OTL-1.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 25/03/2017 11:12:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JEAN YVES PORTABLE\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17631)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,82 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 23,68% Memory free
5,76 Gb Paging File | 1,31 Gb Available in Paging File | 22,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 680,39 Gb Total Space | 541,80 Gb Free Space | 79,63% Space Free | Partition Type: NTFS

Computer Name: JEAN-YVES-PORT | User Name: JEAN YVES PORTABLE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/03/25 11:11:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JEAN YVES PORTABLE\Desktop\OTL.exe
PRC - [2017/03/19 12:31:18 | 000,517,064 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2017/03/18 20:16:57 | 009,441,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2017/03/18 20:15:02 | 000,440,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvastNM.exe
PRC - [2017/03/03 10:25:35 | 000,731,680 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser_crashreporter.exe
PRC - [2017/03/03 10:25:34 | 000,801,824 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
PRC - [2017/01/20 07:57:12 | 002,780,112 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/05/22 18:27:54 | 000,580,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2014/05/22 18:25:18 | 001,537,024 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2014/05/22 12:50:04 | 004,513,792 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2013/09/25 14:35:06 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2013/08/22 03:54:00 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\cmd.exe
PRC - [2012/12/10 09:39:12 | 000,475,984 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/12/10 09:39:08 | 001,192,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/07/17 10:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 10:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 10:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2017/03/18 20:15:21 | 000,655,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2017/03/18 20:15:16 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2017/03/18 20:15:02 | 000,440,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvastNM.exe
MOD - [2017/03/18 20:14:35 | 000,290,352 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2017/03/03 10:25:31 | 068,870,688 | ---- | M] () -- C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.dll
MOD - [2016/07/11 21:29:59 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:[b]64bit:[/b] - [2017/03/19 11:50:52 | 000,278,784 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2017/03/18 20:15:15 | 000,262,736 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2017/03/18 20:14:37 | 007,147,320 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:[b]64bit:[/b] - [2017/01/20 07:54:02 | 004,355,024 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2016/02/03 16:11:56 | 001,673,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/12/20 15:57:54 | 000,839,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2015/09/08 19:55:41 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2015/07/22 14:52:08 | 001,633,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/07/16 19:58:34 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/05/30 20:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/05/12 14:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/05/07 16:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/02/21 00:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2014/10/31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 02:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 02:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 02:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/04/19 18:48:02 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/03/18 11:10:05 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/03/18 11:09:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/03/18 11:09:56 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/03/18 11:09:55 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/03/18 11:09:51 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013/03/15 14:00:12 | 000,662,088 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2012/04/20 13:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2017/03/19 12:31:18 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017/03/15 01:04:11 | 000,271,960 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017/02/27 12:14:56 | 000,317,400 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/09/08 19:55:41 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015/05/07 16:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/29 02:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/01/25 01:22:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/25 14:35:06 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2013/09/05 01:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/09/01 04:19:52 | 000,093,296 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\WINDOWS\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/01/28 13:47:24 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/07/17 10:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 10:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 10:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:[b]64bit:[/b] - [2017/03/25 09:39:12 | 000,092,088 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mwac.sys -- (MBAMWebProtection)
DRV:[b]64bit:[/b] - [2017/03/25 09:39:12 | 000,092,088 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2017/03/23 00:06:29 | 000,186,304 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2017/03/23 00:06:20 | 000,111,544 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\farflt.sys -- (MBAMFarflt)
DRV:[b]64bit:[/b] - [2017/03/23 00:06:19 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2017/03/23 00:06:19 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:[b]64bit:[/b] - [2017/03/23 00:06:17 | 000,251,840 | ---- | M] (Malwarebytes) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2017/03/21 23:52:00 | 000,548,928 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2017/03/19 11:50:53 | 000,461,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswNetSec.sys -- (aswNetSec)
DRV:[b]64bit:[/b] - [2017/03/18 20:16:54 | 000,337,592 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,162,528 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,126,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,075,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2017/03/18 20:15:36 | 000,100,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2017/03/18 20:15:05 | 000,993,608 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2017/03/18 20:15:04 | 000,032,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,309,272 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:[b]64bit:[/b] - [2017/02/24 06:23:20 | 000,077,408 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\mbae64.sys -- (ESProtectionDriver)
DRV:[b]64bit:[/b] - [2016/09/05 05:47:12 | 000,165,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2016/09/05 05:47:06 | 000,131,712 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2016/01/26 20:15:40 | 000,072,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2016/01/24 19:19:09 | 000,419,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2015/11/05 15:23:52 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2015/10/11 07:34:30 | 000,468,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/09/29 13:24:42 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/07/20 20:45:04 | 000,050,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2015/07/07 10:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/07/07 10:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/07/07 10:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/04/16 07:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/03/20 02:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/03/13 05:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/03/09 03:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/03/04 11:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2014/11/10 19:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/10/29 04:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/13 03:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/13 03:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/07 07:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/08/15 21:13:34 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2014/08/15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/07/24 12:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/05/01 14:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/04/19 18:48:07 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/03/18 11:09:57 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/03/18 11:09:52 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/03/18 11:09:38 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/03/18 10:41:19 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/01/25 01:22:44 | 004,221,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/01/22 08:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:[b]64bit:[/b] - [2013/12/27 00:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2013/09/05 01:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2013/09/01 04:19:52 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2013/08/22 11:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 15:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\athw8x.sys -- (athr)
DRV:[b]64bit:[/b] - [2013/06/18 15:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2013/01/28 13:23:28 | 000,581,200 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2013/01/28 13:23:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2013/01/28 13:23:24 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2013/01/28 13:23:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2013/01/28 13:23:18 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2013/01/28 13:23:18 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2012/12/07 10:19:12 | 000,331,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012/10/03 15:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/16 06:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/08/03 10:55:34 | 000,340,112 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:[b]64bit:[/b] - [2012/07/02 08:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/19 00:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
IE - HKLM\..\SearchScopes\{C3476305-4AA1-4781-AD53-7782693DFC53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.fr/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search?bcutc=sp-006"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo"
FF - prefs.js..browser.search.highlightCount: 3
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/?bcutc=sp-006"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.0.1
FF - prefs.js..keyword.URL: "https://www.google.com/search?bcutc=sp-006"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\adslTV\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2017/03/19 12:31:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: removed
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Market: fr-fr
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Package: DefaultPack
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\OSVersion: 6.2.9200.1
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\LVersion: 1.7.51.0
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\MFVersion: MF39.0.3 (x86 fr)

[2014/01/22 19:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Extensions
[2017/03/20 08:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Firefox\Profiles\rgnhhcj9.default\extensions
[2014/03/27 07:05:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Firefox\Profilesrgnhhcj9.default\extensions
[2014/03/27 07:05:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Firefox\Profilesrgnhhcj9.default\extensions\staged
[2017/03/20 08:56:15 | 000,830,818 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi
[2017/03/25 09:55:09 | 000,008,115 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{4fe71b52-2af0-4922-accd-57b61176b0e8}\deployment-checker@mozilla.org.xpi
[2017/03/25 09:55:09 | 000,007,195 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{4fe71b52-2af0-4922-accd-57b61176b0e8}\e10srollout@mozilla.org.xpi
[2017/03/05 12:08:00 | 000,007,704 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\aushelper@mozilla.org.xpi
[2017/03/05 12:08:00 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\diagnostics@mozilla.org.xpi
[2017/03/05 12:08:00 | 000,008,857 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\disableSHA1rollout@mozilla.org.xpi
[2017/03/05 12:08:00 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\hsts-priming@mozilla.org.xpi
[2016/12/04 11:48:13 | 000,002,426 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\searchplugins\google-avast.xml
[2017/03/19 12:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2017/03/19 12:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.5_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik\1.1.2697_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.9_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.163_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.199_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\9.0.0.5000_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\9.0.0.7200_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_0\

O1 HOSTS File: ([2017/01/26 13:20:54 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LManager] File not found
O4 - HKCU..\Run: [Viber] C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber\Viber.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Key error. File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C280265-0916-4FAA-AC38-BCFC03DCE378}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{733FC8E8-BDA6-41DB-8879-67A27290F732}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FE3B31F-223A-417C-93AE-8E13F7E6BE19}: DhcpNameServer = 212.27.40.240 212.27.40.241
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{473448cc-cf8c-11e4-becf-48d2247423e5}\Shell - "" = AutoRun
O33 - MountPoints2\{473448cc-cf8c-11e4-becf-48d2247423e5}\Shell\AutoRun\command - "" = "E:\AutoRun.exe"
O33 - MountPoints2\{4ec17ef9-f52f-11e6-bf9d-48d2247423e5}\Shell - "" = AutoRun
O33 - MountPoints2\{4ec17ef9-f52f-11e6-bf9d-48d2247423e5}\Shell\AutoRun\command - "" = "E:\HiSuiteDownLoader.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] lfsvc - C:\WINDOWS\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] wlidsvc - C:\WINDOWS\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\WINDOWS\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\WINDOWS\SysNative\NcaSvc.dll (Microsoft Corporation)

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\WINDOWS\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\WINDOWS\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\WINDOWS\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] EFS - C:\WINDOWS\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] KeyIso - C:\WINDOWS\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] LSM - C:\WINDOWS\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SafeBootMin:[b]64bit:[/b] Netlogon - C:\WINDOWS\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\WINDOWS\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\WINDOWS\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\WINDOWS\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] EFS - C:\WINDOWS\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] KeyIso - C:\WINDOWS\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] LSM - C:\WINDOWS\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Netlogon - C:\WINDOWS\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] netprofm - C:\WINDOWS\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] VaultSvc - C:\WINDOWS\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\WINDOWS\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/03/25 11:11:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JEAN YVES PORTABLE\Desktop\OTL.exe
[2017/03/23 12:46:36 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\RAPPORTS
[2017/03/23 09:20:25 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\CCLEANER
[2017/03/23 08:45:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2017/03/22 20:24:00 | 000,186,304 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017/03/22 20:23:39 | 000,111,544 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017/03/22 20:23:39 | 000,092,088 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017/03/22 20:23:33 | 000,043,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017/03/22 20:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017/03/22 20:22:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017/03/21 00:11:45 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
[2017/03/20 10:19:07 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017/03/20 10:19:07 | 000,093,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017/03/20 10:19:06 | 001,609,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017/03/20 10:19:06 | 001,286,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017/03/20 10:19:06 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017/03/20 10:19:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017/03/20 10:19:04 | 000,646,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017/03/20 10:19:04 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017/03/20 10:19:03 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\centel.dll
[2017/03/20 08:54:10 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AVAST Software
[2017/03/20 01:40:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\softwaredistribution.bak
[2017/03/20 01:39:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\softwareDistribution
[2017/03/20 01:07:31 | 000,000,000 | ---D | C] -- C:\reinage
[2017/03/19 13:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2017/03/19 13:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2017/03/19 13:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2017/03/19 12:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2017/03/19 11:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2017/03/19 11:51:57 | 000,461,640 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNetSec.sys
[2017/03/19 11:51:41 | 000,398,408 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2017/03/19 09:37:09 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\FLO
[2017/03/18 20:16:13 | 000,334,600 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys
[2017/03/18 20:16:13 | 000,309,272 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys
[2017/03/18 20:16:13 | 000,189,768 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys
[2017/03/18 20:16:13 | 000,048,528 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys
[2017/03/18 13:42:40 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\PV AMENDES
[2017/03/15 21:18:16 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2017/03/15 21:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2017/03/15 21:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2017/02/26 13:21:36 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\KIT E85

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/03/25 11:16:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/03/25 11:11:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JEAN YVES PORTABLE\Desktop\OTL.exe
[2017/03/25 09:39:12 | 000,092,088 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017/03/25 09:32:44 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/03/23 13:04:51 | 000,000,217 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\Desktop\Accueil de Cjoint.com.URL
[2017/03/23 12:43:12 | 000,000,193 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2017/03/23 08:38:05 | 000,003,771 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\Desktop\NETTOYEURS PC .rtf
[2017/03/23 00:06:29 | 000,186,304 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017/03/23 00:06:20 | 000,111,544 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017/03/23 00:06:19 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017/03/23 00:06:17 | 000,251,840 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017/03/23 00:03:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017/03/23 00:03:46 | 3283,525,632 | -HS- | M] () -- C:\hiberfil.sys
[2017/03/22 20:22:26 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/03/21 23:52:00 | 000,548,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2017/03/19 13:19:21 | 000,001,729 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2017/03/19 11:52:34 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\Avast Internet Security.lnk
[2017/03/19 11:50:53 | 000,461,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNetSec.sys
[2017/03/18 20:16:54 | 000,337,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2017/03/18 20:15:37 | 000,547,904 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys.148986461200004
[2017/03/18 20:15:37 | 000,398,408 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2017/03/18 20:15:37 | 000,337,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswvmm.sys.148986461487506
[2017/03/18 20:15:37 | 000,162,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2017/03/18 20:15:37 | 000,126,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2017/03/18 20:15:37 | 000,075,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2017/03/18 20:15:37 | 000,038,296 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2017/03/18 20:15:36 | 000,100,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2017/03/18 20:15:05 | 000,993,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2017/03/18 20:15:04 | 000,032,088 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2017/03/18 20:14:35 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys
[2017/03/18 20:14:35 | 000,309,272 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys
[2017/03/18 20:14:35 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys
[2017/03/18 20:14:35 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys
[2017/03/15 21:18:16 | 000,002,713 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2017/03/03 06:15:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\last.dump
[2017/02/24 06:23:20 | 000,077,408 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017/02/23 15:50:44 | 000,093,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/03/25 11:16:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2017/03/23 13:04:51 | 000,000,217 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\Desktop\Accueil de Cjoint.com.URL
[2017/03/23 12:43:12 | 000,000,193 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2017/03/22 20:50:01 | 000,003,771 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\Desktop\NETTOYEURS PC .rtf
[2017/03/22 20:22:26 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/03/22 20:22:21 | 000,077,408 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017/03/19 13:19:21 | 000,001,729 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2017/03/19 11:52:34 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\Avast Internet Security.lnk
[2017/03/15 21:18:16 | 000,002,713 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2016/10/18 13:27:19 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2016/10/18 13:20:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SysWow64\BRTCPCON.DLL
[2016/10/18 13:20:53 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SysWow64\BRLMW03A.INI
[2015/06/21 22:42:08 | 000,000,207 | ---- | C] () -- C:\WINDOWS\tweaking.com-regbackup-JEAN-YVES-PORT-Windows-8.1-(64-bit).dat
[2015/05/05 23:27:01 | 001,818,112 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\ZHPCleaner.exe
[2015/02/20 09:38:53 | 000,004,902 | ---- | C] () -- C:\ProgramData\eaapqbsg.gfr
[2015/01/05 23:59:43 | 000,052,224 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\CDRusersDB.v12
[2014/02/21 14:08:03 | 000,000,088 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\WB.CFG
[2013/09/01 04:22:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

[color=#E56717]========== ZeroAccess Check ==========[/color]

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2015/08/27 03:43:09 | 022,372,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/27 03:42:51 | 019,795,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\Against Intuition]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]

[HKEY_CURRENT_USER\Software\Apple Inc.]

[HKEY_CURRENT_USER\Software\Atheros]

[HKEY_CURRENT_USER\Software\AVAST Software]

[HKEY_CURRENT_USER\Software\Brother]

[HKEY_CURRENT_USER\Software\cacaoweb]

[HKEY_CURRENT_USER\Software\Canon]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\Clubic]

[HKEY_CURRENT_USER\Software\DivX]

[HKEY_CURRENT_USER\Software\Dritek]

[HKEY_CURRENT_USER\Software\DSP-worx]

[HKEY_CURRENT_USER\Software\Elantech]

[HKEY_CURRENT_USER\Software\GetFLV]

[HKEY_CURRENT_USER\Software\GNU]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\LAV]

[HKEY_CURRENT_USER\Software\Licenses]

[HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\MainConcept]

[HKEY_CURRENT_USER\Software\Malwarebytes]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\MOVAVI]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\NVIDIA Corporation]

[HKEY_CURRENT_USER\Software\OEM]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\Realtek]

[HKEY_CURRENT_USER\Software\RegisteredApplications]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\SYNCJM]

[HKEY_CURRENT_USER\Software\TeleCharger]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\Viber]

[HKEY_CURRENT_USER\Software\VirtualDJ]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\ZebHelpProcess Helper]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AGEIA Technologies]

[HKEY_LOCAL_MACHINE\Software\Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\ATHEROS]

[HKEY_LOCAL_MACHINE\Software\AVAST Software]

[HKEY_LOCAL_MACHINE\Software\Brother]

[HKEY_LOCAL_MACHINE\Software\Brother Industries, Ltd.]

[HKEY_LOCAL_MACHINE\Software\Clearfi]

[HKEY_LOCAL_MACHINE\Software\CyberLink]

[HKEY_LOCAL_MACHINE\Software\DivX]

[HKEY_LOCAL_MACHINE\Software\DivXNetworks]

[HKEY_LOCAL_MACHINE\Software\Dritek]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\Licenses]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\MOVAVI]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\Nero]

[HKEY_LOCAL_MACHINE\Software\Nuance]

[HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OEM]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Panicware]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\S3R521]

[HKEY_LOCAL_MACHINE\Software\SiteFinder]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\WildTangent]

[HKEY_LOCAL_MACHINE\Software\Wise Solutions]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2017/01/26 13:18:13 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini
[2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2017/03/25 10:27:25 | 000,000,581 | ---- | M] () -- C:\DelFix.txt
[2017/03/23 00:03:46 | 3283,525,632 | -HS- | M] () -- C:\hiberfil.sys
[2017/03/24 09:06:33 | 2082,017,280 | -HS- | M] () -- C:\pagefile.sys
[2017/03/25 11:16:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/03/23 00:03:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2016/07/11 19:02:13 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014/10/26 13:15:20 | 000,000,000 | ---D | M] -- C:\ACER D
[2014/02/21 12:53:06 | 000,000,000 | ---D | M] -- C:\AcerCloud
[2016/10/18 13:22:08 | 000,000,000 | ---D | M] -- C:\Brother
[2017/03/22 08:37:17 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013/09/01 04:46:23 | 000,000,000 | ---D | M] -- C:\Dolby PCEE4
[2016/07/11 19:02:13 | 000,000,000 | ---D | M] -- C:\PDFToJPG
[2015/03/30 07:21:16 | 000,000,000 | ---D | M] -- C:\PRO
[2017/03/22 23:58:16 | 000,000,000 | R--D | M] -- C:\Program Files
[2017/03/23 13:07:46 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2017/03/25 11:02:25 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2017/03/20 01:09:13 | 000,000,000 | ---D | M] -- C:\reinage
[2017/03/25 10:25:17 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2016/09/15 08:00:37 | 000,000,000 | R--D | M] -- C:\Users
[2017/03/23 12:43:12 | 000,000,000 | ---D | M] -- C:\WINDOWS

[color=#A23BEC]< %Userprofile%\* >[/color]
[2017/03/24 09:07:59 | 002,883,584 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat
[2014/04/19 18:00:54 | 001,232,896 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat.LOG1
[2014/04/19 18:00:54 | 002,039,808 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat.LOG2
[2016/07/11 21:10:07 | 000,065,536 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{cce281e7-4787-11e6-bf9a-48d2247423e5}.TM.blf
[2016/07/11 21:10:07 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{cce281e7-4787-11e6-bf9a-48d2247423e5}.TMContainer00000000000000000001.regtrans-ms
[2016/07/11 21:10:07 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{cce281e7-4787-11e6-bf9a-48d2247423e5}.TMContainer00000000000000000002.regtrans-ms
[2015/06/30 08:23:11 | 000,065,536 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{e6048f3d-1abb-11e5-bef2-48d2247423e5}.TM.blf
[2015/06/30 08:23:11 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{e6048f3d-1abb-11e5-bef2-48d2247423e5}.TMContainer00000000000000000001.regtrans-ms
[2015/06/30 08:23:11 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{e6048f3d-1abb-11e5-bef2-48d2247423e5}.TMContainer00000000000000000002.regtrans-ms
[2014/04/19 21:50:49 | 000,000,020 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.ini
[2016/10/18 13:32:29 | 000,000,000 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\Sti_Trace.log
[2015/05/05 23:27:01 | 001,818,112 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\ZHPCleaner.exe

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2015/10/31 02:02:51 | 000,000,000 | -H-D | M] -- C:\Users\JEAN YVES PORTABLE\AppData
[2016/09/23 16:48:56 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\ASSURANCES
[2016/02/18 12:16:59 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AVOCAT
[2016/12/21 20:14:43 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\BANK SOON
[2017/03/14 08:29:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\CAF -RSA
[2016/10/09 08:35:02 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\CHARLY
[2017/03/25 11:11:34 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Desktop
[2017/03/21 10:06:36 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Downloads
[2016/09/27 09:31:26 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\EAU TOURNON
[2017/01/05 20:22:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\ENGIE
[2016/08/29 20:16:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\FAMILLE
[2016/10/24 15:34:17 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Favorites
[2016/10/10 12:35:52 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\FLORIDE
[2015/09/30 23:27:58 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\FREE
[2016/09/27 08:05:17 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\IMMOBILIER
[2017/03/14 08:28:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\IMPOTS
[2017/01/30 02:59:12 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\J.B
[2016/05/13 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\LAMPIRIS
[2017/01/06 23:11:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\LES HERMALS
[2016/11/22 19:32:08 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Links
[2017/02/08 09:25:09 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\LIQUIDATION PERSO
[2017/01/23 10:44:06 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\MAMAN
[2017/01/26 23:36:31 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\MOI
[2016/08/25 07:08:01 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\MONABANQ
[2016/09/15 16:42:08 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Music
[2017/03/24 09:18:37 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\OneDrive
[2017/02/14 19:06:54 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\PAPA
[2016/09/29 01:05:07 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\PicStream
[2016/12/26 12:22:33 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Pictures
[2017/02/28 14:26:09 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\POLE EMPLOI
[2017/03/18 13:43:57 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\PV AMENDES
[2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\Recent
[2015/11/17 13:21:21 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Saved Games
[2015/11/17 13:21:21 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Searches
[2016/08/30 02:39:45 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\Tracing
[2015/11/17 13:21:19 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Videos
[2016/03/10 08:30:29 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\VIRGIN MOBIL
[2015/02/21 22:49:25 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\Virtual DJ 7 nouvelle version French
[2016/10/02 19:53:53 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\WISH
[2016/02/15 16:06:38 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\ZICS

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2013/09/01 04:22:56 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2015/02/20 09:38:53 | 000,004,902 | ---- | M] () -- C:\ProgramData\eaapqbsg.gfr

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2013/09/01 04:43:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer
[2016/01/19 13:33:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2015/04/28 17:02:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2015/04/28 17:03:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2016/09/15 11:43:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Atheros
[2017/03/19 20:09:58 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2016/10/18 13:23:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Brother
[2014/01/22 01:44:16 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2016/02/08 16:03:58 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonBJ
[2016/06/02 08:55:54 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2016/02/08 16:08:04 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJWSpt
[2016/10/18 13:21:54 | 000,000,000 | ---D | M] -- C:\ProgramData\ControlCenter4
[2015/02/02 09:34:05 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2015/02/12 06:28:40 | 000,000,000 | ---D | M] -- C:\ProgramData\DivX
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2013/09/01 04:41:59 | 000,000,000 | ---D | M] -- C:\ProgramData\install_clap
[2013/09/01 04:14:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2017/03/22 20:22:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2014/01/22 01:44:16 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2016/07/11 18:13:28 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2014/01/22 01:44:16 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2015/02/20 09:34:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Movavi
[2014/01/22 19:54:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2013/04/18 05:39:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero
[2014/04/19 16:54:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2014/04/16 13:59:46 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2015/10/31 02:02:57 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2014/04/19 17:52:53 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation
[2016/09/15 17:19:08 | 000,000,000 | ---D | M] -- C:\ProgramData\OEM
[2017/03/15 21:14:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2016/10/18 13:21:31 | 000,000,000 | ---D | M] -- C:\ProgramData\PCFaxTx
[2016/05/01 17:09:10 | 000,000,000 | ---D | M] -- C:\ProgramData\PDF Architect 4
[2015/10/31 02:02:57 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1991-06.com.microsoft
[2016/07/11 19:01:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2017/03/15 21:18:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2015/02/12 06:28:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2016/01/19 12:49:00 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip

[color=#A23BEC]< %localappdata%\* >[/color]
[2017/03/24 09:07:50 | 000,123,216 | -H-- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Local\IconCache.db

[color=#A23BEC]< %localappdata%\*. >[/color]
[2014/01/26 09:29:50 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Acer
[2014/01/26 09:28:46 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AcerCloud
[2017/01/26 13:18:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Adobe
[2016/07/11 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\adslTV
[2015/02/02 08:48:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AOP SDK
[2015/04/28 17:02:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple
[2015/04/28 17:04:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple Computer
[2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Application Data
[2015/04/02 05:52:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apps
[2017/03/20 08:54:10 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AVAST Software
[2016/03/08 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\CEF
[2015/10/31 01:38:33 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\clear.fi
[2014/01/26 09:26:42 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiMedia
[2014/01/26 09:24:12 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiPhoto
[2017/02/16 10:16:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Diagnostics
[2014/01/26 09:27:35 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Doc
[2017/02/18 13:57:53 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ElevatedDiagnostics
[2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieBrowserModeList
[2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieSiteList
[2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieUserList
[2016/10/31 02:57:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Google
[2016/03/03 08:51:56 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\GWX
[2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Historique
[2016/03/04 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Macromedia
[2016/09/15 16:30:51 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft
[2014/01/22 19:55:02 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Mozilla
[2016/03/03 21:30:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Nico Mak Computing
[2016/09/15 16:51:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Packages
[2016/03/12 08:33:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Programs
[2016/07/11 21:59:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Skype
[2017/03/25 11:14:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temp
[2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temporary Internet Files
[2017/01/27 03:19:15 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\tkdata
[2017/03/20 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber
[2016/01/19 13:16:01 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\VirtualStore
[2016/01/19 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\WinZip
[2017/03/21 00:11:45 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %programFiles%\* >[/color]
[2013/08/22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2015/10/31 01:38:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer
[2016/07/22 07:54:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2016/07/11 19:02:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\adslTV
[2013/09/01 04:18:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2016/07/11 21:53:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2016/07/11 21:53:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2016/10/18 13:22:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brother
[2016/10/18 13:22:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Browny02
[2016/05/07 15:27:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2017/03/22 19:52:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2016/10/18 13:21:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ControlCenter4
[2015/02/12 06:28:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2015/02/12 06:28:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2015/02/12 06:28:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DSP-worx
[2014/01/30 12:58:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Easy Thumbnails
[2016/09/15 16:46:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GetFLV
[2016/08/19 23:55:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2016/10/18 13:19:54 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2015/10/26 01:10:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2015/02/12 06:28:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2013/09/01 04:15:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Launch Manager
[2013/09/01 04:39:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2017/03/22 21:04:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2017/03/20 17:47:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2017/03/20 17:47:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/04/19 18:44:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/04/18 05:40:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2015/10/31 02:02:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/03/12 01:04:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PopupNuker
[2014/10/31 01:41:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Qualcomm Atheros
[2014/10/31 01:37:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2014/04/19 18:44:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2016/07/11 19:02:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
[2017/03/15 21:18:16 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2016/07/11 19:02:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Smart Organizing Monitor for SP 110 Series
[2015/09/27 15:32:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2015/03/07 08:14:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VirtualDJ
[2016/07/11 19:02:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent Games
[2015/08/14 06:56:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2014/03/18 10:26:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2016/07/18 03:16:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2014/03/18 11:28:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2014/03/18 10:26:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2014/03/18 11:28:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2014/04/19 18:03:27 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar
[2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]
[2017/03/25 10:04:04 | 000,321,480 | ---- | M] (Mozilla Foundation) -- C:\WINDOWS\Temp\avast_ash2\Mozilla Firefox\updater.exe
[2017/03/03 10:25:33 | 002,133,536 | ---- | M] (Avast Software) -- C:\WINDOWS\Temp\SafeZone Installer\installer.exe

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2014/04/10 02:58:34 | 000,000,114 | ---- | M] () -- C:\WINDOWS\system32\BRLMW03A.INI
[2013/08/22 02:43:03 | 000,016,284 | ---- | M] () -- C:\WINDOWS\system32\ieuinit.inf
[2013/08/22 03:54:21 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[2014/03/18 11:10:09 | 000,002,255 | ---- | M] () -- C:\WINDOWS\system32\WimBootCompress.ini
[2015/03/04 02:12:52 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2017/03/23 00:04:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2013/08/22 16:36:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]
[2015/01/06 07:51:12 | 000,212,992 | ---- | M] () -- C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-f444a0ef.exe

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]

[color=#A23BEC]< %temp%\*.exe /s >[/color]
[2014/04/11 20:18:08 | 000,265,048 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\mccleanup.exe
[2014/04/11 20:18:12 | 002,483,656 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\McClnUI.exe
[2014/04/11 20:18:34 | 000,209,952 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\mfputil_x64.exe
[2014/04/11 20:18:30 | 000,173,360 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\mfputil_x86.exe
[2014/04/11 20:18:48 | 000,390,672 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\x64\sediag.exe
[2014/04/11 20:18:42 | 000,287,696 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\x86\sediag.exe
[2014/04/11 03:10:44 | 000,068,824 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\Mpf\firesvc.exe
[2014/04/11 03:12:16 | 000,073,992 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\Mpf\firesvc64.exe
[2014/03/18 13:41:14 | 000,627,096 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\installer.exe
[2014/03/18 13:39:06 | 000,877,392 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\installer64.exe
[2014/04/03 22:42:28 | 000,091,544 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore\DAInstall.exe
[2014/04/03 22:52:24 | 000,489,624 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore\mfehidin.exe
[2014/04/03 21:57:44 | 000,092,568 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore64\DAInstall.exe
[2014/04/03 22:10:04 | 000,607,056 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore64\mfehidin.exe
[2014/04/03 22:42:28 | 000,091,544 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore64\x86\DAInstall.exe

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2013/05/30 13:26:40 | 000,202,752 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\LavFilters\UltimateCodec.exe
[2015/05/05 23:27:01 | 001,818,112 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\ZHP\ZHPCleaner.exe

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2017/03/24 09:07:50 | 000,123,216 | -H-- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Local\IconCache.db

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2014/01/26 09:29:50 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Acer
[2014/01/26 09:28:46 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AcerCloud
[2017/01/26 13:18:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Adobe
[2016/07/11 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\adslTV
[2015/02/02 08:48:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AOP SDK
[2015/04/28 17:02:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple
[2015/04/28 17:04:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple Computer
[2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Application Data
[2015/04/02 05:52:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apps
[2017/03/20 08:54:10 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AVAST Software
[2016/03/08 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\CEF
[2015/10/31 01:38:33 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\clear.fi
[2014/01/26 09:26:42 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiMedia
[2014/01/26 09:24:12 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiPhoto
[2017/02/16 10:16:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Diagnostics
[2014/01/26 09:27:35 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Doc
[2017/02/18 13:57:53 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ElevatedDiagnostics
[2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieBrowserModeList
[2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieSiteList
[2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieUserList
[2016/10/31 02:57:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Google
[2016/03/03 08:51:56 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\GWX
[2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Historique
[2016/03/04 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Macromedia
[2016/09/15 16:30:51 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft
[2014/01/22 19:55:02 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Mozilla
[2016/03/03 21:30:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Nico Mak Computing
[2016/09/15 16:51:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Packages
[2016/03/12 08:33:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Programs
[2016/07/11 21:59:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Skype
[2017/03/25 11:14:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temp
[2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temporary Internet Files
[2017/01/27 03:19:15 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\tkdata
[2017/03/20 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber
[2016/01/19 13:16:01 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\VirtualStore
[2016/01/19 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\WinZip
[2017/03/21 00:11:45 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2017/01/26 13:18:13 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini
[2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2017/03/25 10:27:25 | 000,000,581 | ---- | M] () -- C:\DelFix.txt
[2017/03/23 00:03:46 | 3283,525,632 | -HS- | M] () -- C:\hiberfil.sys
[2017/03/24 09:06:33 | 2082,017,280 | -HS- | M] () -- C:\pagefile.sys
[2017/03/25 11:16:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/03/23 00:03:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2014/08/23 08:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/09/14 22:53:20 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/09/14 22:58:30 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/06/26 15:52:42 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/09/14 22:53:17 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/05/08 23:08:25 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\WINDOWS\SysWOW64\explorer.exe
[2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2014/08/23 08:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\WINDOWS\explorer.exe
[2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2014/09/14 22:58:27 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2014/03/28 16:58:34 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
[2014/06/26 15:45:50 | 000,082,895 | ---- | M] () MD5=892D1838D0C77D4734F7E21F064CD06C -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
[2015/04/08 23:55:21 | 000,410,128 | ---- | M] (Microsoft Corporation) MD5=E0C7813A97CA7947FF5C18A8F3B61A45 -- C:\WINDOWS\SysNative\services.exe
[2015/04/08 23:55:21 | 000,410,128 | ---- | M] (Microsoft Corporation) MD5=E0C7813A97CA7947FF5C18A8F3B61A45 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17794_none_2fcc465dd0a27017\services.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\WINDOWS\SysWOW64\svchost.exe
[2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\WINDOWS\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\WINDOWS\SysWOW64\userinit.exe
[2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\WINDOWS\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2014/03/18 11:09:53 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2015/10/05 19:25:35 | 000,572,928 | ---- | M] (Microsoft Corporation) MD5=3F8645885823692D93765817759BE21C -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18083_none_60802d95a8e9a4df\winlogon.exe
[2016/01/05 16:00:41 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\WINDOWS\SysNative\winlogon.exe
[2016/01/05 16:00:41 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18188_none_608530eda8e520b9\winlogon.exe

[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/03/18 11:09:51 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2016/01/31 19:07:53 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2013/08/22 10:53:13 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2013/08/22 11:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2016/02/05 16:11:53 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\keyiso.dll -- (KeyIso)
SRV - [2013/08/22 03:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013/08/22 10:40:30 | 000,468,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\es.dll -- (EventSystem)
SRV - [2013/08/22 03:38:29 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/07/24 10:21:23 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/08/22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2016/01/27 16:18:50 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/04/30 05:23:54 | 000,353,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/04/30 04:46:07 | 000,285,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/04/19 18:48:02 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2013/08/22 10:44:18 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2013/08/22 12:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\hidserv.dll -- (hidserv)
SRV - [2013/08/22 05:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/03/18 11:09:57 | 000,433,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/05/12 16:59:54 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/03/27 04:15:43 | 000,718,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:27 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2013/08/22 10:05:22 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 02:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/04/19 18:48:03 | 000,115,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/07/24 09:18:34 | 000,795,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2013/08/22 12:22:30 | 000,101,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/03/18 11:09:57 | 000,534,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2016/01/27 16:18:50 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/02/06 19:08:28 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2016/01/06 17:47:23 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/07/24 10:03:18 | 000,324,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2013/08/22 10:24:27 | 000,629,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2013/08/22 03:27:04 | 000,564,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2015/08/01 04:38:35 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2013/08/22 11:55:30 | 000,306,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2013/08/22 04:33:38 | 000,248,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2013/08/22 11:00:18 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2015/07/09 17:14:45 | 000,228,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2016/02/05 15:46:47 | 001,455,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/05/30 20:35:47 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2015/05/30 20:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/03/06 03:47:37 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2013/08/22 10:23:55 | 000,878,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2013/08/22 11:39:20 | 000,634,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2015/06/15 23:41:04 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2015/06/15 22:16:41 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2013/08/22 10:48:04 | 000,220,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2016/02/12 16:14:02 | 003,708,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2013/08/22 11:30:45 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/07/24 09:32:47 | 001,532,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2013/08/22 10:54:22 | 000,284,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< dir "%Homedrive%\*" /S /A:L /C >[/color]
Le volume dans le lecteur C s'appelle Acer
Le num ro de s rie du volume est 24EB-0334
R pertoire de C:\
22/08/2013 15:45 <JUNCTION> Documents and Settings [C:\Users]
0 fichier(s) 0 octets
R pertoire de C:\Program Files
22/01/2014 01:44 <JUNCTION> Fichiers communs [C:\Program Files\Common Files]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\Windows NT
19/04/2014 18:16 <JUNCTION> Accessoires [C:\Program Files\Windows NT\Accessories]
0 fichier(s) 0 octets
R pertoire de C:\Program Files (x86)\Common Files\AV
27/01/2017 15:17 <SYMLINKD> avast! Antivirus [C:\Program Files\Common Files\AV\avast! Antivirus]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData
22/08/2013 15:45 <JUNCTION> Application Data [C:\ProgramData]
22/01/2014 01:44 <JUNCTION> Bureau [C:\Users\Public\Desktop]
22/08/2013 15:45 <JUNCTION> Desktop [C:\Users\Public\Desktop]
22/08/2013 15:45 <JUNCTION> Documents [C:\Users\Public\Documents]
22/01/2014 01:44 <JUNCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
22/01/2014 01:44 <JUNCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
22/08/2013 15:45 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/08/2013 15:45 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Microsoft\Windows\Start Menu
22/01/2014 01:44 <JUNCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users
22/08/2013 15:45 <SYMLINKD> All Users [C:\ProgramData]
22/08/2013 15:45 <JUNCTION> Default User [C:\Users\Default]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users
22/08/2013 15:45 <JUNCTION> Application Data [C:\ProgramData]
22/01/2014 01:44 <JUNCTION> Bureau [C:\Users\Public\Desktop]
22/08/2013 15:45 <JUNCTION> Desktop [C:\Users\Public\Desktop]
22/08/2013 15:45 <JUNCTION> Documents [C:\Users\Public\Documents]
22/01/2014 01:44 <JUNCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
22/01/2014 01:44 <JUNCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
22/08/2013 15:45 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/08/2013 15:45 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu
22/01/2014 01:44 <JUNCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default
22/08/2013 15:45 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
22/08/2013 15:45 <JUNCTION> Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
22/08/2013 15:45 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
19/04/2014 18:16 <JUNCTION> Menu D marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
19/04/2014 18:16 <JUNCTION> Mes documents [C:\Users\Default\Documents]
19/04/2014 18:16 <JUNCTION> Mod`les [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
22/08/2013 15:45 <JUNCTION> My Documents [C:\Users\Default\Documents]
22/08/2013 15:45 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/08/2013 15:45 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
22/08/2013 15:45 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
22/08/2013 15:45 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
22/08/2013 15:45 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
22/08/2013 15:45 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
19/04/2014 18:16 <JUNCTION> Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19/04/2014 18:16 <JUNCTION> Voisinage r seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local
22/08/2013 15:45 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
19/04/2014 18:16 <JUNCTION> Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
22/08/2013 15:45 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
22/08/2013 15:45 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local\Microsoft\Windows
22/08/2013 15:45 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
19/04/2014 18:16 <JUNCTION> Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\Documents
19/04/2014 18:16 <JUNCTION> Ma musique [C:\Users\Default\Music]
19/04/2014 18:16 <JUNCTION> Mes images [C:\Users\Default\Pictures]
19/04/2014 18:16 <JUNCTION> Mes vid os [C:\Users\Default\Videos]
22/08/2013 15:45 <JUNCTION> My Music [C:\Users\Default\Music]
22/08/2013 15:45 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
22/08/2013 15:45 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\JEAN YVES PORTABLE
19/04/2014 18:00 <JUNCTION> Recent [C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Microsoft\Windows\Recent]
0 fichier(s) 0 octets
R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local
19/04/2014 18:00 <JUNCTION> Application Data [C:\Users\JEAN YVES PORTABLE\AppData\Local]
19/04/2014 18:00 <JUNCTION> Historique [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\History]
19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows
19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache
19/04/2014 21:51 <JUNCTION> Content.IE5 [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 fichier(s) 0 octets
R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache\Low
25/06/2014 09:50 <JUNCTION> Content.IE5 [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 fichier(s) 0 octets
R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Microsoft\Windows\Start Menu
19/04/2014 18:00 <JUNCTION> Programmes [C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Public\Documents
22/01/2014 01:44 <JUNCTION> Ma musique [C:\Users\Public\Music]
22/01/2014 01:44 <JUNCTION> Mes images [C:\Users\Public\Pictures]
22/01/2014 01:44 <JUNCTION> Mes vid os [C:\Users\Public\Videos]
22/08/2013 15:45 <JUNCTION> My Music [C:\Users\Public\Music]
22/08/2013 15:45 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
22/08/2013 15:45 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\UpdatusUser
19/04/2014 18:00 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming]
19/04/2014 18:00 <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCookies]
19/04/2014 18:00 <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local]
19/04/2014 18:00 <JUNCTION> Menu D marrer [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
19/04/2014 18:00 <JUNCTION> Mes documents [C:\Users\UpdatusUser\Documents]
19/04/2014 18:00 <JUNCTION> Mod`les [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
19/04/2014 18:00 <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
19/04/2014 18:00 <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
19/04/2014 18:00 <JUNCTION> Voisinage d'impression [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19/04/2014 18:00 <JUNCTION> Voisinage r seau [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\UpdatusUser\AppData\Local
19/04/2014 18:00 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local]
19/04/2014 18:00 <JUNCTION> Historique [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows
19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache]
0 fichier(s) 0 octets
R pertoire de C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu
19/04/2014 18:00 <JUNCTION> Programmes [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\UpdatusUser\Documents
19/04/2014 18:00 <JUNCTION> Ma musique [C:\Users\UpdatusUser\Music]
19/04/2014 18:00 <JUNCTION> Mes images [C:\Users\UpdatusUser\Pictures]
19/04/2014 18:00 <JUNCTION> Mes vid os [C:\Users\UpdatusUser\Videos]
0 fichier(s) 0 octets
R pertoire de C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
19/04/2014 21:53 <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 fichier(s) 0 octets
R pertoire de C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
19/04/2014 21:53 <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 fichier(s) 0 octets
Total des fichiers list sÿ:
0 fichier(s) 0 octets
85 R p(s) 581ÿ738ÿ643ÿ456 octets libres

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 220 bytes -> C:\Users\JEAN YVES PORTABLE\OneDrive:ms-properties
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:AD022376

< End of report >

Signaler le contenu de ce document