local\Temp\adobe-reader_11-0-10_fr_13628.exe [2015/11/17 08:33:31 | 000,000,231 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\AndyCurrentInstallerVMX.exe [2010/11/09 08:29:46 | 003,056,008 | ---- | M] (Ask) -- C:\Users\samsung\AppData\Local\Temp\askToolbarInstaller.exe [2015/11/16 00:27:59 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\BingSvc.exe [2015/11/16 00:28:33 | 001,118,360 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\BSvcProcessor.exe [2015/11/16 00:27:45 | 000,170,128 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\BSvcUpdater.exe [2009/10/30 05:37:28 | 000,217,088 | ---- | M] (Gretech Corporation) -- C:\Users\samsung\AppData\Local\Temp\GomEncDnInstaller.exe [2014/11/14 23:17:05 | 000,834,488 | ---- | M] ( ) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_FlvPlayerSetup.exe [2015/04/25 17:01:37 | 001,057,488 | ---- | M] (Adobe) -- C:\Users\samsung\AppData\Local\Temp\install_readerdc_fr_mssd_aaa_aih.exe [2006/10/28 03:28:26 | 000,145,184 | R--- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\ose00000.exe [2014/12/13 13:39:22 | 001,153,144 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe [2014/12/22 08:55:02 | 000,488,960 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\sqlite3.exe [2015/05/19 21:58:51 | 005,017,864 | ---- | M] (SaveFrom.net ) -- C:\Users\samsung\AppData\Local\Temp\tmp21F2.exe [2015/05/19 21:52:50 | 005,017,864 | ---- | M] (SaveFrom.net ) -- C:\Users\samsung\AppData\Local\Temp\tmp6596.exe [2015/04/26 16:49:17 | 000,000,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\{47D390E8-9520-42C2-99C7-574755546E8C}-42.0.2311.90_chrome_installer.exe [2014/11/29 20:25:04 | 000,000,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\{6AC655C7-083F-4772-BCAA-466AE351B942}-39.0.2171.71_38.0.2125.111_chrome_updater.exe [992 C:\Users\samsung\AppData\Local\Temp\*.tmp files -> C:\Users\samsung\AppData\Local\Temp\*.tmp -> ] [2014/12/02 18:47:00 | 017,923,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\samsung\AppData\Local\Temp\{27CF23C3-0BC2-4017-9A95-BA696F23EA30}\InstallFlashPlayer.exe [2014/12/02 20:12:53 | 000,372,736 | ---- | M] (Macrovision Corporation) -- C:\Users\samsung\AppData\Local\Temp\{8DF854F0-8B55-4FC0-92A8-0C8390439F82}\setup.exe [2016/02/11 21:20:21 | 000,107,320 | ---- | M] (Acresso Software Inc.) -- C:\Users\samsung\AppData\Local\Temp\{AC0CDAAB-E442-40E6-879B-DB522053489A}\ISBEW64.exe [2014/12/02 20:13:22 | 000,372,736 | ---- | M] (Macrovision Corporation) -- C:\Users\samsung\AppData\Local\Temp\{E11DBBDE-5AC5-4670-9712-D792A14D396F}\setup.exe [2016/02/05 17:54:16 | 000,378,296 | ---- | M] (McAfee, Inc.) -- C:\Users\samsung\AppData\Local\Temp\~nsu.tmp\Au_.exe [2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zS2A98.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe [2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zS2A98.tmp\MicroInstallerNative.exe [2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zS8574.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe [2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zS8574.tmp\MicroInstallerNative.exe [2015/03/10 11:27:20 | 016,228,056 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSA1AD.tmp\BlueStacks-ThinInstaller_0.9.17.4138.exe [2015/03/10 11:27:16 | 000,165,592 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSA1AD.tmp\MicroInstallerNative.exe [2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSBA4.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe [2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSBA4.tmp\MicroInstallerNative.exe [2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSC87C.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe [2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSC87C.tmp\MicroInstallerNative.exe [2014/10/07 11:21:11 | 016,027,352 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSD200.tmp\BlueStacks-ThinInstaller_0.9.4.4078.exe [2014/10/07 11:21:08 | 000,144,600 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSD200.tmp\MicroInstallerNative.exe [2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSFDDF.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe [2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSFDDF.tmp\MicroInstallerNative.exe [2014/10/30 03:16:16 | 000,069,056 | ---- | M] (北京暴风科技股份有限公司) -- C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\BaofengUpdate.exe [2014/10/30 03:16:16 | 001,891,840 | ---- | M] (Skytech Co., Ltd.) -- C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\UninstallManager.exe [1 C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\*.tmp files -> C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\*.tmp -> ] [2015/05/20 13:12:19 | 000,113,400 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\ClaraDwl\03e56d45-2cb7-4fa6-b315-984ff1eca689.exe [2015/05/20 13:15:31 | 010,597,727 | ---- | M] (iCinema) -- C:\Users\samsung\AppData\Local\Temp\DwlTempFolder\temp.exe [2016/02/18 01:18:11 | 002,095,304 | ---- | M] (ESET) -- C:\Users\samsung\AppData\Local\Temp\FBScanner_942095923\ESET.exe [2014/11/14 22:31:19 | 000,870,008 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\is116316934\16F003FA_stp.EXE [2014/11/14 22:31:10 | 000,840,928 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is116316934\6CF59B58_stp.EXE [2014/11/03 14:52:10 | 000,580,176 | ---- | M] (One Syn) -- C:\Users\samsung\AppData\Local\Temp\is116316934\33BDC0C1_stp\Nov3_cor_sweet-page.exe [2015/06/27 12:54:40 | 002,048,000 | ---- | M] (BluetoothInstaller.com) -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\prsetup.exe [2016/02/11 13:27:21 | 000,231,803 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\temporal_setup.exe [2016/02/11 13:27:22 | 000,000,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\temporal_setup2.exe [2012/05/30 10:55:26 | 000,167,936 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\UNZIP.exe [2016/02/07 21:20:16 | 001,290,999 | ---- | M] ( ) -- C:\Users\samsung\AppData\Local\Temp\is-IAMEP.tmp\prsetup.exe [2012/05/30 10:55:26 | 000,167,936 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-IAMEP.tmp\UNZIP.exe [2012/05/30 10:55:26 | 000,167,936 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-LHRU4.tmp\UNZIP.exe [2016/02/07 21:24:18 | 000,452,207 | ---- | M] ( ) -- C:\Users\samsung\AppData\Local\Temp\is-LHRU4.tmp\websetup.exe [2015/08/05 01:01:56 | 000,248,376 | ---- | M] (DVDVideoSoft Ltd.) -- C:\Users\samsung\AppData\Local\Temp\is-SH3LN.tmp\Assistant64.exe [2015/08/05 02:53:54 | 000,867,344 | ---- | M] (DVDVideoSoft Ltd.) -- C:\Users\samsung\AppData\Local\Temp\is-SH3LN.tmp\ux_optimizer.exe [2015/04/28 17:02:04 | 000,735,568 | ---- | M] (Nero AG ) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\setup.exe [2015/04/28 17:02:12 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dcsx\DXSETUP.exe [2015/04/28 17:02:11 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dcsx\PRQStarter-1.exe [2015/04/28 17:02:11 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx10\DXSETUP.exe [2015/04/28 17:02:11 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx10\PRQStarter-1.exe [2015/04/28 17:02:10 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx11\DXSETUP.exe [2015/04/28 17:02:10 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx11\PRQStarter-1.exe [2015/04/28 17:02:09 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx9\DXSETUP.exe [2015/04/28 17:02:09 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx9\PRQStarter-1.exe [2015/04/28 17:02:09 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3dHlslCompiler9.29.952.3111\DXSETUP.exe [2015/04/28 17:02:09 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3dHlslCompiler9.29.952.3111\PRQStarter-1.exe [2015/04/28 17:02:08 | 000,081,920 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\lightscribeSystemSoftware\LSDriveDetect.exe [2015/04/28 17:02:08 | 000,090,384 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\lightscribeSystemSoftware\LS_LAUNCHER.exe [2015/04/28 17:02:08 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\lightscribeSystemSoftware\PRQStarter-1.exe [2015/04/28 17:02:08 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\PRQStarter-1.exe [2015/04/28 17:02:07 | 004,995,416 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\vcredist_x86.exe [2015/04/28 17:02:07 | 002,067,280 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2012X86\PRQStarter-1.exe [2015/04/28 17:02:07 | 006,554,576 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2012X86\vcredist_x86.exe [2015/04/28 17:02:07 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindows6.0X64\PRQStarter-1.exe [2015/04/28 17:02:07 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindows6.0X86\PRQStarter-1.exe [2015/04/28 17:02:06 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindowsxpX86\PRQStarter-1.exe [2015/04/28 17:02:06 | 003,327,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindowsxpX86\WindowsXP-KB942288-v3-x86.exe [2015/04/28 17:02:06 | 001,520,464 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\opencandy\InstallHelper.exe [2015/04/28 17:02:06 | 002,094,928 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\rebootValidator\PRQStarter-1.exe [2015/04/28 17:02:06 | 002,566,416 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\systemRequirementValidator\NeroOSValidator.exe [2015/04/28 17:02:05 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\systemRequirementValidator\PRQStarter-1.exe [2016/02/05 17:59:06 | 000,647,432 | ---- | M] (McAfee, Inc.) -- C:\Users\samsung\AppData\Local\Temp\nssD3F4.tmp-3658831\MSS\3.11.292.3\McUICnt.exe [2015/11/16 11:19:35 | 001,316,984 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\installer.exe [2015/11/16 11:19:36 | 000,948,856 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\launcher.exe [2015/11/16 11:19:37 | 000,883,832 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\opera.exe [2015/11/16 11:19:38 | 003,613,304 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\opera_autoupdate.exe [2015/11/16 11:19:39 | 000,504,440 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\opera_crashreporter.exe [2015/11/16 11:19:39 | 000,073,336 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\wow_helper.exe [2012/08/15 14:06:24 | 001,030,976 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Setup.exe [2012/08/09 14:21:02 | 000,184,640 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\difx64.exe [2012/08/09 14:21:02 | 004,378,944 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\GfxUI.exe [2012/08/09 14:21:04 | 000,392,512 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\hkcmd.exe [2012/08/09 14:21:18 | 000,239,936 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxext.exe [2012/08/09 14:21:18 | 000,417,088 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxpers.exe [2012/08/09 14:21:22 | 000,506,688 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxsrvc.exe [2012/08/09 14:21:22 | 000,167,744 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxtray.exe [2012/08/09 14:21:22 | 001,026,880 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igxpun.exe [2009/11/18 14:07:44 | 000,813,592 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Intel Control Center\SetupICC.exe [2012/08/15 14:06:32 | 000,184,640 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\x64\Drv64.exe [2015/05/20 11:08:41 | 000,570,764 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\samsung\AppData\Local\Temp\TempDir\baidu11.exe [2015/05/20 11:08:56 | 000,898,168 | ---- | M] (ClaraLabs) -- C:\Users\samsung\AppData\Local\Temp\TempDir\ClaraInstaller_Core36.exe [2015/05/20 11:08:10 | 039,076,264 | ---- | M] (The Olcinium Browser Authors) -- C:\Users\samsung\AppData\Local\Temp\TempDir\d3205137-dfb9-46ba-a117-d5f7d8675906.exe [2015/05/20 11:09:11 | 001,377,280 | ---- | M] (PlusDiscount-FrenzComp) -- C:\Users\samsung\AppData\Local\Temp\TempDir\setup.exe [2015/05/20 11:08:28 | 000,737,384 | ---- | M] (Olcinium ) -- C:\Users\samsung\AppData\Local\Temp\TempDir\setupFacebookChatDesktop.exe [2015/04/28 10:33:58 | 025,700,400 | ---- | M] (Google) -- C:\Users\samsung\AppData\Local\Temp\tmpfaubvf\googledrivesync.exe [2015/07/29 08:23:18 | 022,344,224 | ---- | M] (Google) -- C:\Users\samsung\AppData\Local\Temp\tmpqqjmb9\googledrivesync.exe [2014/12/23 00:10:41 | 000,284,048 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\devsetup32.exe [2014/12/23 00:10:41 | 000,384,400 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\devsetup64.exe [2014/12/23 00:10:41 | 000,333,200 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\DriverSetup.exe [2014/12/23 00:10:41 | 000,329,104 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\DriverUninstall.exe [2014/12/23 00:10:41 | 000,607,584 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\AddPbk.exe [2014/12/23 00:10:41 | 000,514,048 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\mobilepartner.exe [2014/12/23 00:10:41 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\mt.exe [2014/12/23 00:10:42 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\subinacl.exe [2014/12/23 00:10:42 | 000,019,808 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UnblockPin.exe [2014/12/23 00:10:42 | 000,077,152 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\XStartScreen.exe [2014/12/23 00:10:41 | 000,436,768 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunSetup.exe [2014/12/23 00:10:41 | 000,176,344 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunUninstall.exe [2014/12/23 00:10:41 | 001,545,568 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\LiveUpd.exe [2014/12/23 00:10:41 | 000,655,712 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\ouc.exe [2014/12/23 00:10:41 | 000,008,704 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\RunLiveUpd.exe [2014/12/23 00:10:42 | 000,605,184 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\RunOuc.exe [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2015/10/29 10:37:14 | 001,007,816 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\Andy\Setup.exe [2015/10/29 10:37:14 | 001,007,816 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\Andy_45.5_Online\Setup.exe [2015/11/16 22:06:26 | 001,063,648 | ---- | M] (Igor Pavlov) -- C:\Users\samsung\AppData\Roaming\Andy_45.5_Online\tools\7za-x64.exe [2015/05/19 21:54:03 | 000,299,160 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\OpenCandy\925B9649220341E6A246D12D7F173847\setup.exe [2015/05/19 22:10:38 | 049,801,016 | ---- | M] (AVG Technologies) -- C:\Users\samsung\AppData\Roaming\OpenCandy\B511C9925D454F78B684CB98B6957798\AVG-PC-TuneUp2015-2200620.exe [2015/08/09 00:10:18 | 000,298,944 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\RPEng\7DA556E6F0124DEAA17A13554A21851B\setup.exe [2015/06/06 21:21:22 | 004,024,616 | ---- | M] (Zbshareware Lab ) -- C:\Users\samsung\AppData\Roaming\Zbshareware Lab\USBGuard\PatchUSBGuardZB.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2010/11/20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2014/10/18 15:34:59 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2015/05/20 13:11:55 | 000,008,998 | ---- | M] () -- C:\claraInstaller.txt [2016/02/29 16:34:21 | 2984,931,328 | -HS- | M] () -- C:\hiberfil.sys [2016/02/29 16:34:20 | 3979,911,168 | -HS- | M] () -- C:\pagefile.sys [2016/02/29 17:50:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2014/11/03 18:58:07 | 000,002,426 | ---- | M] () -- C:\RHDSetup.log [2015/11/15 21:57:29 | 000,362,359 | RHS- | M] () -- C:\RYEBH [2014/11/03 18:58:07 | 000,000,206 | ---- | M] () -- C:\setup.log [2015/01/02 21:53:58 | 000,000,027 | -H-- | M] () -- C:\TraFgFr.Tra [2014/11/04 18:55:51 | 000,192,457 | ---- | M] () -- C:\unp304067442455755891.mdmp [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe [2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2015/04/11 05:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe [2015/04/13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe [2015/04/13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe [2014/03/04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe [2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe [2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe [2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe [color=#E56717]========== Base Services ==========[/color] SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc) SRV:[b]64bit:[/b] - [2015/06/15 22:45:34 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo) SRV:[b]64bit:[/b] - [2009/07/14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG) SRV:[b]64bit:[/b] - [2010/11/20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS) SRV:[b]64bit:[/b] - [2010/11/20 14:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE) SRV:[b]64bit:[/b] - [2016/01/22 05:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso) SRV:[b]64bit:[/b] - [2009/07/14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem) SRV - [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem) SRV:[b]64bit:[/b] - [2012/07/04 23:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser) SRV:[b]64bit:[/b] - [2015/02/03 04:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc) SRV - [2015/02/03 04:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc) SRV:[b]64bit:[/b] - [2010/11/20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch) SRV:[b]64bit:[/b] - [2010/11/20 14:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp) SRV - [2010/11/20 13:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp) SRV:[b]64bit:[/b] - [2011/03/03 07:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache) SRV:[b]64bit:[/b] - [2009/07/14 02:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost) SRV:[b]64bit:[/b] - [2009/07/14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv) SRV - [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv) SRV:[b]64bit:[/b] - [2009/07/14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess) SRV:[b]64bit:[/b] - [2010/11/20 14:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent) No service found with a name of MsMpSvc No service found with a name of NisSrv SRV:[b]64bit:[/b] - [2009/07/14 02:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv) SRV:[b]64bit:[/b] - [2009/07/14 02:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS) SRV:[b]64bit:[/b] - [2009/07/14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman) SRV:[b]64bit:[/b] - [2009/07/14 02:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm) SRV - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm) SRV:[b]64bit:[/b] - [2014/12/06 05:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc) SRV:[b]64bit:[/b] - [2009/07/14 02:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi) SRV:[b]64bit:[/b] - [2011/05/24 12:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay) SRV:[b]64bit:[/b] - [2010/11/20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler) SRV:[b]64bit:[/b] - [2016/01/22 05:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage) No service found with a name of EMDMgmt SRV:[b]64bit:[/b] - [2009/07/14 02:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto) SRV:[b]64bit:[/b] - [2010/11/20 14:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan) SRV:[b]64bit:[/b] - [2010/11/20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs) SRV:[b]64bit:[/b] - [2010/11/20 14:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon) SRV:[b]64bit:[/b] - [2016/01/22 05:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs) SRV:[b]64bit:[/b] - [2009/07/14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc) SRV:[b]64bit:[/b] - [2010/11/20 14:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer) SRV:[b]64bit:[/b] - [2010/11/20 14:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection) SRV - [2010/11/20 13:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection) No service found with a name of slsvc SRV:[b]64bit:[/b] - [2015/08/05 18:56:14 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule) SRV:[b]64bit:[/b] - [2010/11/20 14:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv) SRV - [2010/11/20 13:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv) SRV:[b]64bit:[/b] - [2009/07/14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes) SRV:[b]64bit:[/b] - [2014/12/19 04:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc) SRV:[b]64bit:[/b] - [2010/11/20 14:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS) SRV:[b]64bit:[/b] - [2015/02/03 04:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv) SRV:[b]64bit:[/b] - [2015/02/03 04:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2010/11/20 14:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC) SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2010/11/20 14:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog) SRV:[b]64bit:[/b] - [2010/11/20 14:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc) SRV:[b]64bit:[/b] - [2010/11/20 14:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc) SRV:[b]64bit:[/b] - [2015/06/15 22:44:47 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver) SRV - [2015/06/15 22:42:49 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver) SRV:[b]64bit:[/b] - [2009/07/14 02:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt) SRV:[b]64bit:[/b] - [2015/11/20 19:54:59 | 002,609,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv) SRV:[b]64bit:[/b] - [2010/11/20 14:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc) SRV:[b]64bit:[/b] - [2009/07/14 02:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc) SRV:[b]64bit:[/b] - [2010/11/20 14:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation) [color=#A23BEC]< HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command >[/color] "" = C:\Program Files\Internet Explorer\iexplore.exe -- [2016/01/22 21:31:15 | 000,814,288 | ---- | M] (Microsoft Corporation) [color=#A23BEC]< HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command >[/color] "" = "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -- [2016/02/12 13:00:00 | 000,392,136 | ---- | M] (Mozilla Corporation) [color=#A23BEC]< HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command >[/color] "" = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- [2016/02/18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.) [color=#A23BEC]< dir "%Homedrive%\*" /S /A:L /C >[/color] Le volume dans le lecteur C n'a pas de nom. Le num‚ro de s‚rie du volume est D8A7-B1C1 R‚pertoire de C:\ 14/07/2009 06:08 Documents and Settings [C:\Users] 0 fichier(s) 0 octets R‚pertoire de C:\Program Files 18/10/2014 14:42 Fichiers communs [C:\Program Files\Common Files] 0 fichier(s) 0 octets R‚pertoire de C:\Program Files\Windows NT 18/10/2014 14:42 Accessoires [C:\Program Files\Windows NT\Accessories] 0 fichier(s) 0 octets R‚pertoire de C:\Program Files (x86)\Common Files\AV 03/12/2015 13:02 avast! Antivirus [C:\Program Files\Common Files\AV\avast! Antivirus] 0 fichier(s) 0 octets R‚pertoire de C:\ProgramData 14/07/2009 06:08 Application Data [C:\ProgramData] 18/10/2014 14:42 Bureau [C:\Users\Public\Desktop] 14/07/2009 06:08 Desktop [C:\Users\Public\Desktop] 14/07/2009 06:08 Documents [C:\Users\Public\Documents] 18/10/2014 14:42 Favoris [C:\Users\Public\Favorites] 14/07/2009 06:08 Favorites [C:\Users\Public\Favorites] 18/10/2014 14:42 Menu D‚marrer [C:\ProgramData\Microsoft\Windows\Start Menu] 18/10/2014 14:42 ModŠles [C:\ProgramData\Microsoft\Windows\Templates] 14/07/2009 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 fichier(s) 0 octets R‚pertoire de C:\ProgramData\Microsoft\Windows\Start Menu 18/10/2014 14:42 Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users 14/07/2009 06:08 All Users [C:\ProgramData] 14/07/2009 06:08 Default User [C:\Users\Default] 0 fichier(s) 0 octets R‚pertoire de C:\Users\All Users 14/07/2009 06:08 Application Data [C:\ProgramData] 18/10/2014 14:42 Bureau [C:\Users\Public\Desktop] 14/07/2009 06:08 Desktop [C:\Users\Public\Desktop] 14/07/2009 06:08 Documents [C:\Users\Public\Documents] 18/10/2014 14:42 Favoris [C:\Users\Public\Favorites] 14/07/2009 06:08 Favorites [C:\Users\Public\Favorites] 18/10/2014 14:42 Menu D‚marrer [C:\ProgramData\Microsoft\Windows\Start Menu] 18/10/2014 14:42 ModŠles [C:\ProgramData\Microsoft\Windows\Templates] 14/07/2009 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 fichier(s) 0 octets R‚pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu 18/10/2014 14:42 Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default 14/07/2009 06:08 Application Data [C:\Users\Default\AppData\Roaming] 14/07/2009 06:08 Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies] 14/07/2009 06:08 Local Settings [C:\Users\Default\AppData\Local] 18/10/2014 14:42 Menu D‚marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 18/10/2014 14:42 Mes documents [C:\Users\Default\Documents] 18/10/2014 14:42 ModŠles [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 14/07/2009 06:08 My Documents [C:\Users\Default\Documents] 14/07/2009 06:08 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 14/07/2009 06:08 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14/07/2009 06:08 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 14/07/2009 06:08 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 14/07/2009 06:08 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 14/07/2009 06:08 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 18/10/2014 14:42 Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 18/10/2014 14:42 Voisinage r‚seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default\AppData\Local 14/07/2009 06:08 Application Data [C:\Users\Default\AppData\Local] 18/10/2014 14:42 Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14/07/2009 06:08 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14/07/2009 06:08 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 18/10/2014 14:42 Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Default\Documents 18/10/2014 14:42 Ma musique [C:\Users\Default\Music] 18/10/2014 14:42 Mes images [C:\Users\Default\Pictures] 18/10/2014 14:42 Mes vid‚os [C:\Users\Default\Videos] 14/07/2009 06:08 My Music [C:\Users\Default\Music] 14/07/2009 06:08 My Pictures [C:\Users\Default\Pictures] 14/07/2009 06:08 My Videos [C:\Users\Default\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\Public\Documents 18/10/2014 14:42 Ma musique [C:\Users\Public\Music] 18/10/2014 14:42 Mes images [C:\Users\Public\Pictures] 18/10/2014 14:42 Mes vid‚os [C:\Users\Public\Videos] 14/07/2009 06:08 My Music [C:\Users\Public\Music] 14/07/2009 06:08 My Pictures [C:\Users\Public\Pictures] 14/07/2009 06:08 My Videos [C:\Users\Public\Videos] 0 fichier(s) 0 octets R‚pertoire de C:\Users\samsung 18/10/2014 14:42 Application Data [C:\Users\samsung\AppData\Roaming] 18/10/2014 14:42 Cookies [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Cookies] 18/10/2014 14:42 Local Settings [C:\Users\samsung\AppData\Local] 18/10/2014 14:42 Menu D‚marrer [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu] 18/10/2014 14:42 Mes documents [C:\Users\samsung\Documents] 18/10/2014 14:42 ModŠles [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Templates] 18/10/2014 14:42 Recent [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Recent] 18/10/2014 14:42 SendTo [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\SendTo] 18/10/2014 14:42 Voisinage d'impression [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 18/10/2014 14:42 Voisinage r‚seau [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R‚pertoire de C:\Users\samsung\AppData\Local 18/10/2014 14:42 Application Data [C:\Users\samsung\AppData\Local] 18/10/2014 14:42 Historique [C:\Users\samsung\AppData\Local\Microsoft\Windows\History] 18/10/2014 14:42 Temporary Internet Files [C:\Users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 fichier(s) 0 octets R‚pertoire de C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu 18/10/2014 14:42 Programmes [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R‚pertoire de C:\Users\samsung\Documents 18/10/2014 14:42 Ma musique [C:\Users\samsung\Music] 18/10/2014 14:42 Mes images [C:\Users\samsung\Pictures] 18/10/2014 14:42 Mes vid‚os [C:\Users\samsung\Videos] 0 fichier(s) 0 octets Total des fichiers list‚sÿ: 0 fichier(s) 0 octets 77 R‚p(s) 24ÿ683ÿ532ÿ288 octets libres [color=#E56717]========== Files - Unicode (All) ==========[/color] [2016/02/29 01:18:55 | 000,058,529 | ---- | M] ()(C:\Users\samsung\Desktop\?????? ?????????? ?????? ??????? ??????? ?????????.rar) -- C:\Users\samsung\Desktop\الدفتر البيداغوجي لاستاذ التربية البدينة والرياضية.rar [2016/02/29 01:18:54 | 000,058,529 | ---- | C] ()(C:\Users\samsung\Desktop\?????? ?????????? ?????? ??????? ??????? ?????????.rar) -- C:\Users\samsung\Desktop\الدفتر البيداغوجي لاستاذ التربية البدينة والرياضية.rar [2016/02/23 23:13:12 | 000,004,592 | ---- | M] ()(C:\Users\samsung\Desktop\???? ?????..html) -- C:\Users\samsung\Desktop\مطلب ترقية..html [2016/02/23 23:13:12 | 000,004,592 | ---- | C] ()(C:\Users\samsung\Desktop\???? ?????..html) -- C:\Users\samsung\Desktop\مطلب ترقية..html [2016/02/23 22:54:27 | 000,004,540 | ---- | M] ()(C:\Users\samsung\Desktop\???? ?????.html) -- C:\Users\samsung\Desktop\مطلب ترقية.html [2016/02/23 22:54:27 | 000,004,540 | ---- | C] ()(C:\Users\samsung\Desktop\???? ?????.html) -- C:\Users\samsung\Desktop\مطلب ترقية.html [2016/02/20 21:42:09 | 003,736,939 | ---- | M] ()(C:\Users\samsung\Desktop\?????????.pdf) -- C:\Users\samsung\Desktop\التمرينات.pdf [2016/02/20 21:41:56 | 003,736,939 | ---- | C] ()(C:\Users\samsung\Desktop\?????????.pdf) -- C:\Users\samsung\Desktop\التمرينات.pdf < End of report >