OTL.Txt1111111.txt

Document joint : GLDoKCT8uWM_OTL.Txt1111111.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 29/12/2017 15:17:57 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fujitsu\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18860)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,75 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 50,07% Memory free
7,51 Gb Paging File | 5,43 Gb Available in Paging File | 72,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 93,28 Gb Free Space | 62,63% Space Free | Partition Type: NTFS

Computer Name: FUJITSU-PC | User Name: Fujitsu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/12/22 17:57:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fujitsu\Downloads\OTL.exe
PRC - [2017/12/21 21:36:12 | 003,518,240 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2017/12/20 23:37:09 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
PRC - [2017/12/07 17:16:11 | 000,490,968 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe
PRC - [2017/12/07 17:16:01 | 000,919,544 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
PRC - [2017/12/07 17:16:01 | 000,490,968 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe
PRC - [2017/11/06 14:02:30 | 000,299,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
PRC - [2017/08/23 11:51:32 | 002,257,016 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2017/08/09 19:20:50 | 015,775,888 | ---- | M] (Copyright 2017.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
PRC - [2015/11/05 01:46:52 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\Fujitsu\AppData\Local\Microsoft\BingSvc\BingSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2017/12/22 18:11:50 | 000,870,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\dc3897626cdcf00152d805d29dbb4dcb\ServiceStack.Text.ni.dll
MOD - [2017/10/28 11:38:51 | 019,939,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\ed4e0e85b3eada108684683e4f34a043\System.ServiceModel.ni.dll
MOD - [2017/10/28 11:38:16 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\883da993c9ce76ed802dd3124f9f6e18\System.Xml.Linq.ni.dll
MOD - [2017/10/27 12:02:14 | 002,573,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\4c360d8f375d8c48c4aaf4ff0931f27f\System.Data.Linq.ni.dll
MOD - [2017/10/27 12:02:00 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\03cd7bbe5ebd7a3f55864dde93aa0461\System.ServiceProcess.ni.dll
MOD - [2017/10/27 12:01:52 | 007,966,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\05a89dc74ff4097c88dfaea9a2bef45a\System.Data.ni.dll
MOD - [2017/10/27 12:01:46 | 004,110,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ca4e77634d95bc67b8bb5983b62e812c\WindowsBase.ni.dll
MOD - [2017/10/27 12:01:45 | 013,563,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\371a03a90f03340ddd50a25a784c00b6\System.Windows.Forms.ni.dll
MOD - [2017/10/27 12:01:41 | 000,993,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\fd39cc80d745839b391885f6dee39013\System.Configuration.ni.dll
MOD - [2017/10/27 12:01:40 | 002,842,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\3baf132c36d199308140b8a0efdc89f5\System.Runtime.Serialization.ni.dll
MOD - [2017/10/27 12:01:40 | 001,075,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\3807e4cabfa39bff3d3c0836766e6da1\System.ComponentModel.Composition.ni.dll
MOD - [2017/10/27 12:01:39 | 007,577,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d8bf4cfed7f00881cc3dbccb8956b3d6\System.Xml.ni.dll
MOD - [2017/10/27 12:01:38 | 007,684,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\1bda562ed7c258d4bb471509de189a1a\System.Core.ni.dll
MOD - [2017/10/27 12:01:28 | 001,645,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78f35bb5674861abfaac13791ed2aa45\System.Drawing.ni.dll
MOD - [2017/10/27 12:01:25 | 010,336,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fa56ed44f40dcc8511432234235cf02a\System.ni.dll
MOD - [2017/10/27 12:01:17 | 020,493,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\22478b54e1cc995a45aafd8e6482de96\mscorlib.ni.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2017/11/14 04:20:46 | 000,116,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2017/11/01 08:07:08 | 006,234,056 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2016/08/22 17:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/06/23 15:04:46 | 000,382,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe -- (mfemms)
SRV:[b]64bit:[/b] - [2016/04/26 17:56:24 | 000,277,744 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2017/12/21 08:01:34 | 000,102,304 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe -- (AviraUpdaterService)
SRV - [2017/12/12 15:55:15 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017/12/07 17:16:11 | 000,490,968 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\sched.exe -- (AntiVirSchedulerService)
SRV - [2017/12/07 17:16:03 | 001,526,832 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe -- (AntiVirWebService)
SRV - [2017/12/07 17:16:01 | 001,128,944 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe -- (AntiVirMailService)
SRV - [2017/12/07 17:16:01 | 000,490,968 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe -- (AntiVirService)
SRV - [2017/12/07 05:13:32 | 000,194,000 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017/11/06 14:02:12 | 000,434,248 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost)
SRV - [2017/08/23 11:51:32 | 002,257,016 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
SRV - [2017/08/09 19:20:50 | 015,775,888 | ---- | M] (Copyright 2017.) [Auto | Running] -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe -- (ZAMSvc)
SRV - [2017/04/21 13:53:36 | 000,107,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015/06/01 20:00:40 | 000,290,224 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Smart PC Utilities\Game Fire\GameFire.sys -- (WinRing0_1_2_0)
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:[b]64bit:[/b] - [2017/12/29 15:12:34 | 000,089,376 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection)
DRV:[b]64bit:[/b] - [2017/12/29 14:04:47 | 000,045,960 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:[b]64bit:[/b] - [2017/12/29 14:04:40 | 000,107,960 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt)
DRV:[b]64bit:[/b] - [2017/12/29 14:04:23 | 000,253,880 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2017/12/28 15:26:43 | 000,381,608 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2017/12/22 03:06:33 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zam64.sys -- (ZAM)
DRV:[b]64bit:[/b] - [2017/12/22 03:06:32 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zamguard64.sys -- (ZAM_Guard)
DRV:[b]64bit:[/b] - [2017/12/21 21:37:07 | 000,194,440 | ---- | M] (Malwarebytes) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2017/12/21 21:36:29 | 000,076,192 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver)
DRV:[b]64bit:[/b] - [2017/12/07 17:16:17 | 000,064,504 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avdevprot.sys -- (avdevprot)
DRV:[b]64bit:[/b] - [2017/12/07 17:16:17 | 000,034,128 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avusbflt.sys -- (avusbflt)
DRV:[b]64bit:[/b] - [2017/12/07 17:16:16 | 000,078,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avnetflt.sys -- (avnetflt)
DRV:[b]64bit:[/b] - [2017/12/07 17:16:16 | 000,035,328 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2017/12/07 17:16:15 | 000,196,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2017/12/07 17:16:15 | 000,153,072 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2017/10/19 17:30:29 | 000,400,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:[b]64bit:[/b] - [2017/06/12 22:54:56 | 000,071,888 | ---- | M] (Insecure.Com LLC.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npcap.sys -- (npcap)
DRV:[b]64bit:[/b] - [2017/04/28 13:12:02 | 011,534,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw01.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2017/04/28 13:10:17 | 000,498,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2017/04/28 13:08:55 | 000,463,112 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2017/04/28 13:07:49 | 001,849,752 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2017/04/28 13:03:48 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:[b]64bit:[/b] - [2017/04/21 03:16:36 | 000,045,560 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapwindscribe0901.sys -- (tapwindscribe0901)
DRV:[b]64bit:[/b] - [2016/05/11 09:24:22 | 000,059,152 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV:[b]64bit:[/b] - [2016/04/27 16:55:18 | 000,843,048 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2016/04/27 16:55:18 | 000,419,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeaack.sys -- (mfeaack)
DRV:[b]64bit:[/b] - [2016/04/27 16:55:18 | 000,349,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2016/03/11 17:04:44 | 000,243,496 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2016/02/05 20:03:08 | 000,147,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/11/05 10:53:59 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:[b]64bit:[/b] - [2015/06/01 20:00:18 | 005,384,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/10/01 12:24:52 | 000,031,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2013/10/02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 13:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2013/06/06 09:08:17 | 000,029,952 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FscGabi.sys -- (FscGabi)
DRV:[b]64bit:[/b] - [2013/06/06 09:08:14 | 000,025,856 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FscEfDmi.sys -- (FscEfDmi)
DRV:[b]64bit:[/b] - [2013/02/12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/08/06 01:17:00 | 000,085,736 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\oz776x64.sys -- (guardian2)
DRV:[b]64bit:[/b] - [2009/11/19 13:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009/07/21 06:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2006/11/01 08:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV - [2017/04/28 12:52:40 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd}: "URL" = http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-23a369c5&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-118-756
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-118-756
IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKLM\..\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd}: "URL" = http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-23a369c5&q={searchTerms}
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Fujitsu\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 72 ED 03 BD E1 79 D3 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKCU\..\SearchScopes\{26080cad-4adc-49ac-8c63-eda16e595cbd}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10
IE - HKCU\..\SearchScopes\{2AB5630F-27E6-4A53-BDAB-650CE93E295A}: "URL" = https://fr.search.yahoo.com/search?p={searchTerms}&intl=fr&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.region: "FR"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS

[2016/06/24 17:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Extensions
[2017/11/27 17:52:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\SystemExtensionsDev
[2017/12/27 01:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\2p4dqton.default-1489845547152-1514333563144\browser-extension-data
[2017/12/27 01:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\2p4dqton.default-1489845547152-1514333563144\browser-extension-data\screenshots@mozilla.org
[2017/10/19 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\4dh7fnhx.default-1479992265871\extensions
[2017/10/19 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\8a1oou31.default\extensions
[2016/12/09 13:05:53 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\8a1oou31.default\extensions\abs@avira.com
[2017/03/18 14:37:25 | 000,000,000 | ---D | M] (Avira SafeSearch Plus) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\8a1oou31.default\extensions\safesearchplus2@avira.com
[2017/10/19 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\bckq8s0a.default-1487475321937\extensions
[2017/12/19 15:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\bmz8e41e.default-1489845547152-1513693240725\browser-extension-data
[2017/12/19 15:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\bmz8e41e.default-1489845547152-1513693240725\browser-extension-data\screenshots@mozilla.org
[2017/12/22 18:06:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\bmz8e41e.default-1489845547152-1513693240725\extensions
[2017/12/22 18:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\bmz8e41e.default-1489845547152-1513693240725\extensions\abs@avira.com
[2017/12/22 18:05:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\bmz8e41e.default-1489845547152-1513693240725\extensions\passwordmanager@avira.com
[2017/11/27 17:52:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\cuvqoo9w.default-1489845547152-1511801566732\browser-extension-data
[2017/11/27 17:52:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\cuvqoo9w.default-1489845547152-1511801566732\browser-extension-data\screenshots@mozilla.org
[2017/10/26 15:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\ee5g7fmj.default-1489845547152-1509027839528\browser-extension-data
[2017/10/26 15:25:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\ee5g7fmj.default-1489845547152-1509027839528\browser-extension-data\screenshots@mozilla.org
[2017/11/12 02:28:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\ee5g7fmj.default-1489845547152-1509027839528\extensions
[2017/10/19 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\pqk2sghu.default-1489522831971\extensions
[2017/10/19 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\this0jl6.default-1478263156068\extensions
[2017/10/19 18:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\w0jupwxo.default-1484251925941\extensions
[2017/12/18 02:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\xt9skgpg.default-1489845547152-1513559593089\browser-extension-data
[2017/12/18 02:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\Firefox\Profiles\xt9skgpg.default-1489845547152-1513559593089\browser-extension-data\screenshots@mozilla.org
[2017/12/27 01:21:28 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\2p4dqton.default-1489845547152-1514333563144\features\{062002cd-6684-4727-b85f-bb0a66e78462}\disable-media-wmf-nv12@mozilla.org.xpi
[2017/02/19 04:45:35 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\bckq8s0a.default-1487475321937\features\{2cf05f01-398c-4239-a186-d1b4e820401f}\diagnostics@mozilla.org.xpi
[2017/02/19 04:45:35 | 000,008,867 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\bckq8s0a.default-1487475321937\features\{2cf05f01-398c-4239-a186-d1b4e820401f}\disableSHA1rollout@mozilla.org.xpi
[2017/02/19 04:45:35 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\bckq8s0a.default-1487475321937\features\{2cf05f01-398c-4239-a186-d1b4e820401f}\hsts-priming@mozilla.org.xpi
[2017/11/27 18:01:26 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\cuvqoo9w.default-1489845547152-1511801566732\features\{46dda56d-02d2-4710-a0ce-28201118c8b8}\disable-media-wmf-nv12@mozilla.org.xpi
[2017/11/12 02:28:45 | 000,006,027 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\ee5g7fmj.default-1489845547152-1509027839528\extensions\sbv4-gradual-rollout@mozilla.com.xpi
[2017/10/26 22:26:13 | 000,132,293 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\ee5g7fmj.default-1489845547152-1509027839528\features\{0ea47a66-1259-4284-8a0c-c56a927ac19a}\shield-recipe-client@mozilla.org.xpi
[2016/11/04 17:39:33 | 000,005,389 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\this0jl6.default-1478263156068\features\{f6b3d433-1554-4579-9a93-f9ce3765b118}\asyncrendering@mozilla.org.xpi
[2017/12/18 02:21:07 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\Fujitsu\AppData\Roaming\mozilla\firefox\profiles\xt9skgpg.default-1489845547152-1513559593089\features\{84417d04-dc70-4800-aca0-78275f4afcac}\disable-media-wmf-nv12@mozilla.org.xpi

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\2.5.8.1961_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6317.1002.0.5_0\

O1 HOSTS File: ([2017/12/24 22:47:30 | 000,001,018 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
O3 - HKLM\..\Toolbar: (no name) - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [FJBATAID2] C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [FUJ02B1_Apps] C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe (FUJITSU LIMITED)
O4 - HKCU..\Run: [BingSvc] C:\Users\Fujitsu\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [feedreader.exe] "F:\FeedReader30\feedreader.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Sites de confiance)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5C0777A-21CF-467C-969B-E7E94C9650FB}: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2017/12/17 15:15:17 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpReg: [b]SUPERAntiSpyware[/b] - hkey= - key= - File not found
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB} - .NET Framework
ActiveX:[b]64bit:[/b] {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D00AE86-E9F9-43A0-82A4-79EBA59183E2} - "C:\Program Files (x86)\Avira\Scout\Application\57.0.2987.2552\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9793EDE2-499E-4A14-8220-523691D8F91B} - .NET Framework
ActiveX: {BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB} - .NET Framework
ActiveX: {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/12/28 15:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2017/12/28 15:26:43 | 000,381,608 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2017/12/26 23:27:21 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Desktop\Anciennes données de Firefox
[2017/12/26 23:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2017/12/26 16:39:54 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Documents\staili photo
[2017/12/25 01:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017/12/25 01:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017/12/24 21:49:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Doctor Web
[2017/12/23 16:39:36 | 000,000,000 | ---D | C] -- C:\perflogs
[2017/12/22 22:38:08 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.4
[2017/12/22 22:30:58 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Desktop\OpenOffice 4.1.4 (fr) Installation Files
[2017/12/22 20:28:07 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2017/12/22 19:06:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2017/12/22 18:17:14 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\Avira Operations Gmbh & Co. KG
[2017/12/22 18:17:10 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\Avira_Operations_Gmbh_&_C
[2017/12/22 18:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira Operations Gmbh & Co. KG
[2017/12/22 18:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2017/12/22 03:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017/12/22 03:06:33 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zam64.sys
[2017/12/22 03:06:32 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zamguard64.sys
[2017/12/22 03:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017/12/22 03:06:13 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\Zemana
[2017/12/21 22:04:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/12/21 21:37:07 | 000,194,440 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
[2017/12/21 21:37:07 | 000,045,960 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017/12/21 21:37:04 | 000,107,960 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2017/12/21 21:36:58 | 000,253,880 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2017/12/21 21:36:58 | 000,089,376 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2017/12/21 20:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017/12/21 20:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017/12/21 12:31:01 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\SUPERAntiSpyware.com
[2017/12/21 12:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2017/12/21 00:35:22 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\wdf01000.sys.mui
[2017/12/21 00:11:51 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\tpm.sys.mui
[2017/12/21 00:06:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\mountmgr.sys.mui
[2017/12/20 23:52:32 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\usbehci.sys.mui
[2017/12/20 23:52:30 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\usbport.sys.mui
[2017/12/20 23:52:30 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\usbhub.sys.mui
[2017/12/20 23:35:53 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\Deployment
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\en-US
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\ar-SA
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar
[2017/12/20 22:02:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2017/12/20 22:01:58 | 000,000,000 | ---D | C] -- C:\Windows\ar-SA
[2017/12/20 22:01:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en
[2017/12/20 22:01:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ar
[2017/12/20 22:01:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409
[2017/12/20 22:01:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2017/12/20 22:01:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2017/12/20 21:31:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\rdvgkmd.sys.mui
[2017/12/20 21:31:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\portcls.sys.mui
[2017/12/20 21:31:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\ar-SA\scfilter.sys.mui
[2017/12/20 21:31:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\scfilter.sys.mui
[2017/12/20 21:31:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\rdpwd.sys.mui
[2017/12/20 21:31:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\tunnel.sys.mui
[2017/12/20 21:31:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\tsusbhub.sys.mui
[2017/12/20 21:31:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\tsusbflt.sys.mui
[2017/12/20 21:31:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\battc.sys.mui
[2017/12/20 21:31:27 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\ar-SA\tcpip.sys.mui
[2017/12/20 21:31:27 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\ar-SA\bfe.dll.mui
[2017/12/20 21:31:25 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\ar-SA\qwavedrv.sys.mui
[2017/12/20 21:31:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\ar-SA\pacer.sys.mui
[2017/12/20 21:31:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\ar-SA\ndiscap.sys.mui
[2017/12/20 21:31:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\volsnap.sys.mui
[2017/12/20 21:31:12 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\ar-SA\pscr.sys.mui
[2017/12/20 21:31:12 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vhdmp.sys.mui
[2017/12/20 21:31:12 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\umbus.sys.mui
[2017/12/20 21:31:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\serscan.sys.mui
[2017/12/20 21:31:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\wd.sys.mui
[2017/12/20 21:31:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\serial.sys.mui
[2017/12/20 21:31:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\sermouse.sys.mui
[2017/12/20 21:31:09 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\pcmcia.sys.mui
[2017/12/20 21:31:09 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\parport.sys.mui
[2017/12/20 21:31:09 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\rndismpx.sys.mui
[2017/12/20 21:31:09 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\rndismp6.sys.mui
[2017/12/20 21:31:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\MTConfig.sys.mui
[2017/12/20 21:31:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vwifibus.sys.mui
[2017/12/20 21:31:08 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\mpio.sys.mui
[2017/12/20 21:31:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\i8042prt.sys.mui
[2017/12/20 21:31:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\msdsm.sys.mui
[2017/12/20 21:31:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\mouclass.sys.mui
[2017/12/20 21:31:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\scsiport.sys.mui
[2017/12/20 21:31:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\mouhid.sys.mui
[2017/12/20 21:31:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\ataport.sys.mui
[2017/12/20 21:31:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\amdide.sys.mui
[2017/12/20 21:31:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\bfe.dll.mui
[2017/12/20 21:31:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\afd.sys.mui
[2017/12/20 21:31:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\ws2ifsl.sys.mui
[2017/12/20 21:31:06 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\tcpip.sys.mui
[2017/12/20 21:31:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\modem.sys.mui
[2017/12/20 21:31:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\usbrpm.sys.mui
[2017/12/20 21:31:05 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\srv.sys.mui
[2017/12/20 21:31:04 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\fvevol.sys.mui
[2017/12/20 21:31:03 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\rdbss.sys.mui
[2017/12/20 21:31:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\pacer.sys.mui
[2017/12/20 21:31:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\RNDISMP.sys.mui
[2017/12/20 21:31:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\qwavedrv.sys.mui
[2017/12/20 21:31:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\partmgr.sys.mui
[2017/12/20 21:30:59 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\ntfs.sys.mui
[2017/12/20 21:30:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\ndis.sys.mui
[2017/12/20 21:30:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\nwifi.sys.mui
[2017/12/20 21:30:59 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\ndisuio.sys.mui
[2017/12/20 21:30:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\ndiscap.sys.mui
[2017/12/20 21:30:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\luafv.sys.mui
[2017/12/20 21:30:55 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\ipnat.sys.mui
[2017/12/20 21:30:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\http.sys.mui
[2017/12/20 21:30:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\fltmgr.sys.mui
[2017/12/20 21:30:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\volmgrx.sys.mui
[2017/12/20 21:30:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\processr.sys.mui
[2017/12/20 21:30:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\intelppm.sys.mui
[2017/12/20 21:30:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\amdppm.sys.mui
[2017/12/20 21:30:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\amdk8.sys.mui
[2017/12/20 21:30:45 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrSerId.sys.mui
[2017/12/20 21:30:45 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrSerIb.sys.mui
[2017/12/20 21:30:45 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\pci.sys.mui
[2017/12/20 21:30:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\bthport.sys.mui
[2017/12/20 21:30:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\IPMIDrv.sys.mui
[2017/12/20 21:30:45 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\bthpan.sys.mui
[2017/12/20 21:30:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\wacompen.sys.mui
[2017/12/20 21:30:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\kbdclass.sys.mui
[2017/12/20 21:30:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\isapnp.sys.mui
[2017/12/20 21:30:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\hdaudbus.sys.mui
[2017/12/20 21:30:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vdrvroot.sys.mui
[2017/12/20 21:30:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\HdAudio.sys.mui
[2017/12/20 21:30:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\mssmbios.sys.mui
[2017/12/20 21:30:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\hidbth.sys.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\ULIAGPKX.SYS.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\pnpmem.sys.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\NV_AGP.SYS.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\kbdhid.sys.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\Dot4usb.sys.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\disk.sys.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\BTHUSB.SYS.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\AGP440.sys.mui
[2017/12/20 21:30:45 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\ar-SA\BrParwdm.sys.mui
[2017/12/20 21:30:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\cdrom.sys.mui
[2017/12/20 21:30:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\bthenum.sys.mui
[2017/12/20 21:30:44 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\ohci1394.sys.mui
[2017/12/20 21:30:44 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\1394ohci.sys.mui
[2017/12/20 21:30:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\acpi.sys.mui
[2017/12/20 21:30:44 | 000,003,072 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ar-SA\atikmdag.sys.mui
[2017/12/20 21:30:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\UAGP35.SYS.mui
[2017/12/20 21:30:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\GAGP30KX.SYS.mui
[2017/12/20 20:37:15 | 000,000,000 | -HSD | C] -- C:\Windows\BitLockerDiscoveryVolumeContents
[2017/12/20 20:37:15 | 000,000,000 | ---D | C] -- C:\Windows\RemotePackages
[2017/12/20 19:48:01 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\Microsoft Corporation
[2017/12/20 19:46:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2017/12/20 16:48:48 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\ZHP
[2017/12/20 13:44:14 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\CrashDumps
[2017/12/20 12:59:18 | 000,000,000 | ---D | C] -- C:\Symbols
[2017/12/20 00:24:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Mail
[2017/12/19 21:33:24 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Documents\ProcAlyzer Dumps
[2017/12/19 20:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2017/12/19 17:45:02 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2017/12/19 17:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017/12/19 17:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MB3CoreBackup
[2017/12/19 15:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2017/12/19 15:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2017/12/19 14:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2017/12/18 22:40:20 | 000,078,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2017/12/18 22:40:20 | 000,064,504 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avdevprot.sys
[2017/12/18 22:40:20 | 000,035,328 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2017/12/18 22:40:20 | 000,034,128 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avusbflt.sys
[2017/12/18 22:40:19 | 000,196,344 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2017/12/18 22:40:19 | 000,153,072 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2017/12/18 13:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon
[2017/12/18 00:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2017/12/17 20:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017/12/17 20:39:10 | 000,000,000 | ---D | C] -- C:\Windows\Trend Micro
[2017/12/17 18:53:15 | 000,334,488 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2017/12/17 18:44:31 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\ESET
[2017/12/17 16:24:18 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2017/12/17 15:14:38 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Start Menu
[2017/12/13 18:35:56 | 005,925,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017/12/13 18:35:51 | 000,662,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017/12/13 18:35:50 | 000,817,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017/12/13 18:35:50 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017/12/13 18:35:47 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017/12/13 18:35:47 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2017/12/13 18:35:47 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2017/12/13 18:35:47 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2017/12/13 18:35:47 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2017/12/13 18:35:47 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtm.dll
[2017/12/13 18:35:47 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtm.dll
[2017/12/13 18:35:46 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2017/12/13 18:35:46 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2017/12/13 18:35:46 | 000,807,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017/12/13 18:35:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtprio.dll
[2017/12/13 18:35:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtprio.dll
[2017/12/13 18:35:45 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017/12/13 18:35:44 | 002,058,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017/12/13 18:35:44 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017/12/13 18:35:44 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017/12/13 18:35:44 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017/12/13 18:35:44 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2017/12/13 18:35:44 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2017/12/13 18:35:44 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2017/12/13 18:35:44 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2017/12/13 18:35:44 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2017/12/13 18:35:44 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2017/12/13 18:35:44 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2017/12/13 18:35:44 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017/12/13 18:35:43 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017/12/13 18:35:43 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017/12/13 18:35:43 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2017/12/13 18:35:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2017/12/13 18:35:42 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017/12/13 18:35:42 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2017/12/13 18:35:42 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2017/12/13 18:35:42 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2017/12/13 18:35:42 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2017/12/13 18:35:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2017/12/13 18:35:42 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2017/12/13 18:35:42 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2017/12/13 18:35:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017/12/13 18:35:42 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017/12/13 18:35:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2017/12/13 18:35:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017/12/13 18:35:42 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2017/12/13 18:35:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017/12/13 18:35:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017/12/13 18:35:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2017/12/13 18:35:42 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2017/12/13 18:35:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017/12/13 18:35:42 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017/12/13 18:35:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2017/12/12 18:43:53 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2017/12/12 18:35:35 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\ElevatedDiagnostics
[2017/12/12 17:49:43 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2017/12/12 15:36:47 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\Dashlane
[2017/12/12 15:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dashlane
[2017/12/12 15:03:58 | 000,029,952 | ---- | C] (Fujitsu Technology Solutions) -- C:\Windows\SysNative\drivers\FscGabi.sys
[2017/12/12 15:03:58 | 000,025,856 | ---- | C] (Fujitsu Technology Solutions) -- C:\Windows\SysNative\drivers\FscEfDmi.sys
[2017/12/09 21:03:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2017/12/09 20:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2017/12/09 16:30:47 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\FRISK Software
[2017/12/09 16:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\FRISK Software
[2017/12/07 19:49:33 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\Feedreader
[2017/12/07 19:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeedReader
[2017/12/05 21:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ProgDVB
[2017/12/05 21:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProgDVB
[2017/12/05 15:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\OSKAB
[2017/12/01 21:14:27 | 000,803,328 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017/12/01 21:14:27 | 000,144,896 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/12/29 15:20:02 | 000,063,472 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
[2017/12/29 15:20:02 | 000,033,219 | ---- | M] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017/12/29 15:12:34 | 000,089,376 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2017/12/29 14:18:37 | 000,000,836 | ---- | M] () -- C:\Users\Fujitsu\Desktop\ZHPCleaner.lnk
[2017/12/29 14:17:57 | 000,029,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/12/29 14:17:57 | 000,029,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/12/29 14:04:47 | 000,045,960 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017/12/29 14:04:40 | 000,107,960 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2017/12/29 14:04:23 | 000,253,880 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2017/12/29 14:03:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/12/29 14:03:23 | 3022,753,792 | -HS- | M] () -- C:\hiberfil.sys
[2017/12/28 15:41:02 | 000,000,124 | ---- | M] () -- C:\Users\Fujitsu\Documents\ax_files.xml
[2017/12/28 15:26:43 | 000,381,608 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2017/12/26 23:24:27 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2017/12/25 02:06:58 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task ff77e488-dc0e-4ea5-b16f-ca25ce799e40.job
[2017/12/25 02:06:58 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 4e5aaeb4-22dd-4560-a70b-c8a7969106cc.job
[2017/12/25 01:27:02 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017/12/24 22:47:30 | 000,001,018 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\HOSTS
[2017/12/23 16:45:56 | 160,904,773 | ---- | M] () -- C:\Users\Fujitsu\Desktop\Windows Server 2003_fr-fr.pdf
[2017/12/23 16:38:09 | 001,921,886 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/12/23 16:38:09 | 000,654,238 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/12/23 16:38:09 | 000,509,728 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2017/12/23 16:38:09 | 000,470,916 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2017/12/23 16:38:09 | 000,122,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/12/23 16:38:09 | 000,094,738 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2017/12/23 16:38:09 | 000,081,694 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2017/12/22 23:00:59 | 000,299,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017/12/22 22:38:08 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.1.4.lnk
[2017/12/22 21:55:12 | 000,007,597 | ---- | M] () -- C:\Users\Fujitsu\AppData\Local\Resmon.ResmonCfg
[2017/12/22 20:24:13 | 001,882,250 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017/12/22 18:04:58 | 000,001,256 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2017/12/22 03:13:58 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017/12/22 03:06:33 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zam64.sys
[2017/12/22 03:06:32 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zamguard64.sys
[2017/12/21 21:37:07 | 000,194,440 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
[2017/12/21 21:36:29 | 000,076,192 | ---- | M] () -- C:\Windows\SysNative\drivers\mbae64.sys
[2017/12/21 20:29:34 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/12/20 23:59:32 | 000,002,337 | ---- | M] () -- C:\Users\Fujitsu\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/12/20 23:58:06 | 000,002,313 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017/12/20 22:01:01 | 000,289,060 | ---- | M] () -- C:\Windows\SysNative\perfi001.dat
[2017/12/20 22:01:01 | 000,042,056 | ---- | M] () -- C:\Windows\SysNative\perfd001.dat
[2017/12/20 13:47:06 | 000,001,217 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2017/12/19 23:35:38 | 000,000,000 | ---- | M] () -- C:\Users\Fujitsu\AppData\Roaming\MCVi2UserDetail.ini
[2017/12/19 15:42:56 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2017/12/19 13:09:02 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017/12/18 14:30:06 | 133,326,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MRT-KB890830.exe
[2017/12/18 13:36:05 | 001,604,539 | ---- | M] () -- C:\Users\Fujitsu\Documents\boooooooooonnnnnnnnnnnnnnnnn.xps
[2017/12/17 15:15:17 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2017/12/12 15:55:13 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017/12/12 15:55:13 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2017/12/07 22:04:48 | 000,000,509 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2017/12/07 21:45:49 | 000,000,463 | ---- | M] () -- C:\Users\Fujitsu\Documents\Sélection1.wpl
[2017/12/07 19:49:32 | 000,000,442 | ---- | M] () -- C:\Users\Fujitsu\Application Data\Microsoft\Internet Explorer\Quick Launch\FeedReader.lnk
[2017/12/07 17:16:17 | 000,064,504 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avdevprot.sys
[2017/12/07 17:16:17 | 000,034,128 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avusbflt.sys
[2017/12/07 17:16:16 | 000,078,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2017/12/07 17:16:16 | 000,035,328 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2017/12/07 17:16:15 | 000,196,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2017/12/07 17:16:15 | 000,153,072 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2017/12/04 15:36:46 | 000,453,204 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20171219-203719.backup
[2017/12/04 15:36:46 | 000,453,204 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20171219-203411.backup
[2017/12/04 15:36:46 | 000,453,204 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20171219-203055.backup
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/12/29 14:18:37 | 000,000,836 | ---- | C] () -- C:\Users\Fujitsu\Desktop\ZHPCleaner.lnk
[2017/12/28 15:41:02 | 000,000,124 | ---- | C] () -- C:\Users\Fujitsu\Documents\ax_files.xml
[2017/12/26 23:24:27 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2017/12/26 23:24:25 | 000,000,960 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2017/12/25 01:27:02 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017/12/23 16:45:34 | 160,904,773 | ---- | C] () -- C:\Users\Fujitsu\Desktop\Windows Server 2003_fr-fr.pdf
[2017/12/22 22:38:08 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.1.4.lnk
[2017/12/22 18:04:58 | 000,001,256 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2017/12/22 03:06:38 | 000,063,472 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
[2017/12/22 03:06:37 | 000,033,219 | ---- | C] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017/12/22 03:06:31 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017/12/21 20:29:34 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/12/21 20:29:29 | 000,076,192 | ---- | C] () -- C:\Windows\SysNative\drivers\mbae64.sys
[2017/12/21 12:31:21 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task ff77e488-dc0e-4ea5-b16f-ca25ce799e40.job
[2017/12/21 12:31:16 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 4e5aaeb4-22dd-4560-a70b-c8a7969106cc.job
[2017/12/20 23:58:06 | 000,002,337 | ---- | C] () -- C:\Users\Fujitsu\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/12/20 23:58:06 | 000,002,325 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2017/12/20 23:58:06 | 000,002,313 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017/12/20 22:03:47 | 000,289,060 | ---- | C] () -- C:\Windows\SysNative\perfi001.dat
[2017/12/20 22:03:46 | 000,470,916 | ---- | C] () -- C:\Windows\SysNative\perfh001.dat
[2017/12/20 22:03:46 | 000,094,738 | ---- | C] () -- C:\Windows\SysNative\perfc001.dat
[2017/12/20 22:03:46 | 000,042,056 | ---- | C] () -- C:\Windows\SysNative\perfd001.dat
[2017/12/20 20:31:02 | 000,051,867 | ---- | C] () -- C:\Windows\Ultimate.xml
[2017/12/20 19:46:35 | 000,002,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conseiller de mise à niveau vers Windows 7.lnk
[2017/12/20 12:35:20 | 000,299,168 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017/12/19 15:42:56 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2017/12/18 13:36:02 | 001,604,539 | ---- | C] () -- C:\Users\Fujitsu\Documents\boooooooooonnnnnnnnnnnnnnnnn.xps
[2017/12/17 20:47:05 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017/12/17 15:15:17 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2017/12/07 19:49:32 | 000,000,442 | ---- | C] () -- C:\Users\Fujitsu\Application Data\Microsoft\Internet Explorer\Quick Launch\FeedReader.lnk
[2017/11/28 00:43:36 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2017/11/22 19:17:14 | 000,007,597 | ---- | C] () -- C:\Users\Fujitsu\AppData\Local\Resmon.ResmonCfg
[2017/11/22 14:59:36 | 000,017,785 | ---- | C] () -- C:\ProgramData\hva.1511359175.bdinstall.bin
[2017/11/22 14:59:09 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511359146.bdinstall.bin
[2017/11/22 14:30:34 | 000,017,819 | ---- | C] () -- C:\ProgramData\hva.1511357430.bdinstall.bin
[2017/11/20 18:18:04 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511198214.bdinstall.bin
[2017/11/20 18:16:37 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511197828.bdinstall.bin
[2017/11/20 18:05:27 | 000,075,733 | ---- | C] () -- C:\ProgramData\cl.kit.1511197425.bdinstall.bin
[2017/11/20 18:05:26 | 000,085,717 | ---- | C] () -- C:\ProgramData\cl.1511197503.bdinstall.bin
[2017/11/20 18:02:04 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511197322.bdinstall.bin
[2017/11/20 18:01:59 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511197315.bdinstall.bin
[2017/11/20 17:56:59 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511196758.bdinstall.bin
[2017/11/20 17:46:31 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511196386.bdinstall.bin
[2017/11/20 17:46:09 | 000,017,820 | ---- | C] () -- C:\ProgramData\hva.1511196366.bdinstall.bin
[2017/11/20 17:45:48 | 000,030,409 | ---- | C] () -- C:\ProgramData\agent.uninstall.1511196343.bdinstall.bin
[2017/11/20 15:00:19 | 000,028,011 | ---- | C] () -- C:\ProgramData\hva.1511186356.6168.bin
[2017/11/20 15:00:14 | 000,002,281 | ---- | C] () -- C:\ProgramData\hva.1511186356.3888.bin
[2017/11/20 14:59:16 | 000,025,204 | ---- | C] () -- C:\ProgramData\hva.1511186356.4836.bin
[2017/11/20 14:58:46 | 000,048,731 | ---- | C] () -- C:\ProgramData\agent.1511186321.bdinstall.bin
[2017/11/20 14:25:14 | 000,000,000 | ---- | C] () -- C:\Users\Fujitsu\AppData\Roaming\MCVi2UserDetail.ini
[2017/10/19 17:29:39 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2017/10/09 19:40:40 | 000,075,901 | ---- | C] () -- C:\ProgramData\cl.kit.1507574324.bdinstall.bin
[2017/10/09 19:40:38 | 000,092,067 | ---- | C] () -- C:\ProgramData\cl.1507574354.bdinstall.bin
[2017/10/09 19:35:30 | 000,075,902 | ---- | C] () -- C:\ProgramData\cl.kit.1507573776.bdinstall.bin
[2017/10/09 19:35:29 | 000,092,067 | ---- | C] () -- C:\ProgramData\cl.1507573854.bdinstall.bin
[2017/08/12 22:11:29 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2017/07/17 10:38:36 | 000,000,000 | ---- | C] () -- C:\Users\Fujitsu\AppData\Local\{63220E06-82B7-4108-AFD9-A4CB507C9FB5}
[2017/07/04 00:27:01 | 000,000,000 | ---- | C] () -- C:\Users\Fujitsu\AppData\Local\{3367F537-5756-427D-B676-4229EEFBAE53}
[2017/04/28 13:07:49 | 001,707,800 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2017/04/28 13:07:49 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2017/03/03 17:23:01 | 000,000,036 | ---- | C] () -- C:\Users\Fujitsu\AppData\Local\housecall.guid.cache
[2016/12/06 21:24:03 | 000,000,570 | ---- | C] () -- C:\Users\Fujitsu\AppData\Local\TroubleshooterConfig.json
[2016/11/21 18:21:57 | 000,000,650 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/08/04 14:10:30 | 001,882,250 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2017/08/15 16:29:44 | 014,182,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2017/08/15 16:10:54 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< etsvcs >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2016/08/29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\explorer.exe
[2016/08/29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_b0517adca98752cc\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2016/08/29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\SysWOW64\explorer.exe
[2016/08/29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_baa6252edde814c7\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015/04/11 05:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015/04/13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015/04/13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2017/02/05 16:38:39 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Adobe
[2017/11/26 15:09:35 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\AVG
[2016/11/23 18:29:22 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Broad Intelligence
[2017/11/24 16:13:25 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Cache
[2016/10/04 13:01:12 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Canneverbe Limited
[2017/12/12 16:27:22 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Dashlane
[2016/11/04 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\DeepBurner
[2016/11/20 16:40:34 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\dvdcss
[2017/03/15 22:43:59 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\East-Tec
[2017/12/07 19:49:37 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Feedreader
[2017/04/29 22:48:15 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Free Window Registry Repair
[2017/04/29 18:21:31 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\FreeHideIP
[2017/12/09 16:30:47 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\FRISK Software
[2017/11/28 01:02:49 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Fujitsu
[2017/12/18 16:08:22 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Google
[2015/12/11 10:47:47 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Identities
[2016/10/04 12:10:56 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\InfraRecorder
[2017/11/26 14:58:29 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Intel
[2017/12/17 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\IObit
[2017/11/24 15:59:38 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\log
[2016/10/15 12:35:19 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Macromedia
[2009/07/14 16:35:18 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Media Center Programs
[2016/08/29 18:07:39 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\MediaInfo
[2017/12/17 16:50:49 | 000,000,000 | --SD | M] -- C:\Users\Fujitsu\AppData\Roaming\Microsoft
[2017/11/27 22:25:17 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Mozilla
[2016/10/04 12:20:04 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Nero
[2016/08/19 20:41:20 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\OpenOffice
[2016/11/23 20:11:32 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Opera Software
[2017/10/19 15:31:04 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Panda Security
[2017/11/26 14:25:04 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\QuickScan
[2016/07/24 18:01:47 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\SFR
[2017/11/26 14:25:04 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Skype
[2017/04/27 17:15:30 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Soda PDF Desktop
[2017/04/27 16:39:49 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\SolidDocuments
[2016/10/23 14:23:49 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Sun
[2017/12/21 12:31:01 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\SUPERAntiSpyware.com
[2016/11/04 20:46:35 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\TuneUp Software
[2017/11/27 22:25:49 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\vlc
[2016/12/06 21:54:22 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\WhatsApp
[2016/07/24 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\WinRAR
[2017/08/27 14:20:59 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\WMM
[2017/07/22 22:01:24 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Yahoo
[2017/04/27 17:25:45 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\YCanPDF
[2017/12/29 14:28:21 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\ZHP

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2016/10/04 12:47:14 | 076,500,016 | ---- | M] () -- C:\Users\Fujitsu\AppData\Roaming\Nero\NeroInstaller\NERO2016TRIAL\Files\musicrecorder-Setup-14.0.62200.4.0.exe
[2016/10/04 12:47:11 | 269,969,352 | ---- | M] (Nero AG) -- C:\Users\Fujitsu\AppData\Roaming\Nero\NeroInstaller\NERO2016TRIAL\Files\Nero2016-17.0.04000_nsx_trial.exe
[2017/12/29 14:18:36 | 003,000,704 | ---- | M] () -- C:\Users\Fujitsu\AppData\Roaming\ZHP\ZHPCleaner.exe
[2017/12/24 20:44:09 | 002,955,136 | ---- | M] () -- C:\Users\Fujitsu\AppData\Roaming\ZHP\ZHPDiag3.exe
[2016/04/12 17:09:56 | 000,962,400 | ---- | M] (McAfee, Inc.) -- C:\Users\Fujitsu\AppData\Roaming\ZHP\Quarantine\McAfee.DIR\McAfee\Installer\9.0.9004.0\McInst.exe
[2016/06/23 15:05:08 | 000,088,400 | ---- | M] (McAfee, Inc.) -- C:\Users\Fujitsu\AppData\Roaming\ZHP\Quarantine\McAfee.DIR\McAfee\SystemCore\mfecanary.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\syswow64\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\syswow64\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\InstallInfo\\ReinstallCommand: "C:\Users\Fujitsu\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\InstallInfo\\HideIconsCommand: "C:\Users\Fujitsu\AppData\Local\Chromium\Application\chrome.exe" --hide-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\InstallInfo\\ShowIconsCommand: "C:\Users\Fujitsu\AppData\Local\Chromium\Application\chrome.exe" --show-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\shell\open\command\\: "C:\Users\Fujitsu\AppData\Local\Chromium\Application\chrome.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2017/12/06 23:30:51 | 000,897,120 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2017/12/06 23:30:51 | 000,897,120 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2017/12/06 23:30:51 | 000,897,120 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2017/12/07 05:13:32 | 000,446,416 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2017/12/07 05:13:32 | 000,446,416 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2017/12/07 05:13:32 | 000,446,416 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2017/11/15 02:27:37 | 000,814,792 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\InstallInfo\\ReinstallCommand: "C:\USERS\FUJITSU\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\InstallInfo\\HideIconsCommand: "C:\USERS\FUJITSU\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE" --HIDE-ICONS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\InstallInfo\\ShowIconsCommand: "C:\USERS\FUJITSU\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE" --SHOW-ICONS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Chromium.4VVI577MXBMOTZG5O52K6KUZII\shell\open\command\\: "C:\USERS\FUJITSU\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE"
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2017/12/06 23:30:51 | 000,897,120 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2017/12/06 23:30:51 | 000,897,120 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2017/12/06 23:30:51 | 000,897,120 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\shell\open\command\\: "C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE" [2017/12/07 05:13:32 | 000,446,416 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\shell\properties\command\\: "C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2017/12/07 05:13:32 | 000,446,416 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Firefox-308046B0AF4A39CB\shell\safemode\command\\: "C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2017/12/07 05:13:32 | 000,446,416 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2017/12/14 03:49:06 | 001,592,664 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2017/11/14 03:48:51 | 000,726,528 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2017/11/14 03:48:51 | 000,726,528 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2017/11/14 03:48:51 | 000,726,528 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2017/11/15 02:27:37 | 000,814,792 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: IEXPLORE.EXE

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

Signaler le contenu de ce document