OTL.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 29/02/2016 17:46:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\samsung\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18204)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,71 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 35,11% Memory free
7,41 Gb Paging File | 4,53 Gb Available in Paging File | 61,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 23,50 Gb Free Space | 24,07% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 134,63 Gb Free Space | 91,91% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 221,24 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

Computer Name: SAMSUNG-PC | User Name: samsung | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/02/29 17:45:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe
PRC - [2016/02/26 17:32:42 | 007,431,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2016/02/26 17:32:36 | 000,241,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/02/18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016/01/07 08:53:04 | 000,859,672 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
PRC - [2016/01/07 08:52:26 | 000,888,344 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2016/01/07 08:50:52 | 000,413,208 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/11/16 00:27:59 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Microsoft\BingSvc\BingSvc.exe
PRC - [2015/10/26 20:00:00 | 001,143,008 | R--- | M] (Nico Mak Computing) -- C:\Program Files\WinZip\WZUpdateNotifier.exe
PRC - [2015/02/03 18:59:20 | 000,695,528 | ---- | M] (Zbshareware Lab) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe
PRC - [2013/09/16 11:18:28 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/09/16 11:17:42 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2013/07/23 04:47:24 | 000,239,696 | ---- | M] () -- C:\ProgramData\MobileBrServ\mbbService.exe
PRC - [2009/06/11 12:14:02 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/02/26 17:32:38 | 000,470,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/02/26 17:32:38 | 000,123,344 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2016/02/26 17:32:38 | 000,123,344 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\log.dll
MOD - [2016/02/26 17:32:36 | 000,133,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/02/26 17:32:36 | 000,133,768 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll
MOD - [2016/02/18 05:15:11 | 016,808,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll
MOD - [2016/02/18 05:14:44 | 001,630,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
MOD - [2016/02/18 05:14:32 | 000,085,656 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
MOD - [2016/02/11 17:18:34 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\0897821095be498cf13595c53c7ecf2e\JSON.ni.dll
MOD - [2016/02/11 17:18:26 | 001,527,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\6bf6f884857bf0c99d27303af01b369c\HD-Agent.ni.exe
MOD - [2016/02/11 17:15:41 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\25433ee5d09d563da10280c1343511f9\System.Web.ni.dll
MOD - [2016/02/11 17:15:10 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b622d3d64bb24842fc7c9308a559ab1a\System.Windows.Forms.ni.dll
MOD - [2016/02/11 17:15:03 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ca97db61d7b1564dd115248a1439194e\System.Drawing.ni.dll
MOD - [2016/02/11 17:02:25 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d6204638b750d650b7cbb3278a5954eb\System.Xml.ni.dll
MOD - [2016/02/11 17:02:19 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ae206eff0a9816475cd7dd3d680faa48\System.Configuration.ni.dll
MOD - [2016/02/11 17:02:15 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ef80bf7db724bb3ab5fea4c0e2117cae\System.ni.dll
MOD - [2015/11/19 19:35:04 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/01/30 19:44:34 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\USB Disk Security\locales\french.dll
MOD - [2014/11/09 22:41:52 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013/07/08 13:44:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 03:00:03 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:[b]64bit:[/b] - [2016/02/26 17:32:36 | 000,241,760 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2016/01/22 07:27:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013/08/27 13:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/08/27 13:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/02/10 00:47:59 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/01/19 20:46:07 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/01/07 08:53:04 | 000,859,672 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2016/01/07 08:50:52 | 000,413,208 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2016/01/07 08:49:58 | 000,433,688 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/16 11:18:28 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/16 11:17:42 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/07/23 04:47:24 | 000,239,696 | ---- | M] () [Auto | Running] -- C:\ProgramData\MobileBrServ\mbbService.exe -- (Mobile Broadband HL Service)
SRV - [2012/12/24 01:22:36 | 000,277,640 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:46 | 000,166,432 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,463,744 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,287,528 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:45 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2016/02/26 17:32:29 | 001,070,904 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2015/06/11 18:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/02/13 13:10:16 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap)
DRV:[b]64bit:[/b] - [2014/04/09 21:05:52 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:[b]64bit:[/b] - [2013/09/23 23:42:52 | 004,021,248 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2013/09/16 11:17:42 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/02/12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2012/12/20 13:18:50 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,079,872 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_cdc_acm.sys -- (hspa_zi_cdc_acm)
DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,058,880 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_cdc_ecm.sys -- (hspa_zi_cdc_ecm)
DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,056,320 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_ecm_enum_filter.sys -- (hspa_zi_ecm_enum_filter)
DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,056,320 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_ecm_enum.sys -- (hspa_zi_ecm_enum)
DRV:[b]64bit:[/b] - [2012/02/14 08:25:52 | 000,010,240 | ---- | M] (HSPA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hspa_zi_wcpo.sys -- (hspa_zi_wcpo)
DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2016/01/07 08:50:34 | 000,154,680 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1416000717&from=cor&uid=ST500LT012-9WS142_S0V5B6Z7XXXXS0V5B6Z7
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1416000717&from=cor&uid=ST500LT012-9WS142_S0V5B6Z7XXXXS0V5B6Z7&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1416000717&from=cor&uid=ST500LT012-9WS142_S0V5B6Z7XXXXS0V5B6Z7&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggadg4LWAtEQhgUeFxZTA0UFg0OeFgLUBRHEVYbIg4NUV8XQFAFIk0FA1ADB0VXfVBdFElXTwhkMlxZFX8YT1E=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAOVgpIEwBAbQ4ABFhcFVAUeBQAAApADAMTIwFaVgxBR1NCJR9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2514}: "URL" = http://www.default-search.net/search?sid=514&aid=101&itype=n&ver=14074&tm=505&src=ds&p={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/?serie=219&b=3&installkey=okhACWbs0rvauOVuLgtp
IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2514}: "URL" = http://www.default-search.net/search?sid=514&aid=101&itype=n&ver=14074&tm=505&src=ds&p={searchTerms}
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = http://www.globasearch.com/?serie=219&installkey=okhACWbs0rvauOVuLgtp&b=3&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/?serie=219&b=3&installkey=okhACWbs0rvauOVuLgtp
IE - HKCU\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQAOVgpIEwBAbQ4ABFhcFVAUeBQAAApADAMTIwFaVgxBR1NCJR9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2514}: "URL" = http://www.default-search.net/search?sid=514&aid=101&itype=n&ver=14074&tm=505&src=ds&p={searchTerms}
IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = http://www.globasearch.com/?serie=219&installkey=okhACWbs0rvauOVuLgtp&b=3&q={searchTerms}
IE - HKCU\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UP97
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "TN"
FF - prefs.js..browser.search.defaultengine: "Google (avast)"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search?trackid=sp-006"
FF - prefs.js..browser.search.order.1: "Google (avast)"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "TN"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.globasearch.com/?serie=219&b=2&installkey=okhACWbs0rvauOVuLgtp"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:44.0.2
FF - prefs.js..keyword.URL: "https://www.google.com/search?trackid=sp-006"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/02/26 17:32:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/02/26 17:32:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/02/26 17:32:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 44.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: enable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Market: fr-fr
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Package: DefaultPack
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\OSVersion: 6.1.7601.1
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\LVersion: 1.7.46.0
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\MFVersion: MF38.0.1 (x86 fr)

[2014/10/18 14:58:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samsung\AppData\Roaming\mozilla\Extensions
[2016/01/30 22:27:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samsung\AppData\Roaming\mozilla\Firefox\Profiles\ktdoqs0f.default\extensions
[2015/05/28 20:57:40 | 000,000,000 | ---D | M] ("Bing Search") -- C:\Users\samsung\AppData\Roaming\mozilla\Firefox\Profiles\ktdoqs0f.default\extensions\bingsearch.full@microsoft.com
[2014/11/14 21:14:25 | 000,006,057 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\bingp.xml
[2014/10/19 17:01:06 | 000,002,579 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\default-search.xml
[2016/02/20 11:15:26 | 000,000,921 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\default.xml
[2015/12/22 12:25:25 | 000,002,428 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\mozilla\firefox\profiles\ktdoqs0f.default\searchplugins\google-avast.xml
[2016/01/19 20:46:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016/02/12 13:00:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

O1 HOSTS File: ([2016/02/29 17:35:15 | 000,000,826 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe (Zbshareware Lab)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [BingSvc] C:\Users\samsung\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKCU..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Updates = "C:\system32\SystemProtection.exe" /e:VBScript.Encode "C:\kernel\r00t3r" (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\sdate: sdate = 33
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C0BD0C0-EFC7-4E3B-8F56-79FE82A7A9D4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35BE5A8A-E9F9-4A73-A5CC-3D9A50776E88}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69BF6DCB-4BDB-4DDF-9C1B-4ED9DFB3BBA9}: NameServer = 77.234.40.79
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E56988BA-D073-4F20-B324-D03A5B45840B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0efb5f61-6907-11e4-9c83-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{0efb5f61-6907-11e4-9c83-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0efb5f7c-6907-11e4-9c83-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{0efb5f7c-6907-11e4-9c83-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0f4758f2-dead-11e4-8feb-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{0f4758f2-dead-11e4-8feb-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3c5cdf38-91cd-11e4-aadb-001e101f1ed9}\Shell - "" = AutoRun
O33 - MountPoints2\{3c5cdf38-91cd-11e4-aadb-001e101f1ed9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7d9c98f1-7b12-11e4-96a8-1867b08284d1}\Shell - "" = AutoRun
O33 - MountPoints2\{7d9c98f1-7b12-11e4-96a8-1867b08284d1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7ee42647-8a2d-11e4-8b66-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{7ee42647-8a2d-11e4-8b66-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7ee42655-8a2d-11e4-8b66-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{7ee42655-8a2d-11e4-8b66-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8aa1859c-7a49-11e4-aa38-001e101f50a4}\Shell - "" = AutoRun
O33 - MountPoints2\{8aa1859c-7a49-11e4-aa38-001e101f50a4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8aa185b0-7a49-11e4-aa38-001e101f50a4}\Shell - "" = AutoRun
O33 - MountPoints2\{8aa185b0-7a49-11e4-aa38-001e101f50a4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{b407d402-59fc-11e4-a9dc-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{b407d402-59fc-11e4-a9dc-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ba9312ed-5792-11e4-991c-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{ba9312ed-5792-11e4-991c-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ba931302-5792-11e4-991c-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{ba931302-5792-11e4-991c-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c9b3ff61-5b9c-11e4-b82d-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{c9b3ff61-5b9c-11e4-b82d-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c9b3ff71-5b9c-11e4-b82d-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{c9b3ff71-5b9c-11e4-b82d-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c9b400ae-5b9c-11e4-b82d-001e101f7fb6}\Shell - "" = AutoRun
O33 - MountPoints2\{c9b400ae-5b9c-11e4-b82d-001e101f7fb6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c9b9d321-7984-11e4-bfc5-1867b08284d2}\Shell - "" = AutoRun
O33 - MountPoints2\{c9b9d321-7984-11e4-bfc5-1867b08284d2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e3781a9a-7a57-11e4-8aeb-001e101f57d0}\Shell - "" = AutoRun
O33 - MountPoints2\{e3781a9a-7a57-11e4-8aeb-001e101f57d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e3781aa8-7a57-11e4-8aeb-001e101f57d0}\Shell - "" = AutoRun
O33 - MountPoints2\{e3781aa8-7a57-11e4-8aeb-001e101f57d0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ea09050a-7f23-11e4-9920-001e101f1838}\Shell - "" = AutoRun
O33 - MountPoints2\{ea09050a-7f23-11e4-9920-001e101f1838}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/02/29 17:44:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe
[2016/02/29 01:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2016/02/29 01:37:47 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\WinZip
[2016/02/29 01:35:02 | 000,000,000 | ---D | C] -- C:\Users\samsung\Documents\Add-in Express
[2016/02/29 01:32:35 | 000,685,752 | ---- | C] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20_01net.exe
[2016/02/29 01:29:20 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\assembly
[2016/02/29 01:25:48 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\Nico Mak Computing
[2016/02/29 01:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2016/02/29 01:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2016/02/29 01:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\UniqueId
[2016/02/29 01:20:28 | 000,706,016 | ---- | C] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20.exe
[2016/02/26 17:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2016/02/26 17:32:47 | 000,398,152 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2016/02/26 17:32:38 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2016/02/24 22:45:30 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\Saut-longueur
[2016/02/24 00:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2016/02/24 00:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2016/02/22 21:36:22 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\Nouveau dossier
[2016/02/20 22:20:00 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\fr
[2016/02/19 13:55:33 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\prog mental
[2016/02/18 21:41:15 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\eps
[2016/02/11 21:20:06 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2016/02/11 16:51:03 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016/02/11 16:51:03 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016/02/11 16:51:03 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016/02/11 16:51:03 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016/02/11 16:51:03 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016/02/11 16:51:03 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016/02/11 16:51:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016/02/11 16:51:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016/02/11 16:51:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016/02/11 16:51:03 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016/02/11 16:51:03 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016/02/11 16:51:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016/02/11 16:51:01 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016/02/11 16:51:01 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016/02/11 16:51:01 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016/02/11 16:51:01 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016/02/11 16:51:00 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016/02/11 16:51:00 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016/02/11 16:51:00 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016/02/11 16:51:00 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016/02/11 16:51:00 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016/02/11 16:51:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016/02/11 16:50:59 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016/02/11 16:50:59 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016/02/11 16:50:58 | 002,123,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016/02/11 16:50:58 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016/02/11 16:50:57 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016/02/11 16:50:57 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016/02/11 16:50:57 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016/02/11 16:50:57 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016/02/11 16:50:56 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016/02/11 16:50:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016/02/11 16:50:54 | 006,052,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016/02/11 16:50:54 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016/02/11 16:50:54 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016/02/11 16:50:54 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016/02/11 16:50:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016/02/11 16:50:52 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016/02/11 16:50:52 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016/02/11 16:49:02 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016/02/11 16:49:01 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016/02/11 16:49:01 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016/02/11 16:49:00 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016/02/11 10:33:40 | 002,085,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2016/02/11 10:33:17 | 005,573,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016/02/11 10:33:17 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2016/02/11 10:33:17 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2016/02/11 10:33:17 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2016/02/11 10:33:17 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2016/02/11 10:33:16 | 001,733,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016/02/11 10:33:16 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016/02/11 10:33:15 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxoci.dll
[2016/02/11 10:33:14 | 003,993,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016/02/11 10:33:14 | 003,938,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016/02/11 10:33:14 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016/02/11 10:33:14 | 000,880,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016/02/11 10:33:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxoci.dll
[2016/02/11 10:33:13 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2016/02/11 10:33:10 | 001,461,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016/02/11 10:33:10 | 001,214,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016/02/11 10:33:09 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016/02/11 10:33:09 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016/02/11 10:33:08 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016/02/11 10:33:08 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016/02/11 10:33:08 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016/02/11 10:33:08 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016/02/11 10:33:08 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016/02/11 10:33:08 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016/02/11 10:33:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016/02/11 10:33:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016/02/11 10:33:06 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016/02/11 10:33:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016/02/11 10:33:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016/02/11 10:33:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016/02/11 10:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016/02/11 10:33:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016/02/11 10:33:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016/02/11 10:33:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016/02/11 10:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016/02/11 10:33:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016/02/11 10:33:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/02/11 10:33:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016/02/11 10:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016/02/11 10:33:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016/02/11 10:33:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016/02/11 10:33:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016/02/11 10:33:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016/02/11 10:33:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016/02/11 10:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016/02/11 10:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016/02/11 10:33:03 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016/02/11 10:33:03 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016/02/11 10:33:03 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016/02/11 10:33:03 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016/02/11 10:33:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016/02/11 10:33:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016/02/11 10:33:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016/02/11 10:33:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016/02/11 10:33:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016/02/11 10:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016/02/11 10:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016/02/11 10:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016/02/11 10:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016/02/11 10:33:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016/02/11 10:23:51 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2016/02/11 10:23:51 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2016/02/11 10:23:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2016/02/08 19:59:25 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\divers
[2016/02/05 22:31:01 | 000,000,000 | ---D | C] -- C:\Users\samsung\Desktop\quran
[2016/02/03 23:04:27 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\Program4Pc
[2016/02/03 23:02:47 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Local\Downloaded Installations
[2 C:\Users\samsung\Desktop\*.tmp files -> C:\Users\samsung\Desktop\*.tmp -> ]
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/02/29 17:50:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/02/29 17:46:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/02/29 17:45:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe
[2016/02/29 17:45:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/02/29 17:35:15 | 000,000,826 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2016/02/29 16:43:25 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/02/29 16:43:25 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/02/29 16:40:30 | 001,579,478 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/02/29 16:40:30 | 000,721,802 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2016/02/29 16:40:30 | 000,619,146 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/02/29 16:40:30 | 000,138,884 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2016/02/29 16:40:30 | 000,107,466 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/02/29 16:34:56 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/02/29 16:34:45 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\DriverToolkit Autorun.job
[2016/02/29 16:34:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/02/29 16:34:21 | 2984,931,328 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/29 01:37:57 | 000,002,309 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2016/02/29 01:37:57 | 000,002,301 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk
[2016/02/29 01:37:57 | 000,001,973 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk
[2016/02/29 01:37:57 | 000,001,968 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk
[2016/02/29 01:33:44 | 000,685,752 | ---- | M] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20_01net.exe
[2016/02/29 01:20:31 | 000,706,016 | ---- | M] (WinZip Computing, S.L.) -- C:\Users\samsung\Desktop\winzip20.exe
[2016/02/29 01:19:38 | 001,369,706 | ---- | M] () -- C:\Users\samsung\Desktop\rugby.pdf
[2016/02/29 01:15:47 | 017,337,069 | ---- | M] () -- C:\Users\samsung\Desktop\fiches pédago.rar
[2016/02/29 01:01:37 | 000,118,215 | ---- | M] () -- C:\Users\samsung\Desktop\1IwFzE5WXoz6f_t3gSV-16X_LoQ.jpg
[2016/02/29 01:00:28 | 000,044,551 | ---- | M] () -- C:\Users\samsung\Desktop\1003781-Mike_Powell.jpg
[2016/02/28 18:41:14 | 000,059,334 | ---- | M] () -- C:\Users\samsung\Desktop\12794630_607862499364981_1780157688132072237_n.jpg
[2016/02/28 17:28:14 | 000,609,422 | ---- | M] () -- C:\Users\samsung\Desktop\Effect_of_a_psychological_skills_trainin.pdf
[2016/02/28 17:06:06 | 001,391,105 | ---- | M] () -- C:\Users\samsung\Desktop\corpsfp01.pdf
[2016/02/27 00:58:19 | 000,139,411 | ---- | M] () -- C:\Users\samsung\Desktop\10152403_232502303617217_2145859725_n.jpg
[2016/02/27 00:56:13 | 000,090,797 | ---- | M] () -- C:\Users\samsung\Desktop\12074899_954698271256535_3870704955156118593_n.jpg
[2016/02/27 00:56:04 | 000,058,523 | ---- | M] () -- C:\Users\samsung\Desktop\12036928_954696281256734_5092200780918204481_n.jpg
[2016/02/27 00:55:45 | 000,092,783 | ---- | M] () -- C:\Users\samsung\Desktop\12096230_954680564591639_5794214860775811825_n.jpg
[2016/02/26 17:32:46 | 000,166,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2016/02/26 17:32:45 | 000,463,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2016/02/26 17:32:45 | 000,398,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2016/02/26 17:32:45 | 000,287,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2016/02/26 17:32:45 | 000,107,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2016/02/26 17:32:45 | 000,103,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2016/02/26 17:32:45 | 000,074,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2016/02/26 17:32:45 | 000,037,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2016/02/26 17:32:38 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2016/02/26 17:32:29 | 001,070,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2016/02/26 16:18:41 | 000,559,267 | ---- | M] () -- C:\Users\samsung\Desktop\E0322227.pdf
[2016/02/26 15:08:01 | 000,109,457 | ---- | M] () -- C:\Users\samsung\Desktop\sophrologie_0910_1245326263447.pdf
[2016/02/26 13:51:54 | 004,353,115 | ---- | M] () -- C:\Users\samsung\Desktop\GLS_syllabus060613_ok.pdf
[2016/02/23 14:28:32 | 001,513,324 | ---- | M] () -- C:\Users\samsung\Desktop\APE_2015020316293706.pdf
[2016/02/19 13:33:19 | 000,293,158 | ---- | M] () -- C:\Users\samsung\Desktop\Joueur de demain.pdf
[2016/02/17 23:16:22 | 000,018,206 | ---- | M] () -- C:\Users\samsung\Desktop\12715457_1671782459744843_3961137504102243830_n.jpg
[2016/02/15 00:23:11 | 000,142,338 | ---- | M] () -- C:\Users\samsung\Desktop\rappor d'avancement.pdf
[2016/02/12 18:05:46 | 000,107,039 | ---- | M] () -- C:\Users\samsung\Desktop\56bdf0e9c36188c3648b45c4.jpg
[2016/02/12 17:34:27 | 002,111,110 | ---- | M] () -- C:\Users\samsung\Desktop\Carta.pdf
[2016/02/11 21:38:27 | 000,107,222 | ---- | M] () -- C:\Users\samsung\Desktop\3069-sont-hormones-liees-stress.pdf
[2016/02/11 17:13:27 | 000,409,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016/02/11 14:21:36 | 000,176,495 | ---- | M] () -- C:\Users\samsung\Desktop\v10197-012-0017-y.pdf
[2016/02/11 13:46:16 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\track
[2016/02/10 12:36:01 | 000,260,113 | ---- | M] () -- C:\Users\samsung\Desktop\Salah Souissi.pdf
[2016/02/10 00:47:57 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/02/10 00:47:57 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/02/06 11:11:30 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016/02/06 11:10:21 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016/02/06 10:38:27 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016/02/06 10:37:23 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016/02/01 21:29:41 | 001,369,488 | ---- | M] () -- C:\Users\samsung\Documents\testostérone.pdf
[2 C:\Users\samsung\Desktop\*.tmp files -> C:\Users\samsung\Desktop\*.tmp -> ]
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/02/29 17:50:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/02/29 01:37:57 | 000,002,309 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2016/02/29 01:37:57 | 000,002,301 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk
[2016/02/29 01:37:57 | 000,001,973 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk
[2016/02/29 01:37:57 | 000,001,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk
[2016/02/29 01:19:31 | 001,369,706 | ---- | C] () -- C:\Users\samsung\Desktop\rugby.pdf
[2016/02/29 01:14:25 | 017,337,069 | ---- | C] () -- C:\Users\samsung\Desktop\fiches pédago.rar
[2016/02/29 01:01:36 | 000,118,215 | ---- | C] () -- C:\Users\samsung\Desktop\1IwFzE5WXoz6f_t3gSV-16X_LoQ.jpg
[2016/02/29 01:00:17 | 000,044,551 | ---- | C] () -- C:\Users\samsung\Desktop\1003781-Mike_Powell.jpg
[2016/02/28 18:41:14 | 000,059,334 | ---- | C] () -- C:\Users\samsung\Desktop\12794630_607862499364981_1780157688132072237_n.jpg
[2016/02/28 17:28:13 | 000,609,422 | ---- | C] () -- C:\Users\samsung\Desktop\Effect_of_a_psychological_skills_trainin.pdf
[2016/02/28 17:04:39 | 001,391,105 | ---- | C] () -- C:\Users\samsung\Desktop\corpsfp01.pdf
[2016/02/27 00:58:12 | 000,139,411 | ---- | C] () -- C:\Users\samsung\Desktop\10152403_232502303617217_2145859725_n.jpg
[2016/02/27 00:56:13 | 000,090,797 | ---- | C] () -- C:\Users\samsung\Desktop\12074899_954698271256535_3870704955156118593_n.jpg
[2016/02/27 00:56:04 | 000,058,523 | ---- | C] () -- C:\Users\samsung\Desktop\12036928_954696281256734_5092200780918204481_n.jpg
[2016/02/27 00:55:43 | 000,092,783 | ---- | C] () -- C:\Users\samsung\Desktop\12096230_954680564591639_5794214860775811825_n.jpg
[2016/02/26 16:18:40 | 000,559,267 | ---- | C] () -- C:\Users\samsung\Desktop\E0322227.pdf
[2016/02/26 15:08:00 | 000,109,457 | ---- | C] () -- C:\Users\samsung\Desktop\sophrologie_0910_1245326263447.pdf
[2016/02/26 13:51:52 | 004,353,115 | ---- | C] () -- C:\Users\samsung\Desktop\GLS_syllabus060613_ok.pdf
[2016/02/23 14:28:23 | 001,513,324 | ---- | C] () -- C:\Users\samsung\Desktop\APE_2015020316293706.pdf
[2016/02/19 13:33:18 | 000,293,158 | ---- | C] () -- C:\Users\samsung\Desktop\Joueur de demain.pdf
[2016/02/17 23:16:02 | 000,018,206 | ---- | C] () -- C:\Users\samsung\Desktop\12715457_1671782459744843_3961137504102243830_n.jpg
[2016/02/15 00:23:01 | 000,142,338 | ---- | C] () -- C:\Users\samsung\Desktop\rappor d'avancement.pdf
[2016/02/12 18:05:46 | 000,107,039 | ---- | C] () -- C:\Users\samsung\Desktop\56bdf0e9c36188c3648b45c4.jpg
[2016/02/12 17:32:24 | 002,111,110 | ---- | C] () -- C:\Users\samsung\Desktop\Carta.pdf
[2016/02/11 21:37:16 | 000,107,222 | ---- | C] () -- C:\Users\samsung\Desktop\3069-sont-hormones-liees-stress.pdf
[2016/02/11 14:21:36 | 000,176,495 | ---- | C] () -- C:\Users\samsung\Desktop\v10197-012-0017-y.pdf
[2016/02/11 13:46:16 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\track
[2016/02/10 12:36:01 | 000,260,113 | ---- | C] () -- C:\Users\samsung\Desktop\Salah Souissi.pdf
[2016/02/01 21:29:39 | 001,369,488 | ---- | C] () -- C:\Users\samsung\Documents\testostérone.pdf
[2015/11/21 15:57:54 | 000,000,099 | ---- | C] () -- C:\Windows\Reimage.ini
[2015/07/09 21:12:36 | 000,004,608 | ---- | C] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/02/22 23:59:36 | 001,552,872 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/10/18 17:17:04 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2014/10/18 17:17:01 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2014/10/18 17:17:01 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/10/18 14:50:31 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\Andy]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Appscion]

[HKEY_CURRENT_USER\Software\AVAST Software]

[HKEY_CURRENT_USER\Software\AVG]

[HKEY_CURRENT_USER\Software\Bluetooth Driver Installer]

[HKEY_CURRENT_USER\Software\BoBrowser]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\CyberLink]

[HKEY_CURRENT_USER\Software\DownloadManager]

[HKEY_CURRENT_USER\Software\DriverToolkit]

[HKEY_CURRENT_USER\Software\drpsu]

[HKEY_CURRENT_USER\Software\DVDVideoSoft]

[HKEY_CURRENT_USER\Software\Facebook]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\GRETECH]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\InstallCore]

[HKEY_CURRENT_USER\Software\Intel]

[HKEY_CURRENT_USER\Software\Licenses]

[HKEY_CURRENT_USER\Software\Linkey]

[HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\Magicbit]

[HKEY_CURRENT_USER\Software\malavida]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Nero]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\Nico Mak Computing]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\Opera Software]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\Program4Pc]

[HKEY_CURRENT_USER\Software\PySoft]

[HKEY_CURRENT_USER\Software\Reg]

[HKEY_CURRENT_USER\Software\RegisteredApplications]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\SkypeRS]

[HKEY_CURRENT_USER\Software\Smart Soft]

[HKEY_CURRENT_USER\Software\Softonic]

[HKEY_CURRENT_USER\Software\systweak]

[HKEY_CURRENT_USER\Software\TeleCharger]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\Unity]

[HKEY_CURRENT_USER\Software\USB Disk Security]

[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]

[HKEY_CURRENT_USER\Software\Video Download Capture]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\WinZip Computing]

[HKEY_CURRENT_USER\Software\Wow6432Node]

[HKEY_CURRENT_USER\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKLM\Software >[/color]
"FirstRun" = false
"Path" = C:\Program Files (x86)\Word to Pdf Converter 3000\Converter.exe

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\Atheros]

[HKEY_LOCAL_MACHINE\Software\ATI Technologies]

[HKEY_LOCAL_MACHINE\Software\AVAST Software]

[HKEY_LOCAL_MACHINE\Software\AVG]

[HKEY_LOCAL_MACHINE\Software\BlueStacks]

[HKEY_LOCAL_MACHINE\Software\BlueStacksGameManager]

[HKEY_LOCAL_MACHINE\Software\Clara]

[HKEY_LOCAL_MACHINE\Software\CyberLink]

[HKEY_LOCAL_MACHINE\Software\DVDVideoSoft]

[HKEY_LOCAL_MACHINE\Software\Eset]

[HKEY_LOCAL_MACHINE\Software\FlvPlayer]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\GRETECH]

[HKEY_LOCAL_MACHINE\Software\Huawei technologies]

[HKEY_LOCAL_MACHINE\Software\InstallShield]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\Internet Download Manager]

[HKEY_LOCAL_MACHINE\Software\InterVideo]

[HKEY_LOCAL_MACHINE\Software\KasperskyLab]

[HKEY_LOCAL_MACHINE\Software\Kaydara]

[HKEY_LOCAL_MACHINE\Software\KONAMIPES6]

[HKEY_LOCAL_MACHINE\Software\Licenses]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\McAfee.com]

[HKEY_LOCAL_MACHINE\Software\mcafeeupdater]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\Nero]

[HKEY_LOCAL_MACHINE\Software\Nico Mak Computing]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Opera Software]

[HKEY_LOCAL_MACHINE\Software\PySoft]

[HKEY_LOCAL_MACHINE\Software\Qualcomm Atheros]

[HKEY_LOCAL_MACHINE\Software\Reg]

[HKEY_LOCAL_MACHINE\Software\SJBBB]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\SmdmF]

[HKEY_LOCAL_MACHINE\Software\SuppHelpDir]

[HKEY_LOCAL_MACHINE\Software\sweet-pageSoftware]

[HKEY_LOCAL_MACHINE\Software\Systweak]

[HKEY_LOCAL_MACHINE\Software\TuneUp]

[HKEY_LOCAL_MACHINE\Software\VideoLAN]

[HKEY_LOCAL_MACHINE\Software\WinRAR]

[HKEY_LOCAL_MACHINE\Software\zbshareware]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2010/11/20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2014/10/18 15:34:59 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2015/05/20 13:11:55 | 000,008,998 | ---- | M] () -- C:\claraInstaller.txt
[2016/02/29 16:34:21 | 2984,931,328 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/29 16:34:20 | 3979,911,168 | -HS- | M] () -- C:\pagefile.sys
[2016/02/29 17:50:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/03 18:58:07 | 000,002,426 | ---- | M] () -- C:\RHDSetup.log
[2015/11/15 21:57:29 | 000,362,359 | RHS- | M] () -- C:\RYEBH
[2014/11/03 18:58:07 | 000,000,206 | ---- | M] () -- C:\setup.log
[2015/01/02 21:53:58 | 000,000,027 | -H-- | M] () -- C:\TraFgFr.Tra
[2014/11/04 18:55:51 | 000,192,457 | ---- | M] () -- C:\unp304067442455755891.mdmp

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2015/06/24 00:08:14 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2015/05/19 15:41:45 | 000,000,000 | ---D | M] -- C:\0bb9bc5edac2576f6a0f32a9
[2015/04/26 18:44:40 | 000,000,000 | -HSD | M] -- C:\Boot
[2016/02/29 17:38:29 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2016/02/11 21:20:06 | 000,000,000 | ---D | M] -- C:\DRIVERS
[2014/10/18 15:46:33 | 000,000,000 | ---D | M] -- C:\Intel
[2015/04/04 22:00:37 | 000,000,000 | -HSD | M] -- C:\Kernel
[2015/01/02 21:53:57 | 000,000,000 | ---D | M] -- C:\Language
[2015/11/16 01:14:31 | 000,000,000 | ---D | M] -- C:\MSDEV
[2014/10/18 14:58:24 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2016/02/29 17:35:21 | 000,000,000 | R--D | M] -- C:\Program Files
[2016/02/29 17:38:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2016/02/29 17:35:21 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014/10/18 14:42:08 | 000,000,000 | -HSD | M] -- C:\Recovery
[2016/02/29 17:50:23 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2015/04/04 22:00:38 | 000,000,000 | -HSD | M] -- C:\system32
[2015/05/22 23:50:16 | 000,000,000 | ---D | M] -- C:\Users
[2016/02/29 01:38:04 | 000,000,000 | ---D | M] -- C:\Windows
[2015/11/23 20:52:22 | 000,000,000 | ---D | M] -- C:\Windroy

[color=#A23BEC]< %Userprofile%\* >[/color]
[2016/02/29 17:58:21 | 002,621,440 | -HS- | M] () -- C:\Users\samsung\ntuser.dat
[2016/02/29 17:58:21 | 000,262,144 | -HS- | M] () -- C:\Users\samsung\ntuser.dat.LOG1
[2014/10/18 14:42:18 | 000,000,000 | -HS- | M] () -- C:\Users\samsung\ntuser.dat.LOG2
[2014/10/18 14:44:02 | 000,065,536 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2014/10/18 14:44:02 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2014/10/18 14:44:02 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2015/04/21 22:43:30 | 000,065,536 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{33804ce1-e927-11e4-aec6-1867b08284d2}.TM.blf
[2015/04/21 22:43:30 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{33804ce1-e927-11e4-aec6-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms
[2015/04/21 22:43:30 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{33804ce1-e927-11e4-aec6-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms
[2015/11/16 01:06:16 | 000,065,536 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{c98d049e-8be2-11e5-8e74-1867b08284d2}.TM.blf
[2015/11/16 01:06:16 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{c98d049e-8be2-11e5-8e74-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms
[2015/11/16 01:06:16 | 000,524,288 | -HS- | M] () -- C:\Users\samsung\ntuser.dat{c98d049e-8be2-11e5-8e74-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms
[2014/10/18 14:42:18 | 000,000,020 | -HS- | M] () -- C:\Users\samsung\ntuser.ini

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2015/11/20 18:13:56 | 000,000,000 | ---D | M] -- C:\Users\samsung\.android
[2014/10/18 14:42:18 | 000,000,000 | -H-D | M] -- C:\Users\samsung\AppData
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Application Data
[2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Contacts
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Cookies
[2016/02/29 17:45:06 | 000,000,000 | R--D | M] -- C:\Users\samsung\Desktop
[2016/02/29 01:35:02 | 000,000,000 | R--D | M] -- C:\Users\samsung\Documents
[2016/02/29 17:44:54 | 000,000,000 | R--D | M] -- C:\Users\samsung\Downloads
[2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Favorites
[2015/12/10 17:32:28 | 000,000,000 | R--D | M] -- C:\Users\samsung\Google Drive
[2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Links
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Local Settings
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Menu Démarrer
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Mes documents
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Modèles
[2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Music
[2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Pictures
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Recent
[2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Saved Games
[2015/11/20 14:53:53 | 000,000,000 | R--D | M] -- C:\Users\samsung\Searches
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\SendTo
[2015/04/27 19:05:54 | 000,000,000 | ---D | M] -- C:\Users\samsung\Tracing
[2015/12/09 16:35:37 | 000,000,000 | R--D | M] -- C:\Users\samsung\Videos
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Voisinage d'impression
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\Voisinage réseau
[2015/11/17 00:24:26 | 000,000,000 | ---D | M] -- C:\Users\samsung\youwave

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2015/04/26 14:38:47 | 000,262,144 | ---- | M] () -- C:\ProgramData\ntuser.dat
[2015/08/04 23:02:17 | 000,005,120 | -HS- | M] () -- C:\ProgramData\ntuser.dat.LOG1
[2015/04/26 14:38:47 | 000,000,000 | -HS- | M] () -- C:\ProgramData\ntuser.dat.LOG2
[2015/04/26 14:38:47 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be569566-ec0e-11e4-ae0b-1867b08284d2}.TM.blf
[2015/04/26 14:38:47 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be569566-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms
[2015/04/26 14:38:47 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be569566-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms
[2015/04/26 14:40:27 | 000,065,536 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be56957d-ec0e-11e4-ae0b-1867b08284d2}.TM.blf
[2015/04/26 14:40:27 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be56957d-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000001.regtrans-ms
[2015/04/26 14:40:27 | 000,524,288 | -HS- | M] () -- C:\ProgramData\ntuser.dat{be56957d-ec0e-11e4-ae0b-1867b08284d2}.TMContainer00000000000000000002.regtrans-ms

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2015/04/26 13:11:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2015/02/13 13:09:06 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2015/05/19 22:12:11 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG
[2016/01/22 13:40:42 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacks
[2016/01/22 14:00:13 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacksGameManager
[2016/02/29 16:40:17 | 000,000,000 | ---D | M] -- C:\ProgramData\BlueStacksSetup
[2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2015/05/19 22:10:41 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2015/12/09 16:27:43 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2015/02/13 19:36:26 | 000,000,000 | ---D | M] -- C:\ProgramData\DatacardService
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2014/10/24 17:48:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Dim@net
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2015/11/19 22:40:19 | 000,000,000 | ---D | M] -- C:\ProgramData\inf
[2014/10/18 15:25:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2015/11/15 17:49:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Logs
[2016/02/24 00:46:01 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2015/04/21 22:22:05 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2015/11/16 01:14:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2015/11/16 20:36:37 | 000,000,000 | ---D | M] -- C:\ProgramData\MobileBrServ
[2014/10/18 14:42:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2014/10/18 15:38:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2015/06/18 18:27:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero
[2015/04/28 17:07:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2014/10/18 15:27:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Qualcomm Atheros
[2015/11/16 01:14:14 | 000,000,000 | ---D | M] -- C:\ProgramData\RogueKiller
[2015/06/28 09:51:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2014/10/18 14:53:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2015/01/02 22:24:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Ultralingua7
[2016/02/29 01:20:45 | 000,000,000 | ---D | M] -- C:\ProgramData\UniqueId
[2016/02/29 01:38:19 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip

[color=#A23BEC]< %localappdata%\* >[/color]
[2015/07/09 21:12:38 | 000,004,608 | ---- | M] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/12/02 20:25:29 | 000,108,840 | ---- | M] () -- C:\Users\samsung\AppData\Local\GDIPFONTCACHEV1.DAT
[2016/02/29 13:55:36 | 015,004,781 | -H-- | M] () -- C:\Users\samsung\AppData\Local\IconCache.db

[color=#A23BEC]< %localappdata%\*. >[/color]
[2016/02/24 00:48:43 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Adobe
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\Application Data
[2016/02/29 01:29:20 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\assembly
[2015/05/19 22:11:27 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Avg
[2016/01/22 13:39:22 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Bluestacks
[2015/05/20 22:04:32 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\BoBrowser
[2015/08/01 11:13:27 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CEF
[2015/11/15 21:52:33 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CrashDumps
[2015/11/16 22:28:53 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CrashRpt
[2014/10/19 15:17:32 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\CyberLink
[2016/02/03 23:02:47 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Downloaded Installations
[2015/03/16 11:56:43 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\DriverToolkit
[2015/07/23 23:03:38 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\ElevatedDiagnostics
[2015/09/09 16:06:43 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\EmieBrowserModeList
[2015/09/09 16:06:43 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\EmieSiteList
[2015/09/09 16:06:43 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\EmieUserList
[2015/06/04 23:15:04 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Facebook
[2015/12/10 17:36:57 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Google
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\Historique
[2014/10/18 17:34:57 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Macromedia
[2015/12/30 23:22:14 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Microsoft
[2015/01/16 23:59:35 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Microsoft Games
[2014/10/18 14:58:50 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Microsoft Help
[2014/10/18 15:39:04 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Mozilla
[2015/05/09 00:03:23 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Nero
[2015/04/28 21:28:04 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Nero_AG
[2016/02/29 01:25:48 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Nico Mak Computing
[2014/11/14 22:31:49 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Opera Software
[2014/10/19 13:31:00 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Programs
[2014/10/18 17:29:05 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Skype
[2015/11/17 13:58:45 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Softonic
[2015/01/06 22:09:06 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\SoftonicAssistant
[2016/02/29 17:58:47 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Temp
[2014/10/18 14:42:18 | 000,000,000 | -HSD | M] -- C:\Users\samsung\AppData\Local\Temporary Internet Files
[2015/01/06 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Ultralingua7
[2015/06/02 15:46:23 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\Unity
[2014/10/19 15:28:35 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\VirtualStore
[2016/02/29 01:38:44 | 000,000,000 | ---D | M] -- C:\Users\samsung\AppData\Local\WinZip

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\* >[/color]

[color=#A23BEC]< %Userprofile%\Local Settings\Application Data\*. >[/color]

[color=#A23BEC]< %programFiles%\* >[/color]
[2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2015/06/08 16:56:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Abdio Software Inc
[2015/04/26 12:52:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2014/10/18 14:55:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIMP2
[2016/01/22 13:56:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BlueStacks
[2016/02/29 17:38:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2014/10/18 14:54:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2015/11/16 01:14:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DVDVideoSoft
[2015/12/10 17:36:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2014/10/27 13:53:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GRETECH
[2015/11/16 01:14:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GUPlayer
[2016/02/29 17:36:43 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/10/18 17:18:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2014/10/22 14:41:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Download Manager
[2016/02/11 17:11:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2016/02/24 17:13:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee Security Scan
[2015/04/26 19:56:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2014/10/18 15:05:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2014/10/18 14:59:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014/11/11 20:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2015/04/26 14:33:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2016/02/12 13:00:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2016/01/22 12:55:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/10/18 15:06:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2015/11/23 20:51:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Opera
[2014/10/18 15:28:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Qualcomm Atheros
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2015/02/20 15:17:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2015/01/02 22:23:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ultralingua
[2015/11/16 00:46:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Uniblue
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2015/06/06 21:33:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\USB Disk Security
[2015/11/17 14:01:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vibosoft
[2014/10/18 14:50:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2014/11/08 21:38:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2015/06/11 22:22:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2014/11/04 18:53:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2014/10/18 14:53:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRar
[2015/06/18 18:30:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Word to Pdf Converter 3000

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]
[2016/02/24 17:12:43 | 001,555,928 | ---- | M] (McAfee, Inc.) -- C:\Windows\Temp\contentDATs.exe
[2016/02/24 17:12:33 | 008,590,704 | ---- | M] (McAfee, Inc.) -- C:\Windows\Temp\SecurityScan_Release.exe
[50 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2016/02/29 16:45:10 | 000,300,488 | ---- | M] (Mozilla Foundation) -- C:\Windows\Temp\avast_ash2\Mozilla Firefox\updater.exe

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2015/03/13 02:55:15 | 000,016,303 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2009/07/14 05:55:01 | 000,000,535 | ---- | M] () -- C:\Windows\system32\mapisvc.inf
[2015/02/22 23:59:36 | 001,552,872 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2016/02/29 17:46:00 | 000,001,002 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016/02/29 16:34:45 | 000,000,362 | ---- | M] () -- C:\Windows\Tasks\DriverToolkit Autorun.job
[2016/02/29 16:34:56 | 000,001,066 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016/02/29 17:45:00 | 000,001,070 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2016/02/29 16:34:38 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2015/08/27 17:43:43 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(68).TXT
[2016/01/14 20:33:08 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2009/07/14 04:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]

[color=#A23BEC]< %temp%\*.exe /s >[/color]
[2015/03/16 10:27:58 | 001,057,488 | ---- | M] (Adobe) -- C:\Users\samsung\AppData\Local\Temp\adobe-reader_11-0-10_fr_13628.exe
[2015/11/17 08:33:31 | 000,000,231 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\AndyCurrentInstallerVMX.exe
[2010/11/09 08:29:46 | 003,056,008 | ---- | M] (Ask) -- C:\Users\samsung\AppData\Local\Temp\askToolbarInstaller.exe
[2015/11/16 00:27:59 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\BingSvc.exe
[2015/11/16 00:28:33 | 001,118,360 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\BSvcProcessor.exe
[2015/11/16 00:27:45 | 000,170,128 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\BSvcUpdater.exe
[2009/10/30 05:37:28 | 000,217,088 | ---- | M] (Gretech Corporation) -- C:\Users\samsung\AppData\Local\Temp\GomEncDnInstaller.exe
[2014/11/14 23:17:05 | 000,834,488 | ---- | M] ( ) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_FlvPlayerSetup.exe
[2015/04/25 17:01:37 | 001,057,488 | ---- | M] (Adobe) -- C:\Users\samsung\AppData\Local\Temp\install_readerdc_fr_mssd_aaa_aih.exe
[2006/10/28 03:28:26 | 000,145,184 | R--- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\ose00000.exe
[2014/12/13 13:39:22 | 001,153,144 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe
[2014/12/22 08:55:02 | 000,488,960 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\sqlite3.exe
[2015/05/19 21:58:51 | 005,017,864 | ---- | M] (SaveFrom.net ) -- C:\Users\samsung\AppData\Local\Temp\tmp21F2.exe
[2015/05/19 21:52:50 | 005,017,864 | ---- | M] (SaveFrom.net ) -- C:\Users\samsung\AppData\Local\Temp\tmp6596.exe
[2015/04/26 16:49:17 | 000,000,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\{47D390E8-9520-42C2-99C7-574755546E8C}-42.0.2311.90_chrome_installer.exe
[2014/11/29 20:25:04 | 000,000,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\{6AC655C7-083F-4772-BCAA-466AE351B942}-39.0.2171.71_38.0.2125.111_chrome_updater.exe
[992 C:\Users\samsung\AppData\Local\Temp\*.tmp files -> C:\Users\samsung\AppData\Local\Temp\*.tmp -> ]
[2014/12/02 18:47:00 | 017,923,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\samsung\AppData\Local\Temp\{27CF23C3-0BC2-4017-9A95-BA696F23EA30}\InstallFlashPlayer.exe
[2014/12/02 20:12:53 | 000,372,736 | ---- | M] (Macrovision Corporation) -- C:\Users\samsung\AppData\Local\Temp\{8DF854F0-8B55-4FC0-92A8-0C8390439F82}\setup.exe
[2016/02/11 21:20:21 | 000,107,320 | ---- | M] (Acresso Software Inc.) -- C:\Users\samsung\AppData\Local\Temp\{AC0CDAAB-E442-40E6-879B-DB522053489A}\ISBEW64.exe
[2014/12/02 20:13:22 | 000,372,736 | ---- | M] (Macrovision Corporation) -- C:\Users\samsung\AppData\Local\Temp\{E11DBBDE-5AC5-4670-9712-D792A14D396F}\setup.exe
[2016/02/05 17:54:16 | 000,378,296 | ---- | M] (McAfee, Inc.) -- C:\Users\samsung\AppData\Local\Temp\~nsu.tmp\Au_.exe
[2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zS2A98.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe
[2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zS2A98.tmp\MicroInstallerNative.exe
[2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zS8574.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe
[2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zS8574.tmp\MicroInstallerNative.exe
[2015/03/10 11:27:20 | 016,228,056 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSA1AD.tmp\BlueStacks-ThinInstaller_0.9.17.4138.exe
[2015/03/10 11:27:16 | 000,165,592 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSA1AD.tmp\MicroInstallerNative.exe
[2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSBA4.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe
[2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSBA4.tmp\MicroInstallerNative.exe
[2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSC87C.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe
[2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSC87C.tmp\MicroInstallerNative.exe
[2014/10/07 11:21:11 | 016,027,352 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSD200.tmp\BlueStacks-ThinInstaller_0.9.4.4078.exe
[2014/10/07 11:21:08 | 000,144,600 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSD200.tmp\MicroInstallerNative.exe
[2015/10/08 13:25:14 | 002,031,224 | ---- | M] (BlueStack Systems, Inc.) -- C:\Users\samsung\AppData\Local\Temp\7zSFDDF.tmp\BlueStacks-ThinInstaller_0.10.7.5601.exe
[2015/10/08 13:25:11 | 000,165,496 | ---- | M] (BlueStack Systems) -- C:\Users\samsung\AppData\Local\Temp\7zSFDDF.tmp\MicroInstallerNative.exe
[2014/10/30 03:16:16 | 000,069,056 | ---- | M] (S¬N´fÎÑyb¡ýN gPlQøS) -- C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\BaofengUpdate.exe
[2014/10/30 03:16:16 | 001,891,840 | ---- | M] (Skytech Co., Ltd.) -- C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\UninstallManager.exe
[1 C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\*.tmp files -> C:\Users\samsung\AppData\Local\Temp\9C108286-D1F6-47E7-8DC2-7F5757C78459[i]\*.tmp -> ]
[2015/05/20 13:12:19 | 000,113,400 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\ClaraDwl\03e56d45-2cb7-4fa6-b315-984ff1eca689.exe
[2015/05/20 13:15:31 | 010,597,727 | ---- | M] (iCinema) -- C:\Users\samsung\AppData\Local\Temp\DwlTempFolder\temp.exe
[2016/02/18 01:18:11 | 002,095,304 | ---- | M] (ESET) -- C:\Users\samsung\AppData\Local\Temp\FBScanner_942095923\ESET.exe
[2014/11/14 22:31:19 | 000,870,008 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\is116316934\16F003FA_stp.EXE
[2014/11/14 22:31:10 | 000,840,928 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is116316934\6CF59B58_stp.EXE
[2014/11/03 14:52:10 | 000,580,176 | ---- | M] (One Syn) -- C:\Users\samsung\AppData\Local\Temp\is116316934\33BDC0C1_stp\Nov3_cor_sweet-page.exe
[2015/06/27 12:54:40 | 002,048,000 | ---- | M] (BluetoothInstaller.com) -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\prsetup.exe
[2016/02/11 13:27:21 | 000,231,803 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\temporal_setup.exe
[2016/02/11 13:27:22 | 000,000,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\temporal_setup2.exe
[2012/05/30 10:55:26 | 000,167,936 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-AEIMF.tmp\UNZIP.exe
[2016/02/07 21:20:16 | 001,290,999 | ---- | M] ( ) -- C:\Users\samsung\AppData\Local\Temp\is-IAMEP.tmp\prsetup.exe
[2012/05/30 10:55:26 | 000,167,936 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-IAMEP.tmp\UNZIP.exe
[2012/05/30 10:55:26 | 000,167,936 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\is-LHRU4.tmp\UNZIP.exe
[2016/02/07 21:24:18 | 000,452,207 | ---- | M] ( ) -- C:\Users\samsung\AppData\Local\Temp\is-LHRU4.tmp\websetup.exe
[2015/08/05 01:01:56 | 000,248,376 | ---- | M] (DVDVideoSoft Ltd.) -- C:\Users\samsung\AppData\Local\Temp\is-SH3LN.tmp\Assistant64.exe
[2015/08/05 02:53:54 | 000,867,344 | ---- | M] (DVDVideoSoft Ltd.) -- C:\Users\samsung\AppData\Local\Temp\is-SH3LN.tmp\ux_optimizer.exe
[2015/04/28 17:02:04 | 000,735,568 | ---- | M] (Nero AG ) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\setup.exe
[2015/04/28 17:02:12 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dcsx\DXSETUP.exe
[2015/04/28 17:02:11 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dcsx\PRQStarter-1.exe
[2015/04/28 17:02:11 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx10\DXSETUP.exe
[2015/04/28 17:02:11 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx10\PRQStarter-1.exe
[2015/04/28 17:02:10 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx11\DXSETUP.exe
[2015/04/28 17:02:10 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx11\PRQStarter-1.exe
[2015/04/28 17:02:09 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx9\DXSETUP.exe
[2015/04/28 17:02:09 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3d10.1Extensions9.29.952.3111D3dx9\PRQStarter-1.exe
[2015/04/28 17:02:09 | 000,517,976 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3dHlslCompiler9.29.952.3111\DXSETUP.exe
[2015/04/28 17:02:09 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\direct3dHlslCompiler9.29.952.3111\PRQStarter-1.exe
[2015/04/28 17:02:08 | 000,081,920 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\lightscribeSystemSoftware\LSDriveDetect.exe
[2015/04/28 17:02:08 | 000,090,384 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\lightscribeSystemSoftware\LS_LAUNCHER.exe
[2015/04/28 17:02:08 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\lightscribeSystemSoftware\PRQStarter-1.exe
[2015/04/28 17:02:08 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\PRQStarter-1.exe
[2015/04/28 17:02:07 | 004,995,416 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2010Sp1X86\vcredist_x86.exe
[2015/04/28 17:02:07 | 002,067,280 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2012X86\PRQStarter-1.exe
[2015/04/28 17:02:07 | 006,554,576 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\microsoftVcRedist2012X86\vcredist_x86.exe
[2015/04/28 17:02:07 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindows6.0X64\PRQStarter-1.exe
[2015/04/28 17:02:07 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindows6.0X86\PRQStarter-1.exe
[2015/04/28 17:02:06 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindowsxpX86\PRQStarter-1.exe
[2015/04/28 17:02:06 | 003,327,000 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\msi4.5ForWindowsxpX86\WindowsXP-KB942288-v3-x86.exe
[2015/04/28 17:02:06 | 001,520,464 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\opencandy\InstallHelper.exe
[2015/04/28 17:02:06 | 002,094,928 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\rebootValidator\PRQStarter-1.exe
[2015/04/28 17:02:06 | 002,566,416 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\systemRequirementValidator\NeroOSValidator.exe
[2015/04/28 17:02:05 | 000,165,648 | ---- | M] (Nero AG) -- C:\Users\samsung\AppData\Local\Temp\NeroInstallFiles\NERO20141205111330556\ISSetupPrerequisites\systemRequirementValidator\PRQStarter-1.exe
[2016/02/05 17:59:06 | 000,647,432 | ---- | M] (McAfee, Inc.) -- C:\Users\samsung\AppData\Local\Temp\nssD3F4.tmp-3658831\MSS\3.11.292.3\McUICnt.exe
[2015/11/16 11:19:35 | 001,316,984 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\installer.exe
[2015/11/16 11:19:36 | 000,948,856 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\launcher.exe
[2015/11/16 11:19:37 | 000,883,832 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\opera.exe
[2015/11/16 11:19:38 | 003,613,304 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\opera_autoupdate.exe
[2015/11/16 11:19:39 | 000,504,440 | ---- | M] (Opera Software) -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\opera_crashreporter.exe
[2015/11/16 11:19:39 | 000,073,336 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\Opera Installer\opera_installer_20151121142901\wow_helper.exe
[2012/08/15 14:06:24 | 001,030,976 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Setup.exe
[2012/08/09 14:21:02 | 000,184,640 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\difx64.exe
[2012/08/09 14:21:02 | 004,378,944 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\GfxUI.exe
[2012/08/09 14:21:04 | 000,392,512 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\hkcmd.exe
[2012/08/09 14:21:18 | 000,239,936 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxext.exe
[2012/08/09 14:21:18 | 000,417,088 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxpers.exe
[2012/08/09 14:21:22 | 000,506,688 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxsrvc.exe
[2012/08/09 14:21:22 | 000,167,744 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igfxtray.exe
[2012/08/09 14:21:22 | 001,026,880 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Graphics\igxpun.exe
[2009/11/18 14:07:44 | 000,813,592 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\Intel Control Center\SetupICC.exe
[2012/08/15 14:06:32 | 000,184,640 | ---- | M] (Intel Corporation) -- C:\Users\samsung\AppData\Local\Temp\pft66D2~tmp\x64\Drv64.exe
[2015/05/20 11:08:41 | 000,570,764 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\samsung\AppData\Local\Temp\TempDir\baidu11.exe
[2015/05/20 11:08:56 | 000,898,168 | ---- | M] (ClaraLabs) -- C:\Users\samsung\AppData\Local\Temp\TempDir\ClaraInstaller_Core36.exe
[2015/05/20 11:08:10 | 039,076,264 | ---- | M] (The Olcinium Browser Authors) -- C:\Users\samsung\AppData\Local\Temp\TempDir\d3205137-dfb9-46ba-a117-d5f7d8675906.exe
[2015/05/20 11:09:11 | 001,377,280 | ---- | M] (PlusDiscount-FrenzComp) -- C:\Users\samsung\AppData\Local\Temp\TempDir\setup.exe
[2015/05/20 11:08:28 | 000,737,384 | ---- | M] (Olcinium ) -- C:\Users\samsung\AppData\Local\Temp\TempDir\setupFacebookChatDesktop.exe
[2015/04/28 10:33:58 | 025,700,400 | ---- | M] (Google) -- C:\Users\samsung\AppData\Local\Temp\tmpfaubvf\googledrivesync.exe
[2015/07/29 08:23:18 | 022,344,224 | ---- | M] (Google) -- C:\Users\samsung\AppData\Local\Temp\tmpqqjmb9\googledrivesync.exe
[2014/12/23 00:10:41 | 000,284,048 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\devsetup32.exe
[2014/12/23 00:10:41 | 000,384,400 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\devsetup64.exe
[2014/12/23 00:10:41 | 000,333,200 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\DriverSetup.exe
[2014/12/23 00:10:41 | 000,329,104 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\C839\Driver\DriverUninstall.exe
[2014/12/23 00:10:41 | 000,607,584 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\AddPbk.exe
[2014/12/23 00:10:41 | 000,514,048 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\mobilepartner.exe
[2014/12/23 00:10:41 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\mt.exe
[2014/12/23 00:10:42 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\subinacl.exe
[2014/12/23 00:10:42 | 000,019,808 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UnblockPin.exe
[2014/12/23 00:10:42 | 000,077,152 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\XStartScreen.exe
[2014/12/23 00:10:41 | 000,436,768 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunSetup.exe
[2014/12/23 00:10:41 | 000,176,344 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunUninstall.exe
[2014/12/23 00:10:41 | 001,545,568 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\LiveUpd.exe
[2014/12/23 00:10:41 | 000,655,712 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\ouc.exe
[2014/12/23 00:10:41 | 000,008,704 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\RunLiveUpd.exe
[2014/12/23 00:10:42 | 000,605,184 | ---- | M] () -- C:\Users\samsung\AppData\Local\Temp\UTPS\common\UpdateDog\RunOuc.exe

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2015/10/29 10:37:14 | 001,007,816 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\Andy\Setup.exe
[2015/10/29 10:37:14 | 001,007,816 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\Andy_45.5_Online\Setup.exe
[2015/11/16 22:06:26 | 001,063,648 | ---- | M] (Igor Pavlov) -- C:\Users\samsung\AppData\Roaming\Andy_45.5_Online\tools\7za-x64.exe
[2015/05/19 21:54:03 | 000,299,160 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\OpenCandy\925B9649220341E6A246D12D7F173847\setup.exe
[2015/05/19 22:10:38 | 049,801,016 | ---- | M] (AVG Technologies) -- C:\Users\samsung\AppData\Roaming\OpenCandy\B511C9925D454F78B684CB98B6957798\AVG-PC-TuneUp2015-2200620.exe
[2015/08/09 00:10:18 | 000,298,944 | ---- | M] () -- C:\Users\samsung\AppData\Roaming\RPEng\7DA556E6F0124DEAA17A13554A21851B\setup.exe
[2015/06/06 21:21:22 | 004,024,616 | ---- | M] (Zbshareware Lab ) -- C:\Users\samsung\AppData\Roaming\Zbshareware Lab\USBGuard\PatchUSBGuardZB.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2010/11/20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2014/10/18 15:34:59 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2015/05/20 13:11:55 | 000,008,998 | ---- | M] () -- C:\claraInstaller.txt
[2016/02/29 16:34:21 | 2984,931,328 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/29 16:34:20 | 3979,911,168 | -HS- | M] () -- C:\pagefile.sys
[2016/02/29 17:50:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/03 18:58:07 | 000,002,426 | ---- | M] () -- C:\RHDSetup.log
[2015/11/15 21:57:29 | 000,362,359 | RHS- | M] () -- C:\RYEBH
[2014/11/03 18:58:07 | 000,000,206 | ---- | M] () -- C:\setup.log
[2015/01/02 21:53:58 | 000,000,027 | -H-- | M] () -- C:\TraFgFr.Tra
[2014/11/04 18:55:51 | 000,192,457 | ---- | M] () -- C:\unp304067442455755891.mdmp

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015/04/11 05:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015/04/13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015/04/13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2015/06/15 22:45:34 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/20 14:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2016/01/22 05:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/04 23:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 04:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 04:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/20 14:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 13:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 07:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/20 14:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 02:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 05:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 12:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2010/11/20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2016/01/22 05:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 02:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2016/01/22 05:57:17 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 13:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2015/08/05 18:56:14 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 13:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 04:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/20 14:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 04:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 04:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/20 14:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2015/06/15 22:44:47 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2015/06/15 22:42:49 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/11/20 19:54:59 | 002,609,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/20 14:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/20 14:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command >[/color]
"" = C:\Program Files\Internet Explorer\iexplore.exe -- [2016/01/22 21:31:15 | 000,814,288 | ---- | M] (Microsoft Corporation)

[color=#A23BEC]< HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command >[/color]
"" = "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -- [2016/02/12 13:00:00 | 000,392,136 | ---- | M] (Mozilla Corporation)

[color=#A23BEC]< HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command >[/color]
"" = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- [2016/02/18 05:15:35 | 000,746,648 | ---- | M] (Google Inc.)

[color=#A23BEC]< dir "%Homedrive%\*" /S /A:L /C >[/color]
Le volume dans le lecteur C n'a pas de nom.
Le num ro de s rie du volume est D8A7-B1C1
R pertoire de C:\
14/07/2009 06:08 <JONCTION> Documents and Settings [C:\Users]
0 fichier(s) 0 octets
R pertoire de C:\Program Files
18/10/2014 14:42 <JONCTION> Fichiers communs [C:\Program Files\Common Files]
0 fichier(s) 0 octets
R pertoire de C:\Program Files\Windows NT
18/10/2014 14:42 <JONCTION> Accessoires [C:\Program Files\Windows NT\Accessories]
0 fichier(s) 0 octets
R pertoire de C:\Program Files (x86)\Common Files\AV
03/12/2015 13:02 <SYMLINKD> avast! Antivirus [C:\Program Files\Common Files\AV\avast! Antivirus]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
18/10/2014 14:42 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
18/10/2014 14:42 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
18/10/2014 14:42 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
18/10/2014 14:42 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\ProgramData\Microsoft\Windows\Start Menu
18/10/2014 14:42 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users
14/07/2009 06:08 <SYMLINKD> All Users [C:\ProgramData]
14/07/2009 06:08 <JONCTION> Default User [C:\Users\Default]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users
14/07/2009 06:08 <JONCTION> Application Data [C:\ProgramData]
18/10/2014 14:42 <JONCTION> Bureau [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Desktop [C:\Users\Public\Desktop]
14/07/2009 06:08 <JONCTION> Documents [C:\Users\Public\Documents]
18/10/2014 14:42 <JONCTION> Favoris [C:\Users\Public\Favorites]
14/07/2009 06:08 <JONCTION> Favorites [C:\Users\Public\Favorites]
18/10/2014 14:42 <JONCTION> Menu D marrer [C:\ProgramData\Microsoft\Windows\Start Menu]
18/10/2014 14:42 <JONCTION> Mod`les [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 fichier(s) 0 octets
R pertoire de C:\Users\All Users\Microsoft\Windows\Start Menu
18/10/2014 14:42 <JONCTION> Programmes [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default
14/07/2009 06:08 <JONCTION> Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009 06:08 <JONCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009 06:08 <JONCTION> Local Settings [C:\Users\Default\AppData\Local]
18/10/2014 14:42 <JONCTION> Menu D marrer [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
18/10/2014 14:42 <JONCTION> Mes documents [C:\Users\Default\Documents]
18/10/2014 14:42 <JONCTION> Mod`les [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
14/07/2009 06:08 <JONCTION> My Documents [C:\Users\Default\Documents]
14/07/2009 06:08 <JONCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/07/2009 06:08 <JONCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009 06:08 <JONCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009 06:08 <JONCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14/07/2009 06:08 <JONCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009 06:08 <JONCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
18/10/2014 14:42 <JONCTION> Voisinage d'impression [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
18/10/2014 14:42 <JONCTION> Voisinage r seau [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Local
14/07/2009 06:08 <JONCTION> Application Data [C:\Users\Default\AppData\Local]
18/10/2014 14:42 <JONCTION> Historique [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 06:08 <JONCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009 06:08 <JONCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
18/10/2014 14:42 <JONCTION> Programmes [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\Default\Documents
18/10/2014 14:42 <JONCTION> Ma musique [C:\Users\Default\Music]
18/10/2014 14:42 <JONCTION> Mes images [C:\Users\Default\Pictures]
18/10/2014 14:42 <JONCTION> Mes vid os [C:\Users\Default\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Default\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Default\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Default\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\Public\Documents
18/10/2014 14:42 <JONCTION> Ma musique [C:\Users\Public\Music]
18/10/2014 14:42 <JONCTION> Mes images [C:\Users\Public\Pictures]
18/10/2014 14:42 <JONCTION> Mes vid os [C:\Users\Public\Videos]
14/07/2009 06:08 <JONCTION> My Music [C:\Users\Public\Music]
14/07/2009 06:08 <JONCTION> My Pictures [C:\Users\Public\Pictures]
14/07/2009 06:08 <JONCTION> My Videos [C:\Users\Public\Videos]
0 fichier(s) 0 octets
R pertoire de C:\Users\samsung
18/10/2014 14:42 <JONCTION> Application Data [C:\Users\samsung\AppData\Roaming]
18/10/2014 14:42 <JONCTION> Cookies [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Cookies]
18/10/2014 14:42 <JONCTION> Local Settings [C:\Users\samsung\AppData\Local]
18/10/2014 14:42 <JONCTION> Menu D marrer [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu]
18/10/2014 14:42 <JONCTION> Mes documents [C:\Users\samsung\Documents]
18/10/2014 14:42 <JONCTION> Mod`les [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Templates]
18/10/2014 14:42 <JONCTION> Recent [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Recent]
18/10/2014 14:42 <JONCTION> SendTo [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\SendTo]
18/10/2014 14:42 <JONCTION> Voisinage d'impression [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
18/10/2014 14:42 <JONCTION> Voisinage r seau [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
0 fichier(s) 0 octets
R pertoire de C:\Users\samsung\AppData\Local
18/10/2014 14:42 <JONCTION> Application Data [C:\Users\samsung\AppData\Local]
18/10/2014 14:42 <JONCTION> Historique [C:\Users\samsung\AppData\Local\Microsoft\Windows\History]
18/10/2014 14:42 <JONCTION> Temporary Internet Files [C:\Users\samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 fichier(s) 0 octets
R pertoire de C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu
18/10/2014 14:42 <JONCTION> Programmes [C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
0 fichier(s) 0 octets
R pertoire de C:\Users\samsung\Documents
18/10/2014 14:42 <JONCTION> Ma musique [C:\Users\samsung\Music]
18/10/2014 14:42 <JONCTION> Mes images [C:\Users\samsung\Pictures]
18/10/2014 14:42 <JONCTION> Mes vid os [C:\Users\samsung\Videos]
0 fichier(s) 0 octets
Total des fichiers list sÿ:
0 fichier(s) 0 octets
77 R p(s) 24ÿ683ÿ532ÿ288 octets libres

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2016/02/29 01:18:55 | 000,058,529 | ---- | M] ()(C:\Users\samsung\Desktop\?????? ?????????? ?????? ??????? ??????? ?????????.rar) -- C:\Users\samsung\Desktop\'D/A*1 'D(J/':H,J D'3*'0 'D*1(J) 'D(/JF) H'D1J'6J).rar
[2016/02/29 01:18:54 | 000,058,529 | ---- | C] ()(C:\Users\samsung\Desktop\?????? ?????????? ?????? ??????? ??????? ?????????.rar) -- C:\Users\samsung\Desktop\'D/A*1 'D(J/':H,J D'3*'0 'D*1(J) 'D(/JF) H'D1J'6J).rar
[2016/02/23 23:13:12 | 000,004,592 | ---- | M] ()(C:\Users\samsung\Desktop\???? ?????..html) -- C:\Users\samsung\Desktop\E7D( *1BJ)..html
[2016/02/23 23:13:12 | 000,004,592 | ---- | C] ()(C:\Users\samsung\Desktop\???? ?????..html) -- C:\Users\samsung\Desktop\E7D( *1BJ)..html
[2016/02/23 22:54:27 | 000,004,540 | ---- | M] ()(C:\Users\samsung\Desktop\???? ?????.html) -- C:\Users\samsung\Desktop\E7D( *1BJ).html
[2016/02/23 22:54:27 | 000,004,540 | ---- | C] ()(C:\Users\samsung\Desktop\???? ?????.html) -- C:\Users\samsung\Desktop\E7D( *1BJ).html
[2016/02/20 21:42:09 | 003,736,939 | ---- | M] ()(C:\Users\samsung\Desktop\?????????.pdf) -- C:\Users\samsung\Desktop\'D*E1JF'*.pdf
[2016/02/20 21:41:56 | 003,736,939 | ---- | C] ()(C:\Users\samsung\Desktop\?????????.pdf) -- C:\Users\samsung\Desktop\'D*E1JF'*.pdf

< End of report >

Signaler le contenu de ce document