ÿþOTL logfile created on: 25/03/2017 11:12:40 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JEAN YVES PORTABLE\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17631) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,82 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 23,68% Memory free 5,76 Gb Paging File | 1,31 Gb Available in Paging File | 22,71% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 680,39 Gb Total Space | 541,80 Gb Free Space | 79,63% Space Free | Partition Type: NTFS Computer Name: JEAN-YVES-PORT | User Name: JEAN YVES PORTABLE | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2017/03/25 11:11:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JEAN YVES PORTABLE\Desktop\OTL.exe PRC - [2017/03/19 12:31:18 | 000,517,064 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2017/03/18 20:16:57 | 009,441,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2017/03/18 20:15:02 | 000,440,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvastNM.exe PRC - [2017/03/03 10:25:35 | 000,731,680 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser_crashreporter.exe PRC - [2017/03/03 10:25:34 | 000,801,824 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe PRC - [2017/01/20 07:57:12 | 002,780,112 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe PRC - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014/05/22 18:27:54 | 000,580,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe PRC - [2014/05/22 18:25:18 | 001,537,024 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe PRC - [2014/05/22 12:50:04 | 004,513,792 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe PRC - [2013/09/25 14:35:06 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe PRC - [2013/08/22 03:54:00 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\cmd.exe PRC - [2012/12/10 09:39:12 | 000,475,984 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2012/12/10 09:39:08 | 001,192,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2012/07/17 10:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012/07/17 10:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012/07/17 10:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Nero\Update\NASvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2017/03/18 20:15:21 | 000,655,056 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll MOD - [2017/03/18 20:15:16 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll MOD - [2017/03/18 20:15:02 | 000,440,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvastNM.exe MOD - [2017/03/18 20:14:35 | 000,290,352 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll MOD - [2017/03/03 10:25:31 | 068,870,688 | ---- | M] () -- C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.dll MOD - [2016/07/11 21:29:59 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc) SRV:[b]64bit:[/b] - [2017/03/19 11:50:52 | 000,278,784 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV:[b]64bit:[/b] - [2017/03/18 20:15:15 | 000,262,736 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2017/03/18 20:14:37 | 007,147,320 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent) SRV:[b]64bit:[/b] - [2017/01/20 07:54:02 | 004,355,024 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService) SRV:[b]64bit:[/b] - [2016/02/03 16:11:56 | 001,673,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:[b]64bit:[/b] - [2015/12/20 15:57:54 | 000,839,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2015/09/08 19:55:41 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2015/07/22 14:52:08 | 001,633,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\diagtrack.dll -- (DiagTrack) SRV:[b]64bit:[/b] - [2015/07/16 19:58:34 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2015/05/30 20:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2015/05/12 14:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2015/05/07 16:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:[b]64bit:[/b] - [2015/02/21 00:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2014/10/31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2014/10/29 02:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:[b]64bit:[/b] - [2014/10/29 02:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\smphost.dll -- (smphost) SRV:[b]64bit:[/b] - [2014/10/29 02:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2014/04/19 18:48:02 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:[b]64bit:[/b] - [2014/03/18 11:10:05 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\AppReadiness.dll -- (AppReadiness) SRV:[b]64bit:[/b] - [2014/03/18 11:09:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2014/03/18 11:09:56 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2014/03/18 11:09:55 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2014/03/18 11:09:51 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:[b]64bit:[/b] - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\icsvc.dll -- (vmicguestinterface) SRV:[b]64bit:[/b] - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:[b]64bit:[/b] - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\ncbservice.dll -- (NcbService) SRV:[b]64bit:[/b] - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2013/03/15 14:00:12 | 000,662,088 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b]64bit:[/b] - [2012/04/20 13:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2017/03/19 12:31:18 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2017/03/15 01:04:11 | 000,271,960 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2017/02/27 12:14:56 | 000,317,400 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2015/09/08 19:55:41 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2015/05/07 16:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014/10/29 02:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\smphost.dll -- (smphost) SRV - [2014/01/25 01:22:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2013/09/25 14:35:06 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2013/09/05 01:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013/09/01 04:19:52 | 000,093,296 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\WINDOWS\RfBtnSvc64.exe -- (RfButtonDriverService) SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2013/01/28 13:47:24 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2012/07/17 10:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/07/17 10:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012/07/17 10:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2012/07/14 00:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv) DRV:[b]64bit:[/b] - [2017/03/25 09:39:12 | 000,092,088 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mwac.sys -- (MBAMWebProtection) DRV:[b]64bit:[/b] - [2017/03/25 09:39:12 | 000,092,088 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:[b]64bit:[/b] - [2017/03/23 00:06:29 | 000,186,304 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys -- (MBAMChameleon) DRV:[b]64bit:[/b] - [2017/03/23 00:06:20 | 000,111,544 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\farflt.sys -- (MBAMFarflt) DRV:[b]64bit:[/b] - [2017/03/23 00:06:19 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2017/03/23 00:06:19 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtection) DRV:[b]64bit:[/b] - [2017/03/23 00:06:17 | 000,251,840 | ---- | M] (Malwarebytes) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:[b]64bit:[/b] - [2017/03/21 23:52:00 | 000,548,928 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\aswsp.sys -- (aswSP) DRV:[b]64bit:[/b] - [2017/03/19 11:50:53 | 000,461,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswNetSec.sys -- (aswNetSec) DRV:[b]64bit:[/b] - [2017/03/18 20:16:54 | 000,337,592 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,162,528 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswStm.sys -- (aswStm) DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,126,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,075,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2017/03/18 20:15:37 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:[b]64bit:[/b] - [2017/03/18 20:15:36 | 000,100,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2017/03/18 20:15:05 | 000,993,608 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2017/03/18 20:15:04 | 000,032,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswbloga.sys -- (aswblog) DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,309,272 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver) DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys -- (aswbidsh) DRV:[b]64bit:[/b] - [2017/03/18 20:14:35 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys -- (aswbuniv) DRV:[b]64bit:[/b] - [2017/02/24 06:23:20 | 000,077,408 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\mbae64.sys -- (ESProtectionDriver) DRV:[b]64bit:[/b] - [2016/09/05 05:47:12 | 000,165,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2016/09/05 05:47:06 | 000,131,712 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2016/01/26 20:15:40 | 000,072,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2016/01/24 19:19:09 | 000,419,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2015/11/05 15:23:52 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2015/10/11 07:34:30 | 000,468,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2015/09/29 13:24:42 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2015/07/20 20:45:04 | 000,050,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:[b]64bit:[/b] - [2015/07/07 10:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2015/07/07 10:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2015/07/07 10:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:[b]64bit:[/b] - [2015/04/16 07:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2015/03/20 02:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\ahcache.sys -- (ahcache) DRV:[b]64bit:[/b] - [2015/03/13 05:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2015/03/09 03:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2015/03/04 11:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2014/11/10 19:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2014/10/29 04:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2014/10/13 03:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2014/10/13 03:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\intelpep.sys -- (intelpep) DRV:[b]64bit:[/b] - [2014/10/07 07:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2014/08/15 21:13:34 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:[b]64bit:[/b] - [2014/08/15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2014/07/24 12:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2014/05/01 14:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2014/04/19 18:48:07 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:[b]64bit:[/b] - [2014/03/18 11:09:57 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:[b]64bit:[/b] - [2014/03/18 11:09:52 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:[b]64bit:[/b] - [2014/03/18 11:09:38 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\stornvme.sys -- (stornvme) DRV:[b]64bit:[/b] - [2014/03/18 11:09:37 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2014/03/18 10:41:19 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2014/01/25 01:22:44 | 004,221,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2014/01/22 08:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ssudserd.sys -- (ssudserd) DRV:[b]64bit:[/b] - [2013/12/27 00:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:[b]64bit:[/b] - [2013/09/05 01:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2013/09/01 04:19:52 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid) DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SysNative\drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\uefi.sys -- (UEFI) DRV:[b]64bit:[/b] - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2013/08/22 12:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:[b]64bit:[/b] - [2013/08/22 12:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:[b]64bit:[/b] - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:[b]64bit:[/b] - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:[b]64bit:[/b] - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2013/08/22 11:27:46 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:[b]64bit:[/b] - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:[b]64bit:[/b] - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:[b]64bit:[/b] - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:[b]64bit:[/b] - [2013/06/18 15:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2013/06/18 15:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\L1C63x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2013/01/28 13:23:28 | 000,581,200 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b]64bit:[/b] - [2013/01/28 13:23:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b]64bit:[/b] - [2013/01/28 13:23:24 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b]64bit:[/b] - [2013/01/28 13:23:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b]64bit:[/b] - [2013/01/28 13:23:18 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b]64bit:[/b] - [2013/01/28 13:23:18 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b]64bit:[/b] - [2012/12/07 10:19:12 | 000,331,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2012/10/03 15:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2012/08/16 06:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012/08/03 10:55:34 | 000,340,112 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:[b]64bit:[/b] - [2012/07/02 08:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012/06/19 00:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} IE - HKLM\..\SearchScopes\{C3476305-4AA1-4781-AD53-7782693DFC53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.fr/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "FR" FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaultthis.engineName: "Google" FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search?bcutc=sp-006" FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo" FF - prefs.js..browser.search.highlightCount: 3 FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.order.3: "Bing " FF - prefs.js..browser.search.region: "FR" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..browser.startup.homepage: "https://www.google.com/?bcutc=sp-006" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.0.1 FF - prefs.js..keyword.URL: "https://www.google.com/search?bcutc=sp-006" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\adslTV\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017/03/19 11:51:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2017/03/19 12:31:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: removed FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Market: fr-fr FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Package: DefaultPack FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\OSVersion: 6.2.9200.1 FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\LVersion: 1.7.51.0 FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\MFVersion: MF39.0.3 (x86 fr) [2014/01/22 19:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Extensions [2017/03/20 08:56:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Firefox\Profiles\rgnhhcj9.default\extensions [2014/03/27 07:05:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Firefox\Profilesrgnhhcj9.default\extensions [2014/03/27 07:05:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\Firefox\Profilesrgnhhcj9.default\extensions\staged [2017/03/20 08:56:15 | 000,830,818 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2017/03/25 09:55:09 | 000,008,115 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{4fe71b52-2af0-4922-accd-57b61176b0e8}\deployment-checker@mozilla.org.xpi [2017/03/25 09:55:09 | 000,007,195 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{4fe71b52-2af0-4922-accd-57b61176b0e8}\e10srollout@mozilla.org.xpi [2017/03/05 12:08:00 | 000,007,704 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\aushelper@mozilla.org.xpi [2017/03/05 12:08:00 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\diagnostics@mozilla.org.xpi [2017/03/05 12:08:00 | 000,008,857 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\disableSHA1rollout@mozilla.org.xpi [2017/03/05 12:08:00 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\features\{578f31fe-e7b6-4c1b-b67b-f72d2bcccf9f}\hsts-priming@mozilla.org.xpi [2016/12/04 11:48:13 | 000,002,426 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\mozilla\firefox\profiles\rgnhhcj9.default\searchplugins\google-avast.xml [2017/03/19 12:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2017/03/19 12:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.5_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik\1.1.2697_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.155_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.9_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.163_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.199_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\9.0.0.5000_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\9.0.0.7200_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_0\ O1 HOSTS File: ([2017/01/26 13:20:54 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [LManager] File not found O4 - HKCU..\Run: [Viber] C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber\Viber.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Key error. File not found O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C280265-0916-4FAA-AC38-BCFC03DCE378}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{733FC8E8-BDA6-41DB-8879-67A27290F732}: DhcpNameServer = 172.20.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FE3B31F-223A-417C-93AE-8E13F7E6BE19}: DhcpNameServer = 212.27.40.240 212.27.40.241 O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{473448cc-cf8c-11e4-becf-48d2247423e5}\Shell - "" = AutoRun O33 - MountPoints2\{473448cc-cf8c-11e4-becf-48d2247423e5}\Shell\AutoRun\command - "" = "E:\AutoRun.exe" O33 - MountPoints2\{4ec17ef9-f52f-11e6-bf9d-48d2247423e5}\Shell - "" = AutoRun O33 - MountPoints2\{4ec17ef9-f52f-11e6-bf9d-48d2247423e5}\Shell\AutoRun\command - "" = "E:\HiSuiteDownLoader.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] lfsvc - C:\WINDOWS\SysNative\GeofenceMonitorService.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] wlidsvc - C:\WINDOWS\SysNative\wlidsvc.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] DsmSvc - C:\WINDOWS\SysNative\DeviceSetupManager.dll (Microsoft Corporation) NetSvcs:[b]64bit:[/b] NcaSvc - C:\WINDOWS\SysNative\NcaSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] BasicDisplay.sys - C:\WINDOWS\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] BasicRender.sys - C:\WINDOWS\SysNative\drivers\BasicRender.sys (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] BrokerInfrastructure - C:\WINDOWS\SysNative\bisrv.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] EFS - C:\WINDOWS\SysNative\efssvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] KeyIso - C:\WINDOWS\SysNative\keyiso.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] LSM - C:\WINDOWS\SysNative\lsm.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) SafeBootMin:[b]64bit:[/b] Netlogon - C:\WINDOWS\SysNative\netlogon.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] SystemEventsBroker - C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] TBS - Service SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootMin:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: TBS - Service SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] BasicDisplay.sys - C:\WINDOWS\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] BasicRender.sys - C:\WINDOWS\SysNative\drivers\BasicRender.sys (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] BrokerInfrastructure - C:\WINDOWS\SysNative\bisrv.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] EFS - C:\WINDOWS\SysNative\efssvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] KeyIso - C:\WINDOWS\SysNative\keyiso.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] LSM - C:\WINDOWS\SysNative\lsm.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] MBAMService - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Netlogon - C:\WINDOWS\SysNative\netlogon.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] netprofm - C:\WINDOWS\SysNative\netprofmsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdpencdd.sys - Driver SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] SmartcardSimulator - Driver SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] SystemEventsBroker - C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] TBS - Service SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] VaultSvc - C:\WINDOWS\SysNative\vaultsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] VirtualSmartcardReader - Driver SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] Wcmsvc - C:\WINDOWS\SysNative\wcmsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootNet:[b]64bit:[/b] {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdpencdd.sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: SmartcardSimulator - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TBS - Service SafeBootNet: TDI - Driver Group SafeBootNet: VirtualSmartcardReader - Driver SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2017/03/25 11:11:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JEAN YVES PORTABLE\Desktop\OTL.exe [2017/03/23 12:46:36 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\RAPPORTS [2017/03/23 09:20:25 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\CCLEANER [2017/03/23 08:45:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2017/03/22 20:24:00 | 000,186,304 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys [2017/03/22 20:23:39 | 000,111,544 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys [2017/03/22 20:23:39 | 000,092,088 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys [2017/03/22 20:23:33 | 000,043,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2017/03/22 20:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [2017/03/22 20:22:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes [2017/03/21 00:11:45 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64} [2017/03/20 10:19:07 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll [2017/03/20 10:19:07 | 000,093,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe [2017/03/20 10:19:06 | 001,609,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll [2017/03/20 10:19:06 | 001,286,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll [2017/03/20 10:19:06 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll [2017/03/20 10:19:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll [2017/03/20 10:19:04 | 000,646,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll [2017/03/20 10:19:04 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll [2017/03/20 10:19:03 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\centel.dll [2017/03/20 08:54:10 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AVAST Software [2017/03/20 01:40:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\softwaredistribution.bak [2017/03/20 01:39:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\softwareDistribution [2017/03/20 01:07:31 | 000,000,000 | ---D | C] -- C:\reinage [2017/03/19 13:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2017/03/19 13:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2017/03/19 13:18:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2017/03/19 12:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2017/03/19 11:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [2017/03/19 11:51:57 | 000,461,640 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNetSec.sys [2017/03/19 11:51:41 | 000,398,408 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017/03/19 09:37:09 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\FLO [2017/03/18 20:16:13 | 000,334,600 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys [2017/03/18 20:16:13 | 000,309,272 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys [2017/03/18 20:16:13 | 000,189,768 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys [2017/03/18 20:16:13 | 000,048,528 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys [2017/03/18 13:42:40 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\PV AMENDES [2017/03/15 21:18:16 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2017/03/15 21:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2017/03/15 21:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2017/02/26 13:21:36 | 000,000,000 | ---D | C] -- C:\Users\JEAN YVES PORTABLE\Desktop\KIT E85 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2017/03/25 11:16:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2017/03/25 11:11:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JEAN YVES PORTABLE\Desktop\OTL.exe [2017/03/25 09:39:12 | 000,092,088 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys [2017/03/25 09:32:44 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2017/03/23 13:04:51 | 000,000,217 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\Desktop\Accueil de Cjoint.com.URL [2017/03/23 12:43:12 | 000,000,193 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2017/03/23 08:38:05 | 000,003,771 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\Desktop\NETTOYEURS PC .rtf [2017/03/23 00:06:29 | 000,186,304 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys [2017/03/23 00:06:20 | 000,111,544 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys [2017/03/23 00:06:19 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2017/03/23 00:06:17 | 000,251,840 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys [2017/03/23 00:03:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2017/03/23 00:03:46 | 3283,525,632 | -HS- | M] () -- C:\hiberfil.sys [2017/03/22 20:22:26 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk [2017/03/21 23:52:00 | 000,548,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys [2017/03/19 13:19:21 | 000,001,729 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2017/03/19 11:52:34 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\Avast Internet Security.lnk [2017/03/19 11:50:53 | 000,461,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNetSec.sys [2017/03/18 20:16:54 | 000,337,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys [2017/03/18 20:15:37 | 000,547,904 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys.148986461200004 [2017/03/18 20:15:37 | 000,398,408 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017/03/18 20:15:37 | 000,337,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswvmm.sys.148986461487506 [2017/03/18 20:15:37 | 000,162,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys [2017/03/18 20:15:37 | 000,126,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2017/03/18 20:15:37 | 000,075,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2017/03/18 20:15:37 | 000,038,296 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys [2017/03/18 20:15:36 | 000,100,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2017/03/18 20:15:05 | 000,993,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys [2017/03/18 20:15:04 | 000,032,088 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys [2017/03/18 20:14:35 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys [2017/03/18 20:14:35 | 000,309,272 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys [2017/03/18 20:14:35 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys [2017/03/18 20:14:35 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys [2017/03/15 21:18:16 | 000,002,713 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2017/03/03 06:15:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\last.dump [2017/02/24 06:23:20 | 000,077,408 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys [2017/02/23 15:50:44 | 000,093,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2017/03/25 11:16:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2017/03/23 13:04:51 | 000,000,217 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\Desktop\Accueil de Cjoint.com.URL [2017/03/23 12:43:12 | 000,000,193 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2017/03/22 20:50:01 | 000,003,771 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\Desktop\NETTOYEURS PC .rtf [2017/03/22 20:22:26 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk [2017/03/22 20:22:21 | 000,077,408 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys [2017/03/19 13:19:21 | 000,001,729 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2017/03/19 11:52:34 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\Avast Internet Security.lnk [2017/03/15 21:18:16 | 000,002,713 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2016/10/18 13:27:19 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2016/10/18 13:20:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SysWow64\BRTCPCON.DLL [2016/10/18 13:20:53 | 000,000,114 | ---- | C] () -- C:\WINDOWS\SysWow64\BRLMW03A.INI [2015/06/21 22:42:08 | 000,000,207 | ---- | C] () -- C:\WINDOWS\tweaking.com-regbackup-JEAN-YVES-PORT-Windows-8.1-(64-bit).dat [2015/05/05 23:27:01 | 001,818,112 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\ZHPCleaner.exe [2015/02/20 09:38:53 | 000,004,902 | ---- | C] () -- C:\ProgramData\eaapqbsg.gfr [2015/01/05 23:59:43 | 000,052,224 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\CDRusersDB.v12 [2014/02/21 14:08:03 | 000,000,088 | ---- | C] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\WB.CFG [2013/09/01 04:22:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\WINDOWS\SysNative\shell32.dll -- [2015/08/27 03:43:09 | 022,372,152 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015/08/27 03:42:51 | 019,795,904 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKCU\Software >[/color] [HKEY_CURRENT_USER\Software\Adobe] [HKEY_CURRENT_USER\Software\Against Intuition] [HKEY_CURRENT_USER\Software\AppDataLow] [HKEY_CURRENT_USER\Software\Apple Computer, Inc.] [HKEY_CURRENT_USER\Software\Apple Inc.] [HKEY_CURRENT_USER\Software\Atheros] [HKEY_CURRENT_USER\Software\AVAST Software] [HKEY_CURRENT_USER\Software\Brother] [HKEY_CURRENT_USER\Software\cacaoweb] [HKEY_CURRENT_USER\Software\Canon] [HKEY_CURRENT_USER\Software\Clients] [HKEY_CURRENT_USER\Software\Clubic] [HKEY_CURRENT_USER\Software\DivX] [HKEY_CURRENT_USER\Software\Dritek] [HKEY_CURRENT_USER\Software\DSP-worx] [HKEY_CURRENT_USER\Software\Elantech] [HKEY_CURRENT_USER\Software\GetFLV] [HKEY_CURRENT_USER\Software\GNU] [HKEY_CURRENT_USER\Software\Google] [HKEY_CURRENT_USER\Software\IM Providers] [HKEY_CURRENT_USER\Software\Intel] [HKEY_CURRENT_USER\Software\LAV] [HKEY_CURRENT_USER\Software\Licenses] [HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications] [HKEY_CURRENT_USER\Software\Macromedia] [HKEY_CURRENT_USER\Software\MainConcept] [HKEY_CURRENT_USER\Software\Malwarebytes] [HKEY_CURRENT_USER\Software\Microsoft] [HKEY_CURRENT_USER\Software\MOVAVI] [HKEY_CURRENT_USER\Software\Mozilla] [HKEY_CURRENT_USER\Software\MozillaPlugins] [HKEY_CURRENT_USER\Software\Netscape] [HKEY_CURRENT_USER\Software\NVIDIA Corporation] [HKEY_CURRENT_USER\Software\OEM] [HKEY_CURRENT_USER\Software\Piriform] [HKEY_CURRENT_USER\Software\Policies] [HKEY_CURRENT_USER\Software\Realtek] [HKEY_CURRENT_USER\Software\RegisteredApplications] [HKEY_CURRENT_USER\Software\Skype] [HKEY_CURRENT_USER\Software\SYNCJM] [HKEY_CURRENT_USER\Software\TeleCharger] [HKEY_CURRENT_USER\Software\Trolltech] [HKEY_CURRENT_USER\Software\Viber] [HKEY_CURRENT_USER\Software\VirtualDJ] [HKEY_CURRENT_USER\Software\WinRAR] [HKEY_CURRENT_USER\Software\WinRAR SFX] [HKEY_CURRENT_USER\Software\Wow6432Node] [HKEY_CURRENT_USER\Software\ZebHelpProcess Helper] [HKEY_CURRENT_USER\Software\Classes] [color=#A23BEC]< HKLM\Software >[/color] [HKEY_LOCAL_MACHINE\Software\Adobe] [HKEY_LOCAL_MACHINE\Software\AGEIA Technologies] [HKEY_LOCAL_MACHINE\Software\Apple Inc.] [HKEY_LOCAL_MACHINE\Software\ATHEROS] [HKEY_LOCAL_MACHINE\Software\AVAST Software] [HKEY_LOCAL_MACHINE\Software\Brother] [HKEY_LOCAL_MACHINE\Software\Brother Industries, Ltd.] [HKEY_LOCAL_MACHINE\Software\Clearfi] [HKEY_LOCAL_MACHINE\Software\CyberLink] [HKEY_LOCAL_MACHINE\Software\DivX] [HKEY_LOCAL_MACHINE\Software\DivXNetworks] [HKEY_LOCAL_MACHINE\Software\Dritek] [HKEY_LOCAL_MACHINE\Software\Google] [HKEY_LOCAL_MACHINE\Software\IM Providers] [HKEY_LOCAL_MACHINE\Software\Intel] [HKEY_LOCAL_MACHINE\Software\Khronos] [HKEY_LOCAL_MACHINE\Software\Licenses] [HKEY_LOCAL_MACHINE\Software\Macromedia] [HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware] [HKEY_LOCAL_MACHINE\Software\Microsoft] [HKEY_LOCAL_MACHINE\Software\MOVAVI] [HKEY_LOCAL_MACHINE\Software\Mozilla] [HKEY_LOCAL_MACHINE\Software\mozilla.org] [HKEY_LOCAL_MACHINE\Software\MozillaPlugins] [HKEY_LOCAL_MACHINE\Software\Nero] [HKEY_LOCAL_MACHINE\Software\Nuance] [HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation] [HKEY_LOCAL_MACHINE\Software\ODBC] [HKEY_LOCAL_MACHINE\Software\OEM] [HKEY_LOCAL_MACHINE\Software\OldTimer Tools] [HKEY_LOCAL_MACHINE\Software\Panicware] [HKEY_LOCAL_MACHINE\Software\Realtek] [HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.] [HKEY_LOCAL_MACHINE\Software\S3R521] [HKEY_LOCAL_MACHINE\Software\SiteFinder] [HKEY_LOCAL_MACHINE\Software\Skype] [HKEY_LOCAL_MACHINE\Software\Volatile] [HKEY_LOCAL_MACHINE\Software\WildTangent] [HKEY_LOCAL_MACHINE\Software\Wise Solutions] [HKEY_LOCAL_MACHINE\Software\Classes] [HKEY_LOCAL_MACHINE\Software\Clients] [HKEY_LOCAL_MACHINE\Software\Policies] [HKEY_LOCAL_MACHINE\Software\RegisteredApplications] [color=#A23BEC]< %Homedrive%\* >[/color] [2017/01/26 13:18:13 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini [2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2017/03/25 10:27:25 | 000,000,581 | ---- | M] () -- C:\DelFix.txt [2017/03/23 00:03:46 | 3283,525,632 | -HS- | M] () -- C:\hiberfil.sys [2017/03/24 09:06:33 | 2082,017,280 | -HS- | M] () -- C:\pagefile.sys [2017/03/25 11:16:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2017/03/23 00:03:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [color=#A23BEC]< %Homedrive%\*. >[/color] [2016/07/11 19:02:13 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2014/10/26 13:15:20 | 000,000,000 | ---D | M] -- C:\ACER D [2014/02/21 12:53:06 | 000,000,000 | ---D | M] -- C:\AcerCloud [2016/10/18 13:22:08 | 000,000,000 | ---D | M] -- C:\Brother [2017/03/22 08:37:17 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2013/09/01 04:46:23 | 000,000,000 | ---D | M] -- C:\Dolby PCEE4 [2016/07/11 19:02:13 | 000,000,000 | ---D | M] -- C:\PDFToJPG [2015/03/30 07:21:16 | 000,000,000 | ---D | M] -- C:\PRO [2017/03/22 23:58:16 | 000,000,000 | R--D | M] -- C:\Program Files [2017/03/23 13:07:46 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2017/03/25 11:02:25 | 000,000,000 | -H-D | M] -- C:\ProgramData [2017/03/20 01:09:13 | 000,000,000 | ---D | M] -- C:\reinage [2017/03/25 10:25:17 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2016/09/15 08:00:37 | 000,000,000 | R--D | M] -- C:\Users [2017/03/23 12:43:12 | 000,000,000 | ---D | M] -- C:\WINDOWS [color=#A23BEC]< %Userprofile%\* >[/color] [2017/03/24 09:07:59 | 002,883,584 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat [2014/04/19 18:00:54 | 001,232,896 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat.LOG1 [2014/04/19 18:00:54 | 002,039,808 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat.LOG2 [2016/07/11 21:10:07 | 000,065,536 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{cce281e7-4787-11e6-bf9a-48d2247423e5}.TM.blf [2016/07/11 21:10:07 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{cce281e7-4787-11e6-bf9a-48d2247423e5}.TMContainer00000000000000000001.regtrans-ms [2016/07/11 21:10:07 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{cce281e7-4787-11e6-bf9a-48d2247423e5}.TMContainer00000000000000000002.regtrans-ms [2015/06/30 08:23:11 | 000,065,536 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{e6048f3d-1abb-11e5-bef2-48d2247423e5}.TM.blf [2015/06/30 08:23:11 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{e6048f3d-1abb-11e5-bef2-48d2247423e5}.TMContainer00000000000000000001.regtrans-ms [2015/06/30 08:23:11 | 000,524,288 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.dat{e6048f3d-1abb-11e5-bef2-48d2247423e5}.TMContainer00000000000000000002.regtrans-ms [2014/04/19 21:50:49 | 000,000,020 | -HS- | M] () -- C:\Users\JEAN YVES PORTABLE\ntuser.ini [2016/10/18 13:32:29 | 000,000,000 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\Sti_Trace.log [2015/05/05 23:27:01 | 001,818,112 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\ZHPCleaner.exe [color=#A23BEC]< %Userprofile%\*. >[/color] [2015/10/31 02:02:51 | 000,000,000 | -H-D | M] -- C:\Users\JEAN YVES PORTABLE\AppData [2016/09/23 16:48:56 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\ASSURANCES [2016/02/18 12:16:59 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AVOCAT [2016/12/21 20:14:43 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\BANK SOON [2017/03/14 08:29:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\CAF -RSA [2016/10/09 08:35:02 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\CHARLY [2017/03/25 11:11:34 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Desktop [2017/03/21 10:06:36 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Downloads [2016/09/27 09:31:26 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\EAU TOURNON [2017/01/05 20:22:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\ENGIE [2016/08/29 20:16:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\FAMILLE [2016/10/24 15:34:17 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Favorites [2016/10/10 12:35:52 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\FLORIDE [2015/09/30 23:27:58 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\FREE [2016/09/27 08:05:17 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\IMMOBILIER [2017/03/14 08:28:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\IMPOTS [2017/01/30 02:59:12 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\J.B [2016/05/13 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\LAMPIRIS [2017/01/06 23:11:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\LES HERMALS [2016/11/22 19:32:08 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Links [2017/02/08 09:25:09 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\LIQUIDATION PERSO [2017/01/23 10:44:06 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\MAMAN [2017/01/26 23:36:31 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\MOI [2016/08/25 07:08:01 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\MONABANQ [2016/09/15 16:42:08 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Music [2017/03/24 09:18:37 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\OneDrive [2017/02/14 19:06:54 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\PAPA [2016/09/29 01:05:07 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\PicStream [2016/12/26 12:22:33 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Pictures [2017/02/28 14:26:09 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\POLE EMPLOI [2017/03/18 13:43:57 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\PV AMENDES [2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\Recent [2015/11/17 13:21:21 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Saved Games [2015/11/17 13:21:21 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Searches [2016/08/30 02:39:45 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\Tracing [2015/11/17 13:21:19 | 000,000,000 | R--D | M] -- C:\Users\JEAN YVES PORTABLE\Videos [2016/03/10 08:30:29 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\VIRGIN MOBIL [2015/02/21 22:49:25 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\Virtual DJ 7 nouvelle version French [2016/10/02 19:53:53 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\WISH [2016/02/15 16:06:38 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\ZICS [color=#A23BEC]< %Allusersprofile%\* >[/color] [2013/09/01 04:22:56 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl [2015/02/20 09:38:53 | 000,004,902 | ---- | M] () -- C:\ProgramData\eaapqbsg.gfr [color=#A23BEC]< %Allusersprofile%\*. >[/color] [2013/09/01 04:43:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer [2016/01/19 13:33:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe [2015/04/28 17:02:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple [2015/04/28 17:03:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer [2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data [2016/09/15 11:43:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Atheros [2017/03/19 20:09:58 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software [2016/10/18 13:23:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Brother [2014/01/22 01:44:16 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau [2016/02/08 16:03:58 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonBJ [2016/06/02 08:55:54 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM [2016/02/08 16:08:04 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJWSpt [2016/10/18 13:21:54 | 000,000,000 | ---D | M] -- C:\ProgramData\ControlCenter4 [2015/02/02 09:34:05 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink [2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop [2015/02/12 06:28:40 | 000,000,000 | ---D | M] -- C:\ProgramData\DivX [2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents [2013/09/01 04:41:59 | 000,000,000 | ---D | M] -- C:\ProgramData\install_clap [2013/09/01 04:14:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel [2017/03/22 20:22:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes [2014/01/22 01:44:16 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer [2016/07/11 18:13:28 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft [2014/01/22 01:44:16 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles [2015/02/20 09:34:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Movavi [2014/01/22 19:54:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla [2013/04/18 05:39:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero [2014/04/19 16:54:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton [2014/04/16 13:59:46 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller [2015/10/31 02:02:57 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA [2014/04/19 17:52:53 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation [2016/09/15 17:19:08 | 000,000,000 | ---D | M] -- C:\ProgramData\OEM [2017/03/15 21:14:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache [2016/10/18 13:21:31 | 000,000,000 | ---D | M] -- C:\ProgramData\PCFaxTx [2016/05/01 17:09:10 | 000,000,000 | ---D | M] -- C:\ProgramData\PDF Architect 4 [2015/10/31 02:02:57 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1991-06.com.microsoft [2016/07/11 19:01:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung [2017/03/15 21:18:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype [2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu [2015/02/12 06:28:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp [2013/08/22 15:45:52 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates [2016/01/19 12:49:00 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip [color=#A23BEC]< %localappdata%\* >[/color] [2017/03/24 09:07:50 | 000,123,216 | -H-- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Local\IconCache.db [color=#A23BEC]< %localappdata%\*. >[/color] [2014/01/26 09:29:50 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Acer [2014/01/26 09:28:46 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AcerCloud [2017/01/26 13:18:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Adobe [2016/07/11 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\adslTV [2015/02/02 08:48:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AOP SDK [2015/04/28 17:02:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple [2015/04/28 17:04:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple Computer [2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Application Data [2015/04/02 05:52:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apps [2017/03/20 08:54:10 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AVAST Software [2016/03/08 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\CEF [2015/10/31 01:38:33 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\clear.fi [2014/01/26 09:26:42 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiMedia [2014/01/26 09:24:12 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiPhoto [2017/02/16 10:16:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Diagnostics [2014/01/26 09:27:35 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Doc [2017/02/18 13:57:53 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ElevatedDiagnostics [2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieBrowserModeList [2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieSiteList [2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieUserList [2016/10/31 02:57:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Google [2016/03/03 08:51:56 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\GWX [2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Historique [2016/03/04 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Macromedia [2016/09/15 16:30:51 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft [2014/01/22 19:55:02 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Mozilla [2016/03/03 21:30:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Nico Mak Computing [2016/09/15 16:51:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Packages [2016/03/12 08:33:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Programs [2016/07/11 21:59:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Skype [2017/03/25 11:14:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temp [2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temporary Internet Files [2017/01/27 03:19:15 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\tkdata [2017/03/20 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber [2016/01/19 13:16:01 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\VirtualStore [2016/01/19 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\WinZip [2017/03/21 00:11:45 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64} [color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color] [color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color] [color=#A23BEC]< %programFiles%\* >[/color] [2013/08/22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC]< %programFiles%\*. >[/color] [2015/10/31 01:38:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer [2016/07/22 07:54:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe [2016/07/11 19:02:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\adslTV [2013/09/01 04:18:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies [2016/07/11 21:53:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update [2016/07/11 21:53:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour [2016/10/18 13:22:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brother [2016/10/18 13:22:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Browny02 [2016/05/07 15:27:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon [2017/03/22 19:52:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files [2016/10/18 13:21:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ControlCenter4 [2015/02/12 06:28:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink [2015/02/12 06:28:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX [2015/02/12 06:28:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DSP-worx [2014/01/30 12:58:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Easy Thumbnails [2016/09/15 16:46:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GetFLV [2016/08/19 23:55:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google [2016/10/18 13:19:54 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information [2015/10/26 01:10:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel [2015/02/12 06:28:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer [2013/09/01 04:15:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Launch Manager [2013/09/01 04:39:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office [2017/03/22 21:04:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight [2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET [2017/03/20 17:47:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox [2017/03/20 17:47:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service [2014/04/19 18:44:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild [2013/04/18 05:40:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero [2015/10/31 02:02:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation [2014/03/12 01:04:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PopupNuker [2014/10/31 01:41:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Qualcomm Atheros [2014/10/31 01:37:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek [2014/04/19 18:44:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies [2016/07/11 19:02:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller [2017/03/15 21:18:16 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype [2016/07/11 19:02:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Smart Organizing Monitor for SP 110 Series [2015/09/27 15:32:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp [2015/03/07 08:14:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VirtualDJ [2016/07/11 19:02:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent Games [2015/08/14 06:56:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender [2014/03/18 10:26:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail [2016/07/18 03:16:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player [2014/03/18 11:28:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Multimedia Platform [2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT [2014/03/18 10:26:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer [2014/03/18 11:28:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices [2014/04/19 18:03:27 | 000,000,000 | -HSD | M] -- C:\Program Files (x86)\Windows Sidebar [2013/08/22 16:36:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WindowsPowerShell [color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color] [2017/03/25 10:04:04 | 000,321,480 | ---- | M] (Mozilla Foundation) -- C:\WINDOWS\Temp\avast_ash2\Mozilla Firefox\updater.exe [2017/03/03 10:25:33 | 002,133,536 | ---- | M] (Avast Software) -- C:\WINDOWS\Temp\SafeZone Installer\installer.exe [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\*.in* >[/color] [2014/04/10 02:58:34 | 000,000,114 | ---- | M] () -- C:\WINDOWS\system32\BRLMW03A.INI [2013/08/22 02:43:03 | 000,016,284 | ---- | M] () -- C:\WINDOWS\system32\ieuinit.inf [2013/08/22 03:54:21 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll [2014/03/18 11:10:09 | 000,002,255 | ---- | M] () -- C:\WINDOWS\system32\WimBootCompress.ini [2015/03/04 02:12:52 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll [color=#A23BEC]< %systemroot%\Tasks\* >[/color] [2017/03/23 00:04:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [color=#A23BEC]< %systemroot%\Tasks\*. >[/color] [color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color] [color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color] [2013/08/22 16:36:31 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\Tasks\Microsoft [color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color] [color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color] [2015/01/06 07:51:12 | 000,212,992 | ---- | M] () -- C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-f444a0ef.exe [color=#A23BEC]< %systemroot%\system32\*.sys >[/color] [color=#A23BEC]< %temp%\*.exe /s >[/color] [2014/04/11 20:18:08 | 000,265,048 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\mccleanup.exe [2014/04/11 20:18:12 | 002,483,656 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\McClnUI.exe [2014/04/11 20:18:34 | 000,209,952 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\mfputil_x64.exe [2014/04/11 20:18:30 | 000,173,360 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\mfputil_x86.exe [2014/04/11 20:18:48 | 000,390,672 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\x64\sediag.exe [2014/04/11 20:18:42 | 000,287,696 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\MFP\x86\sediag.exe [2014/04/11 03:10:44 | 000,068,824 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\Mpf\firesvc.exe [2014/04/11 03:12:16 | 000,073,992 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\Mpf\firesvc64.exe [2014/03/18 13:41:14 | 000,627,096 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\installer.exe [2014/03/18 13:39:06 | 000,877,392 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\installer64.exe [2014/04/03 22:42:28 | 000,091,544 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore\DAInstall.exe [2014/04/03 22:52:24 | 000,489,624 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore\mfehidin.exe [2014/04/03 21:57:44 | 000,092,568 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore64\DAInstall.exe [2014/04/03 22:10:04 | 000,607,056 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore64\mfehidin.exe [2014/04/03 22:42:28 | 000,091,544 | ---- | M] (McAfee, Inc.) -- C:\Users\JEANYV~1\AppData\Local\Temp\MCPR\VS\vscore64\x86\DAInstall.exe [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2013/05/30 13:26:40 | 000,202,752 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\LavFilters\UltimateCodec.exe [2015/05/05 23:27:01 | 001,818,112 | ---- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Roaming\ZHP\ZHPCleaner.exe [color=#A23BEC]< %LocalAppData%\* >[/color] [2017/03/24 09:07:50 | 000,123,216 | -H-- | M] () -- C:\Users\JEAN YVES PORTABLE\AppData\Local\IconCache.db [color=#A23BEC]< %LocalAppData%\*. >[/color] [2014/01/26 09:29:50 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Acer [2014/01/26 09:28:46 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AcerCloud [2017/01/26 13:18:30 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Adobe [2016/07/11 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\adslTV [2015/02/02 08:48:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AOP SDK [2015/04/28 17:02:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple [2015/04/28 17:04:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apple Computer [2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Application Data [2015/04/02 05:52:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Apps [2017/03/20 08:54:10 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\AVAST Software [2016/03/08 21:44:34 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\CEF [2015/10/31 01:38:33 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\clear.fi [2014/01/26 09:26:42 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiMedia [2014/01/26 09:24:12 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ClearfiPhoto [2017/02/16 10:16:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Diagnostics [2014/01/26 09:27:35 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Doc [2017/02/18 13:57:53 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\ElevatedDiagnostics [2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieBrowserModeList [2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieSiteList [2016/03/10 15:29:02 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\EmieUserList [2016/10/31 02:57:23 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Google [2016/03/03 08:51:56 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\GWX [2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Historique [2016/03/04 13:17:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Macromedia [2016/09/15 16:30:51 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft [2014/01/22 19:55:02 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Mozilla [2016/03/03 21:30:18 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Nico Mak Computing [2016/09/15 16:51:22 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Packages [2016/03/12 08:33:16 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Programs [2016/07/11 21:59:20 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Skype [2017/03/25 11:14:00 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temp [2014/04/19 18:00:54 | 000,000,000 | -HSD | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Temporary Internet Files [2017/01/27 03:19:15 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\tkdata [2017/03/20 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber [2016/01/19 13:16:01 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\VirtualStore [2016/01/19 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\WinZip [2017/03/21 00:11:45 | 000,000,000 | ---D | M] -- C:\Users\JEAN YVES PORTABLE\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64} [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2017/01/26 13:18:13 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini [2013/06/18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2017/03/25 10:27:25 | 000,000,581 | ---- | M] () -- C:\DelFix.txt [2017/03/23 00:03:46 | 3283,525,632 | -HS- | M] () -- C:\hiberfil.sys [2017/03/24 09:06:33 | 2082,017,280 | -HS- | M] () -- C:\pagefile.sys [2017/03/25 11:16:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2017/03/23 00:03:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2014/08/23 08:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe [2014/09/14 22:53:20 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe [2014/09/14 22:58:30 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe [2014/06/26 15:52:42 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe [2014/09/14 22:53:17 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe [2014/05/08 23:08:25 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe [2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\WINDOWS\SysWOW64\explorer.exe [2015/01/28 00:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe [2014/08/23 08:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe [2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\WINDOWS\explorer.exe [2015/01/28 00:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe [2014/09/14 22:58:27 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\WINDOWS\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2014/03/28 16:58:34 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe [2014/06/26 15:45:50 | 000,082,895 | ---- | M] () MD5=892D1838D0C77D4734F7E21F064CD06C -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe [2015/04/08 23:55:21 | 000,410,128 | ---- | M] (Microsoft Corporation) MD5=E0C7813A97CA7947FF5C18A8F3B61A45 -- C:\WINDOWS\SysNative\services.exe [2015/04/08 23:55:21 | 000,410,128 | ---- | M] (Microsoft Corporation) MD5=E0C7813A97CA7947FF5C18A8F3B61A45 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17794_none_2fcc465dd0a27017\services.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\WINDOWS\SysWOW64\svchost.exe [2013/08/22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\WINDOWS\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe [2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe [2013/08/22 13:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe [2013/08/22 11:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe [2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\WINDOWS\SysWOW64\userinit.exe [2013/08/22 03:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\WINDOWS\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2014/03/18 11:09:53 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe [2015/10/05 19:25:35 | 000,572,928 | ---- | M] (Microsoft Corporation) MD5=3F8645885823692D93765817759BE21C -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18083_none_60802d95a8e9a4df\winlogon.exe [2016/01/05 16:00:41 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\WINDOWS\SysNative\winlogon.exe [2016/01/05 16:00:41 | 000,570,880 | ---- | M] (Microsoft Corporation) MD5=B1102BBDDD9C87B3D609D6C08F7A3DBD -- C:\WINDOWS\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.18188_none_608530eda8e520b9\winlogon.exe [color=#E56717]========== Base Services ==========[/color] SRV:[b]64bit:[/b] - [2014/03/18 11:09:51 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\aelupsvc.dll -- (AeLookupSvc) SRV:[b]64bit:[/b] - [2016/01/31 19:07:53 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\appinfo.dll -- (Appinfo) SRV:[b]64bit:[/b] - [2013/08/22 10:53:13 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\alg.exe -- (ALG) SRV:[b]64bit:[/b] - [2013/08/22 11:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\qmgr.dll -- (BITS) SRV:[b]64bit:[/b] - [2016/02/05 16:11:53 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\BFE.DLL -- (BFE) SRV:[b]64bit:[/b] - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\keyiso.dll -- (KeyIso) SRV - [2013/08/22 03:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2013/08/22 10:40:30 | 000,468,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\es.dll -- (EventSystem) SRV - [2013/08/22 03:38:29 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\es.dll -- (EventSystem) SRV:[b]64bit:[/b] - [2014/07/24 10:21:23 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\browser.dll -- (Browser) SRV:[b]64bit:[/b] - [2013/08/22 11:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\cryptsvc.dll -- (CryptSvc) SRV:[b]64bit:[/b] - [2016/01/27 16:18:50 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\rpcss.dll -- (DcomLaunch) SRV:[b]64bit:[/b] - [2014/04/30 05:23:54 | 000,353,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\dhcpcore.dll -- (Dhcp) SRV - [2014/04/30 04:46:07 | 000,285,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\dhcpcore.dll -- (Dhcp) SRV:[b]64bit:[/b] - [2014/04/19 18:48:02 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\dnsrslvr.dll -- (Dnscache) SRV:[b]64bit:[/b] - [2013/08/22 10:44:18 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\eapsvc.dll -- (Eaphost) SRV:[b]64bit:[/b] - [2013/08/22 12:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\hidserv.dll -- (hidserv) SRV - [2013/08/22 05:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\hidserv.dll -- (hidserv) SRV:[b]64bit:[/b] - [2014/03/18 11:09:57 | 000,433,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\ipnathlp.dll -- (SharedAccess) SRV:[b]64bit:[/b] - [2016/05/12 16:59:54 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\IPSECSVC.DLL -- (PolicyAgent) No service found with a name of MsMpSvc No service found with a name of NisSrv SRV:[b]64bit:[/b] - [2014/03/27 04:15:43 | 000,718,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\swprv.dll -- (swprv) SRV:[b]64bit:[/b] - [2013/08/22 10:54:27 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\SysNative\mmcss.dll -- (MMCSS) SRV:[b]64bit:[/b] - [2013/08/22 10:05:22 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\netman.dll -- (Netman) SRV:[b]64bit:[/b] - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2014/12/06 02:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\nlasvc.dll -- (NlaSvc) SRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\nsisvc.dll -- (nsi) SRV:[b]64bit:[/b] - [2014/04/19 18:48:03 | 000,115,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\umpnpmgr.dll -- (PlugPlay) SRV:[b]64bit:[/b] - [2014/07/24 09:18:34 | 000,795,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\spoolsv.exe -- (Spooler) No service found with a name of ProtectedStorage No service found with a name of EMDMgmt SRV:[b]64bit:[/b] - [2013/08/22 12:22:30 | 000,101,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\rasauto.dll -- (RasAuto) SRV:[b]64bit:[/b] - [2014/03/18 11:09:57 | 000,534,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\rasmans.dll -- (RasMan) SRV:[b]64bit:[/b] - [2016/01/27 16:18:50 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\rpcss.dll -- (RpcSs) SRV:[b]64bit:[/b] - [2016/02/06 19:08:28 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\seclogon.dll -- (seclogon) SRV:[b]64bit:[/b] - [2013/08/22 14:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\lsass.exe -- (SamSs) SRV:[b]64bit:[/b] - [2016/01/06 17:47:23 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wscsvc.dll -- (wscsvc) SRV:[b]64bit:[/b] - [2014/07/24 10:03:18 | 000,324,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\srvsvc.dll -- (LanmanServer) SRV:[b]64bit:[/b] - [2013/08/22 10:24:27 | 000,629,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\shsvcs.dll -- (ShellHWDetection) SRV - [2013/08/22 03:27:04 | 000,564,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\shsvcs.dll -- (ShellHWDetection) No service found with a name of slsvc SRV:[b]64bit:[/b] - [2015/08/01 04:38:35 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\schedsvc.dll -- (Schedule) SRV:[b]64bit:[/b] - [2013/08/22 11:55:30 | 000,306,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\tapisrv.dll -- (TapiSrv) SRV - [2013/08/22 04:33:38 | 000,248,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\tapisrv.dll -- (TapiSrv) SRV:[b]64bit:[/b] - [2013/08/22 11:00:18 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\themeservice.dll -- (Themes) SRV:[b]64bit:[/b] - [2015/07/09 17:14:45 | 000,228,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\profsvc.dll -- (ProfSvc) SRV:[b]64bit:[/b] - [2016/02/05 15:46:47 | 001,455,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\VSSVC.exe -- (VSS) SRV:[b]64bit:[/b] - [2015/05/30 20:35:47 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\audiosrv.dll -- (Audiosrv) SRV:[b]64bit:[/b] - [2015/05/30 20:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) No service found with a name of SDRSVC SRV:[b]64bit:[/b] - [2015/07/07 10:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2015/03/06 03:47:37 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wevtsvc.dll -- (EventLog) SRV:[b]64bit:[/b] - [2013/08/22 10:23:55 | 000,878,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\MPSSVC.dll -- (MpsSvc) SRV:[b]64bit:[/b] - [2013/08/22 11:39:20 | 000,634,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wiaservc.dll -- (stisvc) SRV:[b]64bit:[/b] - [2015/06/15 23:41:04 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver) SRV - [2015/06/15 22:16:41 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver) SRV:[b]64bit:[/b] - [2013/08/22 10:48:04 | 000,220,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wbem\WMIsvc.dll -- (Winmgmt) SRV:[b]64bit:[/b] - [2016/02/12 16:14:02 | 003,708,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysNative\wuaueng.dll -- (wuauserv) SRV:[b]64bit:[/b] - [2013/08/22 11:30:45 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\dot3svc.dll -- (dot3svc) SRV:[b]64bit:[/b] - [2014/07/24 09:32:47 | 001,532,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wlansvc.dll -- (WlanSvc) SRV:[b]64bit:[/b] - [2013/08/22 10:54:22 | 000,284,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\wkssvc.dll -- (LanmanWorkstation) [color=#A23BEC]< dir "%Homedrive%\*" /S /A:L /C >[/color] Le volume dans le lecteur C s'appelle Acer Le num ro de s rie du volume est 24EB-0334 R pertoire de C:\ 22/08/2013 15:45 <JUNCTION> Documents and Settings [C:\Users] 0 fichier(s) 0 octets R pertoire de C:\Program Files 22/01/2014 01:44 <JUNCTION> Fichiers communs [C:\Program Files\Common Files] 0 fichier(s) 0 octets R pertoire de C:\Program Files\Windows NT 19/04/2014 18:16 <JUNCTION> Accessoires [C:\Program Files\Windows NT\Accessories] 0 fichier(s) 0 octets R pertoire de C:\Program Files (x86)\Common Files\AV 27/01/2017 15:17 <SYMLINKD> avast! Antivirus [C:\Program Files\Common Files\AV\avast! Antivirus] 0 fichier(s) 0 octets R pertoire de C:\ProgramData 22/08/2013 15:45 <JUNCTION> Application Data [C:\ProgramData] 22/01/2014 01:44 <JUNCTION> Bureau [C:\Users\Public\Desktop] 22/08/2013 15:45 <JUNCTION> Desktop [C:\Users\Public\Desktop] 22/08/2013 15:45 <JUNCTION> Documents [C:\Users\Public\Documents] 22/01/2014 01:44 <JUNCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu] 22/01/2014 01:44 <JUNCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 15:45 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 15:45 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 fichier(s) 0 octets R pertoire de C:\ProgramData\Microsoft\Windows\Start Menu 22/01/2014 01:44 <JUNCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R pertoire de C:\Users 22/08/2013 15:45 <SYMLINKD> All Users [C:\ProgramData] 22/08/2013 15:45 <JUNCTION> Default User [C:\Users\Default] 0 fichier(s) 0 octets R pertoire de C:\Users\All Users 22/08/2013 15:45 <JUNCTION> Application Data [C:\ProgramData] 22/01/2014 01:44 <JUNCTION> Bureau [C:\Users\Public\Desktop] 22/08/2013 15:45 <JUNCTION> Desktop [C:\Users\Public\Desktop] 22/08/2013 15:45 <JUNCTION> Documents [C:\Users\Public\Documents] 22/01/2014 01:44 <JUNCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu] 22/01/2014 01:44 <JUNCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 15:45 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 15:45 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 fichier(s) 0 octets R pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu 22/01/2014 01:44 <JUNCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R pertoire de C:\Users\Default 22/08/2013 15:45 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming] 22/08/2013 15:45 <JUNCTION> Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies] 22/08/2013 15:45 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local] 19/04/2014 18:16 <JUNCTION> Menu D marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 19/04/2014 18:16 <JUNCTION> Mes documents [C:\Users\Default\Documents] 19/04/2014 18:16 <JUNCTION> Mod`les [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 22/08/2013 15:45 <JUNCTION> My Documents [C:\Users\Default\Documents] 22/08/2013 15:45 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 22/08/2013 15:45 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 15:45 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 22/08/2013 15:45 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 22/08/2013 15:45 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 22/08/2013 15:45 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 19/04/2014 18:16 <JUNCTION> Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 19/04/2014 18:16 <JUNCTION> Voisinage r seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R pertoire de C:\Users\Default\AppData\Local 22/08/2013 15:45 <JUNCTION> Application Data [C:\Users\Default\AppData\Local] 19/04/2014 18:16 <JUNCTION> Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 15:45 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 15:45 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R pertoire de C:\Users\Default\AppData\Local\Microsoft\Windows 22/08/2013 15:45 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 19/04/2014 18:16 <JUNCTION> Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R pertoire de C:\Users\Default\Documents 19/04/2014 18:16 <JUNCTION> Ma musique [C:\Users\Default\Music] 19/04/2014 18:16 <JUNCTION> Mes images [C:\Users\Default\Pictures] 19/04/2014 18:16 <JUNCTION> Mes vid os [C:\Users\Default\Videos] 22/08/2013 15:45 <JUNCTION> My Music [C:\Users\Default\Music] 22/08/2013 15:45 <JUNCTION> My Pictures [C:\Users\Default\Pictures] 22/08/2013 15:45 <JUNCTION> My Videos [C:\Users\Default\Videos] 0 fichier(s) 0 octets R pertoire de C:\Users\JEAN YVES PORTABLE 19/04/2014 18:00 <JUNCTION> Recent [C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Microsoft\Windows\Recent] 0 fichier(s) 0 octets R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local 19/04/2014 18:00 <JUNCTION> Application Data [C:\Users\JEAN YVES PORTABLE\AppData\Local] 19/04/2014 18:00 <JUNCTION> Historique [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\History] 19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows 19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache 19/04/2014 21:51 <JUNCTION> Content.IE5 [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 fichier(s) 0 octets R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache\Low 25/06/2014 09:50 <JUNCTION> Content.IE5 [C:\Users\JEAN YVES PORTABLE\AppData\Local\Microsoft\Windows\INetCache\Low\IE\] 0 fichier(s) 0 octets R pertoire de C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Microsoft\Windows\Start Menu 19/04/2014 18:00 <JUNCTION> Programmes [C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R pertoire de C:\Users\Public\Documents 22/01/2014 01:44 <JUNCTION> Ma musique [C:\Users\Public\Music] 22/01/2014 01:44 <JUNCTION> Mes images [C:\Users\Public\Pictures] 22/01/2014 01:44 <JUNCTION> Mes vid os [C:\Users\Public\Videos] 22/08/2013 15:45 <JUNCTION> My Music [C:\Users\Public\Music] 22/08/2013 15:45 <JUNCTION> My Pictures [C:\Users\Public\Pictures] 22/08/2013 15:45 <JUNCTION> My Videos [C:\Users\Public\Videos] 0 fichier(s) 0 octets R pertoire de C:\Users\UpdatusUser 19/04/2014 18:00 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming] 19/04/2014 18:00 <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCookies] 19/04/2014 18:00 <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local] 19/04/2014 18:00 <JUNCTION> Menu D marrer [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu] 19/04/2014 18:00 <JUNCTION> Mes documents [C:\Users\UpdatusUser\Documents] 19/04/2014 18:00 <JUNCTION> Mod`les [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates] 19/04/2014 18:00 <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent] 19/04/2014 18:00 <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo] 19/04/2014 18:00 <JUNCTION> Voisinage d'impression [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 19/04/2014 18:00 <JUNCTION> Voisinage r seau [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 0 fichier(s) 0 octets R pertoire de C:\Users\UpdatusUser\AppData\Local 19/04/2014 18:00 <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local] 19/04/2014 18:00 <JUNCTION> Historique [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History] 19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R pertoire de C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows 19/04/2014 18:00 <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\INetCache] 0 fichier(s) 0 octets R pertoire de C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu 19/04/2014 18:00 <JUNCTION> Programmes [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 fichier(s) 0 octets R pertoire de C:\Users\UpdatusUser\Documents 19/04/2014 18:00 <JUNCTION> Ma musique [C:\Users\UpdatusUser\Music] 19/04/2014 18:00 <JUNCTION> Mes images [C:\Users\UpdatusUser\Pictures] 19/04/2014 18:00 <JUNCTION> Mes vid os [C:\Users\UpdatusUser\Videos] 0 fichier(s) 0 octets R pertoire de C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache 19/04/2014 21:53 <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 fichier(s) 0 octets R pertoire de C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache 19/04/2014 21:53 <JUNCTION> Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 fichier(s) 0 octets Total des fichiers list sÿ: 0 fichier(s) 0 octets 85 R p(s) 581ÿ738ÿ643ÿ456 octets libres [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 220 bytes -> C:\Users\JEAN YVES PORTABLE\OneDrive:ms-properties @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:AD022376 < End of report >