[SOLVED] Win10 : administrator's account impossible to connect (viruses, hacked, trojans??)

GensoD · Nov 23, 2016

Hi, (sorry for my bad english...)

Here is my big issue :

First of all, I have to say that's all my fault. I was looking for a software crack and, despite of my knowledge and carefullness, I did something realy stupid this time.
Now, I can't access to my administrator's local account. When I'm in the account & password Window's page (even my fingerprint access...), it says that my password changed and I Have to connect with "the other computer" to change it.

I have already scanned with Malwarebytes and it removed 5 malwares. (I unfortunately erased those...I can't tell you which ones they were)

I can connect with an other local account (but with restrictive access, of course...)
I would like, if possible, rediscover my administrator access with my files I don't want to lose.

Thank you !!!

Cheers,
GensoD.

Corrine · Nov 23, 2016

Hi, GensoD.

First off, we do not support the use of illegal software. So, I suggest you begin by uninstalling anything on your system that does not have a valid license. Hopefully, your limited account will have sufficient permission to do so.

Logs are needed in order to see what is on your computer. Please follow the Malware Removal Posting Instructions.

In addition, please post the Malwarebytes log. Click on History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

GensoD · Nov 23, 2016

Hi again,

I'm aware about the use of illegal software, I only wanted to help my wife and I assure you that I'm not a lammer or anything else.

With my Administrator issues I can't run any software with this option. So I did the scans anyway, even with Malwarebytes (which find many issues itself).

Thanks for your help Corrine.

Logs in next replies.

EDIT : The logs will be in french...
And Audrey is my wife's local account I'm using.

GensoD · Nov 23, 2016

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x86) Version: 23-11-2016
Exécuté par Audrey (24-11-2016 01:12:17)
Exécuté depuis C:\Users\Audrey\Desktop\Sysnative tools
Microsoft Windows 10 Famille Version 1607 (X86) (2016-11-21 00:40:54)
Mode d'amorçage: Normal
==========================================================

==================== Comptes: =============================

Administrateur (S-1-5-21-3249230889-3245914959-1979252567-500 - Administrator - Disabled) => C:\Users\Administrateur
Audrey (S-1-5-21-3249230889-3245914959-1979252567-1018 - Limited - Enabled) => C:\Users\Audrey
DamienG (S-1-5-21-3249230889-3245914959-1979252567-1000 - Administrator - Enabled) => C:\Users\Ralek Bibi
DefaultAccount (S-1-5-21-3249230889-3245914959-1979252567-503 - Limited - Disabled)
Invité (S-1-5-21-3249230889-3245914959-1979252567-501 - Limited - Disabled)

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Adobe Acrobat Reader DC - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{3EB745BA-194F-4475-9164-B20BB2172395}) (Version: 12.0 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D9F3D66A-9885-4DDD-A800-9DDF488359A1}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Contenu supplémentaire de Vita 2 (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)
DriversCloud.com (HKLM\...\{26BC1A02-834F-4E12-ABB2-E55484C6DFA0}) (Version: 8.0.4.0 - Cybelsoft)
Dropbox (HKLM\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.57.1 - Dropbox, Inc.) Hidden
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.1.0.20 - IObit)
iTunes (HKLM\...\{B1EA304B-D216-4D5D-A720-D94C623EA880}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 73 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (Version: 16.0.0.614 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
MAGIX Analogue Modelling Suite Plus (HKLM\...\MX.{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Analogue Modelling Suite Plus (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Contenu et Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX essentialFX Suite (HKLM\...\MX.{CB7B17F4-3833-4699-890B-52C5D0AB926D}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX essentialFX Suite (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Samplitude Music Studio 2016 (HKLM\...\MX.{F9873ACF-DB28-41C3-9AD0-A378FA95E0A5}) (Version: 22.0.1.20 - MAGIX Software GmbH)
MAGIX Samplitude Music Studio 2016 (Object synthesizers) (HKLM\...\MX.{B94FCCBE-6FB0-4E9F-8B35-966E987D0CBB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Samplitude Music Studio 2016 (Object synthesizers) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Samplitude Music Studio 2016 (Version: 22.0.1.20 - MAGIX Software GmbH) Hidden
MAGIX Soundpools 2016 (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\MX.{4820118E-F7B6-4D70-9B38-6B8C3EB85BC1}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Vandal VST-PlugIn (HKLM\...\MX.{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vandal VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX VariVerb II VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Famille et Etudiant 2013 - fr-fr (HKLM\...\HomeStudentRetail - fr-fr) (Version: 15.0.4875.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mises à jour NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.0 (x86 fr) (HKLM\...\Mozilla Firefox 50.0 (x86 fr)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MuseScore 2 (HKLM\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
NoteWorthy Composer 2 Demo (HKLM\...\NoteWorthy Composer 2 Demo) (Version: Demo Version 2.75 - Noteworthy Software, Inc.)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Pilote graphique 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Pianissimo (HKLM\...\Pianissimo) (Version: - Acoustica)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Samplitude Music Studio 2016 Update (Version: 22.0.2.24 - MAGIX Software GmbH) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
UM-ONE Driver (HKLM\...\RolandRDID0115) (Version: - Roland Corporation)
Vita Accordion (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Century Guitar (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Century Keys (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Choir (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Cinematic Synth (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Drum Engine (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Electric Bass (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Electric Piano (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Folk (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Power Guitar (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Rock Drums (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita Space Pad (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita String Ensemble (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job =>
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => <==== ATTENTION
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => <==== ATTENTION
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_DamienG.job =>

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2016-11-21 15:43 - 2016-09-15 18:32 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-21 15:43 - 2016-09-15 18:32 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-23 15:20 - 2016-11-23 15:20 - 01244360 _____ () C:\Users\Audrey\AppData\Local\Microsoft\OneDrive\17.3.6674.1021_1\ClientTelemetry.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-21 15:41 - 2016-11-02 11:46 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-23 15:22 - 2016-11-23 15:22 - 00129216 _____ () C:\Users\Audrey\AppData\Local\Microsoft\OneDrive\17.3.6674.1021_1\FileSyncViews.dll
2016-11-21 16:11 - 2016-11-21 16:15 - 00062464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2016-11-21 16:11 - 2016-11-21 16:15 - 00151552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-21 16:11 - 2016-11-21 16:15 - 29915136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2016-11-21 15:43 - 2016-11-02 11:31 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-21 15:43 - 2016-11-02 11:24 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-21 15:43 - 2016-08-06 04:21 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-21 15:43 - 2016-11-02 11:24 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-21 15:43 - 2016-11-02 11:24 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-21 15:43 - 2016-11-02 11:26 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-15 04:24 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 04:24 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-11-21 15:45 - 2016-09-15 18:42 - 02261856 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\lame:Roxio EMC Stream [38]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)

==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

==================== Hosts contenu: ==========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2015-09-28 17:23 - 2016-11-20 19:38 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-3249230889-3245914959-1979252567-1018\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu is disabled.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

MSCONFIG\Services: XboxNetApiSvc => 3
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "c:\program files\common files\adobe\cs5servicemanager\cs5servicemanager.exe" -launchedbylogin
MSCONFIG\startupreg: iTunesHelper => "c:\program files\itunes\ituneshelper.exe"
MSCONFIG\startupreg: ShadowPlay => c:\windows\system32\rundll32.exe c:\windows\system32\nvspcap.dll,shadowplayonsystemstart

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{091BFE71-FD7D-4C63-8747-FD03561FB0A5}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{341A83C0-C03C-41D6-83AE-E1FA24A86239}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{AA2AA141-A546-4E9C-B603-BF203A48F851}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{FE9FA84F-8527-49CD-B843-AE7706A254D8}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{D7DD7D3C-9AF1-4740-959D-C84ED76051A9}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{14B4551F-F5CF-427C-BDD4-4D7A4C58C31B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{95C8339F-B4B8-409E-A50F-8C575CFA46C5}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{6146710A-14AB-4331-AF24-C19D9D178DAE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{93DBA1A4-1198-47B5-95BC-680D24328CAD}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FDF879E6-40D9-4654-9C51-C91B0D977880}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1F8673E2-118D-4581-AC2C-8773A9ACD632}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{56F13253-F435-4E80-9989-C97BAC8F4120}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47529514-3EA4-4E90-86C8-9C65EA422C51}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6701AFCE-9C75-4C2D-A251-47788599C3EA}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{296E8584-3B5A-4A12-9F7B-12D7300E11F1}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{89110892-AD4C-4E64-BC3D-634819F30E1B}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{660235FB-93AC-4162-A31D-C4D490A8C761}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{0DFE9A17-6A67-4F3B-A3DC-F9DBD2CA4DEA}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [UDP Query User{8ACE6D29-6BF2-41BB-8A3A-282236E71D83}C:\program files\java\jdk1.8.0_73\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\jmc.exe
FirewallRules: [TCP Query User{D5C1213F-BA4F-4EA6-992E-112F648B2655}C:\program files\java\jdk1.8.0_73\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\jmc.exe
FirewallRules: [{636A41F6-CA71-4349-B8DB-2B1A285C12BB}] => (Allow) C:\Program Files\MAGIX\Samplitude Music Studio 2016\MusicStudio.exe
FirewallRules: [{D12ECB71-4271-4545-995E-0ED6790A9219}] => (Allow) LPort=48113
FirewallRules: [{B8D48B7C-B242-4478-B14F-A64AB1BC53C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4171D462-3C23-491E-B05F-651F2AA7F9F7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C6A3B1E0-B381-4AD0-9964-34190FC5C0DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8277E31C-F9B3-4C5C-A6E8-2597D57CCEC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{39668261-FDAD-4341-AF4F-186693318177}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C30DA3E3-F106-40EE-87C8-FFE92908E434}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{76858E19-B081-47EC-8771-0F824BD54BCD}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{260BEEC2-832A-47BF-B125-91F135A4DD93}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{52A691AD-8154-41F9-AC37-10D931E0AA71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{703C1641-EF6A-43C7-B932-343043BC531B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F596A669-13D8-4488-A2CF-A00168D13D63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5EFF708-0950-4EE6-A705-3EB250903E10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Points de restauration =========================

ATTENTION: La Restauration système est désactivée
Vérifiez le service "winmgmt" ou réparez WMI.

==================== Éléments en erreur du Gestionnaire de périphériques =============

==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (11/24/2016 12:53:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GENSOD)
Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue.

Error: (11/23/2016 11:46:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_OFF (erreur %3).

Error: (11/23/2016 11:46:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_OFF (erreur %3).

Error: (11/23/2016 11:46:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_OFF (erreur %3).

Error: (11/23/2016 08:14:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GENSOD)
Description: Échec de l’activation de l’application windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (11/23/2016 08:14:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GENSOD)
Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue.

Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_ON (erreur %3).

Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_ON (erreur %3).

Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_ON (erreur %3).

Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_SNOOZED (erreur %3).

Erreurs système:
=============
Error: (11/23/2016 06:21:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 06:21:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 06:21:10 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 05:45:38 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 05:28:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 05:28:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 05:28:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 04:50:32 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 04:40:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (11/23/2016 04:21:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: L’arrêt système précédant à 16:05:57 le ‎23/‎11/‎2016 n’était pas prévu.

==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
Pourcentage de mémoire utilisée: 50%
Mémoire physique - RAM - totale: 3070.06 MB
Mémoire physique - RAM - disponible: 1533.82 MB
Mémoire virtuelle totale: 4350.06 MB
Mémoire virtuelle disponible: 2287.07 MB

==================== Lecteurs ================================

Drive c: (Lecteur) (Fixed) (Total:198.04 GB) (Free:31.44 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (Stockage) (Fixed) (Total:10 GB) (Free:5.59 GB) NTFS

==================== MBR & Table des partitions ==================

==================== Fin de Addition.txt ============================

GensoD · Nov 23, 2016

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2016
Exécuté par Audrey (ATTENTION: L'utilisateur n'est pas administrateur) sur GENSOD (24-11-2016 01:00:37)
Exécuté depuis C:\Users\Audrey\Desktop\Sysnative tools
Profils chargés: Audrey (Profils disponibles: DamienG & Audrey & Administrateur)
Platform: Microsoft Windows 10 Famille Version 1607 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

Impossible d'accéder au processus -> smss.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> wininit.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> winlogon.exe
Impossible d'accéder au processus -> services.exe
Impossible d'accéder au processus -> lsass.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> dwm.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> nvSCPAPISvr.exe
Impossible d'accéder au processus -> nvvsvc.exe
Impossible d'accéder au processus -> nvxdsync.exe
Impossible d'accéder au processus -> nvvsvc.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> rundll32.exe
Impossible d'accéder au processus -> rundll32.exe
Impossible d'accéder au processus -> WUDFHost.exe
Impossible d'accéder au processus -> dasHost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> spoolsv.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> DbxSvc.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> AppleMobileDeviceService.exe
Impossible d'accéder au processus -> mDNSResponder.exe
Impossible d'accéder au processus -> GfExperienceService.exe
Impossible d'accéder au processus -> armsvc.exe
Impossible d'accéder au processus -> BtwRSupportService.exe
Impossible d'accéder au processus -> AEstSrv.exe
Impossible d'accéder au processus -> officeclicktorun.exe
Impossible d'accéder au processus -> IUService.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> NvNetworkService.exe
Impossible d'accéder au processus -> nvstreamsvc.exe
Impossible d'accéder au processus -> stacsv.exe
Impossible d'accéder au processus -> MsMpEng.exe
Impossible d'accéder au processus -> SearchIndexer.exe
Impossible d'accéder au processus -> nvstreamsvc.exe
Impossible d'accéder au processus -> conhost.exe
Impossible d'accéder au processus -> wmpnetwk.exe
Impossible d'accéder au processus -> NisSrv.exe
Impossible d'accéder au processus -> nvstreamsvc.exe
Impossible d'accéder au processus -> conhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.10.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> WmiPrvSE.exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-28] (IDT, Inc.)
HKLM\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3249230889-3245914959-1979252567-1018\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7045848 2016-11-15] (Piriform Ltd)
ShellExecuteHooks: - {2BA2613E-A5BE-11E6-BD30-64006A5CFC23} - C:\Users\Ralek Bibi\AppData\Roaming\Atogey\Fimokgrzition.dll Pas de fichier [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{4302391a-7a41-4bd9-b96a-f99196402d8a}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{e25976d3-ee75-485d-a365-f405a76d1aae}: [DhcpNameServer] 192.168.0.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3249230889-3245914959-1979252567-1018\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-21] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-10-25] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-21] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-10-25] (AO Kaspersky Lab)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-10-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-16] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-29] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-10-13]

Chrome:
=======
CHR Profile: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
CHR Extension: (Google Slides) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-07]
CHR Extension: (Google Docs) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-07]
CHR Extension: (Google Drive) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-07]
CHR Extension: (YouTube) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-07]
CHR Extension: (Adblock Plus) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-07]
CHR Extension: (Google Sheets) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-07]
CHR Extension: (Gmail) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-07]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-29] (Kaspersky Lab ZAO)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1680088 2015-09-19] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2041584 2016-10-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [35440 2016-11-07] (Dropbox, Inc.)
R2 Dergesyghujase; C:\Program Files\Deringchederse\absegrermughtlnc.dll [276480 2016-11-20] () [Fichier non signé]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
R2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R3 lmhosts; C:\WINDOWS\System32\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2016-01-29] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [175320 2015-09-19] (Broadcom Corporation.)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [144600 2015-09-19] (Broadcom Corporation.)
S3 CLEDX; C:\WINDOWS\System32\drivers\cledx.sys [33792 2005-05-09] (Team H2O) [Fichier non signé]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [201912 2015-07-05] (Kaspersky Lab ZAO)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
S3 jumi; C:\WINDOWS\System32\drivers\jumi.sys [13112 2010-06-03] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [57712 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [66976 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [25208 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [147336 2015-10-21] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [53160 2016-05-25] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [764848 2016-05-25] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [44632 2016-11-21] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [37560 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [39304 2015-09-29] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [74160 2016-05-25] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [87736 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22F1DE39-4901-4A31-9FD8-4AA5B124D710}\MpKslDrv.sys [39168 2016-11-23] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 netwlv32; C:\WINDOWS\System32\drivers\netwlv32.sys [6637056 2016-07-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2016-01-29] (NVIDIA Corporation)
S3 NvStUSB; C:\WINDOWS\System32\drivers\nvstusb.sys [435416 2014-07-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2015-10-13] (NVIDIA Corporation)
S3 RDID1115; C:\WINDOWS\system32\Drivers\RDWM1115.SYS [71168 2015-07-23] (Roland Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2016-07-16] (Marvell)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-11-24 01:00 - 2016-11-24 01:00 - 00000000 ____D C:\FRST
2016-11-24 00:34 - 2016-11-24 01:00 - 00000000 ____D C:\Users\Audrey\Desktop\Sysnative tools
2016-11-23 22:37 - 2016-11-23 22:37 - 00000000 ____D C:\Users\Audrey\AppData\LocalLow\Apple Computer
2016-11-23 22:32 - 2016-11-23 22:32 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\NVIDIA
2016-11-23 16:35 - 2016-11-23 16:35 - 00000391 _____ C:\Users\Audrey\Desktop\Panneau de configuration - Raccourci.lnk
2016-11-23 16:20 - 2016-11-23 16:20 - 00014000 ____N C:\bootsqm.dat
2016-11-23 16:19 - 2016-11-23 16:19 - 00000000 __SHD C:\found.001
2016-11-23 15:14 - 2016-11-23 16:40 - 00000000 ____D C:\Users\Audrey\AppData\Local\ConnectedDevicesPlatform
2016-11-23 15:14 - 2016-11-23 15:14 - 00000020 ___SH C:\Users\Audrey\ntuser.ini
2016-11-23 13:13 - 2016-11-23 13:50 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-11-22 13:45 - 2016-11-22 13:46 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Optimisation Firefox
2016-11-21 15:45 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-21 15:45 - 2016-11-02 12:22 - 06020448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-21 15:45 - 2016-11-02 12:21 - 00570720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-11-21 15:45 - 2016-11-02 12:05 - 00313088 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-11-21 15:45 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-21 15:45 - 2016-11-02 11:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-21 15:45 - 2016-11-02 11:44 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-21 15:45 - 2016-11-02 11:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-21 15:45 - 2016-11-02 11:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-21 15:45 - 2016-11-02 11:41 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-21 15:45 - 2016-11-02 11:32 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-21 15:45 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-21 15:45 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-21 15:45 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-21 15:45 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-21 15:45 - 2016-10-28 04:11 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-21 15:45 - 2016-10-15 05:40 - 01126496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-11-21 15:45 - 2016-10-15 05:36 - 04970224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-11-21 15:45 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-11-21 15:45 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-11-21 15:45 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-21 15:45 - 2016-10-15 05:18 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-11-21 15:45 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-21 15:45 - 2016-10-15 05:18 - 00067424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-11-21 15:45 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-11-21 15:45 - 2016-10-15 05:14 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-11-21 15:45 - 2016-10-15 05:14 - 00802600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-11-21 15:45 - 2016-10-15 05:14 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-11-21 15:45 - 2016-10-15 05:10 - 01968992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-11-21 15:45 - 2016-10-15 05:10 - 00781664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-11-21 15:45 - 2016-10-15 05:10 - 00482656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-11-21 15:45 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-11-21 15:45 - 2016-10-15 04:58 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-11-21 15:45 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-21 15:45 - 2016-10-15 04:55 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-11-21 15:45 - 2016-10-15 04:48 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-11-21 15:45 - 2016-10-15 04:48 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-11-21 15:45 - 2016-10-15 04:48 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-11-21 15:45 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-11-21 15:45 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-11-21 15:45 - 2016-10-15 04:43 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-11-21 15:45 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-11-21 15:45 - 2016-10-15 04:37 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-11-21 15:45 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-11-21 15:45 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-11-21 15:45 - 2016-10-05 10:59 - 00949600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-11-21 15:45 - 2016-10-05 10:54 - 01097568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-11-21 15:45 - 2016-10-05 10:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-11-21 15:45 - 2016-10-05 10:24 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-11-21 15:45 - 2016-10-05 10:23 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-11-21 15:45 - 2016-10-05 10:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-11-21 15:45 - 2016-10-05 10:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-11-21 15:45 - 2016-10-05 10:22 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-11-21 15:45 - 2016-10-05 10:20 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-11-21 15:45 - 2016-10-05 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-11-21 15:45 - 2016-10-05 10:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-11-21 15:45 - 2016-10-05 10:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-11-21 15:45 - 2016-09-15 18:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-11-21 15:45 - 2016-09-15 18:35 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-11-21 15:45 - 2016-09-15 18:35 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-11-21 15:45 - 2016-09-15 18:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-11-21 15:45 - 2016-09-15 18:22 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-11-21 15:45 - 2016-09-15 18:21 - 00557920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-11-21 15:45 - 2016-09-15 18:21 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-11-21 15:45 - 2016-09-15 18:21 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-11-21 15:45 - 2016-09-15 18:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-11-21 15:45 - 2016-09-15 18:16 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-11-21 15:45 - 2016-09-15 18:00 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-11-21 15:45 - 2016-09-15 18:00 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-11-21 15:45 - 2016-09-15 17:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-11-21 15:45 - 2016-09-15 17:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-11-21 15:45 - 2016-09-15 17:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-11-21 15:45 - 2016-09-15 17:56 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-11-21 15:45 - 2016-09-15 17:54 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-11-21 15:45 - 2016-09-15 17:53 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-11-21 15:45 - 2016-09-15 17:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-11-21 15:45 - 2016-09-15 17:53 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-11-21 15:45 - 2016-09-15 17:52 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-11-21 15:45 - 2016-09-15 17:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-11-21 15:45 - 2016-09-15 17:47 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-11-21 15:45 - 2016-09-15 17:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-11-21 15:45 - 2016-09-15 17:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-11-21 15:45 - 2016-09-15 17:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-11-21 15:45 - 2016-09-15 17:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-11-21 15:45 - 2016-09-15 17:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-11-21 15:45 - 2016-09-15 17:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-11-21 15:45 - 2016-09-15 17:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-11-21 15:45 - 2016-09-15 17:38 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-11-21 15:45 - 2016-09-15 17:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-11-21 15:45 - 2016-09-15 17:35 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-11-21 15:45 - 2016-09-07 06:33 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-11-21 15:45 - 2016-09-07 06:25 - 00133296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-11-21 15:45 - 2016-09-07 06:16 - 00589144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-11-21 15:45 - 2016-09-07 06:16 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-11-21 15:45 - 2016-09-07 06:07 - 00043944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-11-21 15:45 - 2016-09-07 05:52 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-11-21 15:45 - 2016-09-07 05:51 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-11-21 15:45 - 2016-09-07 05:44 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-11-21 15:45 - 2016-09-07 05:34 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-11-21 15:45 - 2016-09-07 05:34 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-11-21 15:45 - 2016-08-27 05:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-11-21 15:45 - 2016-08-20 06:49 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-11-21 15:45 - 2016-08-20 06:08 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-11-21 15:45 - 2016-08-06 05:16 - 00798504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-11-21 15:45 - 2016-08-06 05:15 - 00292184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-11-21 15:45 - 2016-08-06 05:06 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-11-21 15:45 - 2016-08-06 04:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-11-21 15:45 - 2016-08-06 04:37 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-11-21 15:45 - 2016-08-06 04:23 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-11-21 15:45 - 2016-08-05 10:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-11-21 15:45 - 2016-08-05 09:54 - 00564488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-11-21 15:45 - 2016-07-22 02:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-11-21 15:44 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-21 15:44 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-21 15:44 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-21 15:44 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-21 15:44 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-21 15:44 - 2016-11-02 12:01 - 01413664 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-21 15:44 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-21 15:44 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-21 15:44 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-21 15:44 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-21 15:44 - 2016-11-02 11:42 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-21 15:44 - 2016-11-02 11:40 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-21 15:44 - 2016-11-02 11:38 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-21 15:44 - 2016-11-02 11:38 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-21 15:44 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-21 15:44 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-21 15:44 - 2016-11-02 11:33 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-21 15:44 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-21 15:44 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-21 15:44 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-21 15:44 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-21 15:44 - 2016-11-02 11:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-21 15:44 - 2016-11-02 11:28 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-21 15:44 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-21 15:44 - 2016-11-02 11:26 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-21 15:44 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-21 15:44 - 2016-10-15 06:11 - 00224608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-11-21 15:44 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-11-21 15:44 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-11-21 15:44 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-11-21 15:44 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-11-21 15:44 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-11-21 15:44 - 2016-10-15 05:11 - 01345504 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-11-21 15:44 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-11-21 15:44 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-11-21 15:44 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-11-21 15:44 - 2016-10-15 04:55 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-11-21 15:44 - 2016-10-15 04:52 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-11-21 15:44 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-11-21 15:44 - 2016-10-15 04:50 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-11-21 15:44 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-11-21 15:44 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-11-21 15:44 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-11-21 15:44 - 2016-10-15 04:43 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-11-21 15:44 - 2016-10-15 04:41 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-11-21 15:44 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-21 15:44 - 2016-10-05 10:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-11-21 15:44 - 2016-10-05 10:46 - 00056672 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-11-21 15:44 - 2016-10-05 10:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2016-11-21 15:44 - 2016-10-05 10:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-11-21 15:44 - 2016-10-05 10:25 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-11-21 15:44 - 2016-10-05 10:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-11-21 15:44 - 2016-10-05 10:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-11-21 15:44 - 2016-10-05 10:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-11-21 15:44 - 2016-10-05 10:09 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-11-21 15:44 - 2016-10-05 10:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-11-21 15:44 - 2016-10-05 10:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-11-21 15:44 - 2016-10-05 10:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-11-21 15:44 - 2016-09-15 18:26 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-11-21 15:44 - 2016-09-15 18:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-11-21 15:44 - 2016-09-15 18:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-11-21 15:44 - 2016-09-15 18:01 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-11-21 15:44 - 2016-09-15 17:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-11-21 15:44 - 2016-09-15 17:57 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-11-21 15:44 - 2016-09-15 17:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-11-21 15:44 - 2016-09-15 17:56 - 00823808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-11-21 15:44 - 2016-09-15 17:56 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-11-21 15:44 - 2016-09-15 17:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-11-21 15:44 - 2016-09-15 17:55 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-11-21 15:44 - 2016-09-15 17:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-11-21 15:44 - 2016-09-15 17:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-11-21 15:44 - 2016-09-15 17:52 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-11-21 15:44 - 2016-09-15 17:49 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-11-21 15:44 - 2016-09-15 17:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-11-21 15:44 - 2016-09-15 17:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-11-21 15:44 - 2016-09-15 17:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-11-21 15:44 - 2016-09-15 17:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-11-21 15:44 - 2016-09-15 17:44 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-11-21 15:44 - 2016-09-15 17:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-11-21 15:44 - 2016-09-15 17:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-11-21 15:44 - 2016-09-15 17:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-11-21 15:44 - 2016-09-07 06:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-11-21 15:44 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-11-21 15:44 - 2016-09-07 05:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-11-21 15:44 - 2016-09-07 05:40 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-21 15:44 - 2016-09-07 05:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-11-21 15:44 - 2016-09-07 05:31 - 00461312 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-11-21 15:44 - 2016-08-20 06:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-11-21 15:44 - 2016-08-20 06:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-11-21 15:44 - 2016-08-20 06:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-11-21 15:44 - 2016-08-20 05:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-11-21 15:44 - 2016-08-20 05:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-11-21 15:44 - 2016-08-09 03:13 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-11-21 15:44 - 2016-08-06 04:48 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-11-21 15:44 - 2016-08-06 04:47 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-11-21 15:44 - 2016-08-06 04:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-11-21 15:44 - 2016-08-06 04:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-11-21 15:44 - 2016-08-06 04:39 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-11-21 15:44 - 2016-08-06 04:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-11-21 15:44 - 2016-08-06 04:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-11-21 15:44 - 2016-08-05 09:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-11-21 15:44 - 2016-08-05 09:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-11-21 15:44 - 2016-08-05 09:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-11-21 15:43 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-21 15:43 - 2016-11-02 12:24 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-21 15:43 - 2016-11-02 12:24 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-21 15:43 - 2016-11-02 12:23 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-21 15:43 - 2016-11-02 12:23 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-21 15:43 - 2016-11-02 12:21 - 00276320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-21 15:43 - 2016-11-02 12:09 - 00544088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-21 15:43 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-21 15:43 - 2016-11-02 12:00 - 00042336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-21 15:43 - 2016-11-02 11:51 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-21 15:43 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-21 15:43 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-21 15:43 - 2016-11-02 11:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-21 15:43 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-21 15:43 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-21 15:43 - 2016-11-02 11:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-21 15:43 - 2016-11-02 11:45 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-21 15:43 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-21 15:43 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-21 15:43 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8.dll
2016-11-21 15:43 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-21 15:43 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-21 15:43 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-21 15:43 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-21 15:43 - 2016-11-02 11:37 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-11-21 15:43 - 2016-11-02 11:36 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-21 15:43 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-21 15:43 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-11-21 15:43 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-21 15:43 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-21 15:43 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-21 15:43 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-21 15:43 - 2016-10-15 05:26 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-11-21 15:43 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-11-21 15:43 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-11-21 15:43 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-11-21 15:43 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-11-21 15:43 - 2016-10-15 04:58 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-11-21 15:43 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-11-21 15:43 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-11-21 15:43 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-11-21 15:43 - 2016-10-15 04:54 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-11-21 15:43 - 2016-10-15 04:54 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-11-21 15:43 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-11-21 15:43 - 2016-10-15 04:54 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-11-21 15:43 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-11-21 15:43 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-11-21 15:43 - 2016-10-15 04:51 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-11-21 15:43 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-11-21 15:43 - 2016-10-15 04:49 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-11-21 15:43 - 2016-10-15 04:48 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-11-21 15:43 - 2016-10-15 04:46 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-11-21 15:43 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-11-21 15:43 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-11-21 15:43 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-11-21 15:43 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-11-21 15:43 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-11-21 15:43 - 2016-10-15 04:36 - 00528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-11-21 15:43 - 2016-10-15 04:33 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-11-21 15:43 - 2016-10-05 11:05 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-11-21 15:43 - 2016-10-05 10:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-11-21 15:43 - 2016-10-05 10:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-11-21 15:43 - 2016-10-05 10:45 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-11-21 15:43 - 2016-10-05 10:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-11-21 15:43 - 2016-10-05 10:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-11-21 15:43 - 2016-10-05 10:28 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-11-21 15:43 - 2016-10-05 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-11-21 15:43 - 2016-10-05 10:25 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-11-21 15:43 - 2016-10-05 10:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-11-21 15:43 - 2016-10-05 10:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-11-21 15:43 - 2016-10-05 10:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-11-21 15:43 - 2016-10-05 10:18 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-11-21 15:43 - 2016-10-05 10:09 - 00608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-11-21 15:43 - 2016-10-05 10:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-11-21 15:43 - 2016-10-05 10:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-11-21 15:43 - 2016-10-05 10:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-11-21 15:43 - 2016-09-15 18:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-11-21 15:43 - 2016-09-15 18:32 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-21 15:43 - 2016-09-15 18:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-11-21 15:43 - 2016-09-15 18:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-11-21 15:43 - 2016-09-15 18:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-11-21 15:43 - 2016-09-15 18:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-11-21 15:43 - 2016-09-15 18:17 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-11-21 15:43 - 2016-09-15 18:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-11-21 15:43 - 2016-09-15 18:06 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-11-21 15:43 - 2016-09-15 18:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-11-21 15:43 - 2016-09-15 18:02 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-11-21 15:43 - 2016-09-15 18:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-11-21 15:43 - 2016-09-15 18:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2016-11-21 15:43 - 2016-09-15 18:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-11-21 15:43 - 2016-09-15 17:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-11-21 15:43 - 2016-09-15 17:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2016-11-21 15:43 - 2016-09-15 17:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-11-21 15:43 - 2016-09-15 17:58 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-11-21 15:43 - 2016-09-15 17:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-11-21 15:43 - 2016-09-15 17:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-11-21 15:43 - 2016-09-15 17:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-11-21 15:43 - 2016-09-15 17:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-11-21 15:43 - 2016-09-15 17:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-11-21 15:43 - 2016-09-15 17:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-11-21 15:43 - 2016-09-15 17:56 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-11-21 15:43 - 2016-09-15 17:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-11-21 15:43 - 2016-09-15 17:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-11-21 15:43 - 2016-09-15 17:55 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-11-21 15:43 - 2016-09-15 17:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-11-21 15:43 - 2016-09-15 17:55 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-11-21 15:43 - 2016-09-15 17:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-11-21 15:43 - 2016-09-15 17:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-11-21 15:43 - 2016-09-15 17:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-11-21 15:43 - 2016-09-15 17:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-11-21 15:43 - 2016-09-15 17:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-11-21 15:43 - 2016-09-15 17:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-11-21 15:43 - 2016-09-15 17:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2016-11-21 15:43 - 2016-09-15 17:54 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-11-21 15:43 - 2016-09-15 17:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-11-21 15:43 - 2016-09-15 17:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-11-21 15:43 - 2016-09-15 17:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-11-21 15:43 - 2016-09-15 17:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-11-21 15:43 - 2016-09-15 17:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-11-21 15:43 - 2016-09-15 17:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-11-21 15:43 - 2016-09-15 17:48 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-11-21 15:43 - 2016-09-15 17:45 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-11-21 15:43 - 2016-09-15 17:43 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-11-21 15:43 - 2016-09-15 17:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-11-21 15:43 - 2016-09-15 17:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-11-21 15:43 - 2016-09-15 17:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-11-21 15:43 - 2016-09-15 17:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-11-21 15:43 - 2016-09-15 17:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-11-21 15:43 - 2016-09-15 17:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-11-21 15:43 - 2016-09-15 17:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-11-21 15:43 - 2016-09-15 17:39 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-11-21 15:43 - 2016-09-15 17:39 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-11-21 15:43 - 2016-09-15 17:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-11-21 15:43 - 2016-09-15 17:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-11-21 15:43 - 2016-09-15 17:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-11-21 15:43 - 2016-09-15 17:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-11-21 15:43 - 2016-09-15 17:35 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-11-21 15:43 - 2016-09-07 05:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-11-21 15:43 - 2016-09-07 05:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-11-21 15:43 - 2016-09-07 05:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-11-21 15:43 - 2016-09-07 05:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-11-21 15:43 - 2016-09-07 05:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-11-21 15:43 - 2016-09-07 05:43 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-11-21 15:43 - 2016-09-07 05:43 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-11-21 15:43 - 2016-09-07 05:39 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-11-21 15:43 - 2016-09-07 05:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-11-21 15:43 - 2016-08-27 05:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-11-21 15:43 - 2016-08-20 06:15 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-11-21 15:43 - 2016-08-20 06:14 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-11-21 15:43 - 2016-08-20 06:14 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-11-21 15:43 - 2016-08-20 06:14 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-11-21 15:43 - 2016-08-20 06:14 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-11-21 15:43 - 2016-08-20 06:12 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-11-21 15:43 - 2016-08-20 06:12 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-11-21 15:43 - 2016-08-20 06:12 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-11-21 15:43 - 2016-08-20 06:11 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-11-21 15:43 - 2016-08-20 06:11 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-11-21 15:43 - 2016-08-20 06:11 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-11-21 15:43 - 2016-08-20 06:09 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-11-21 15:43 - 2016-08-20 06:09 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-11-21 15:43 - 2016-08-20 06:09 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-11-21 15:43 - 2016-08-20 06:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-11-21 15:43 - 2016-08-20 06:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-11-21 15:43 - 2016-08-20 06:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-11-21 15:43 - 2016-08-06 05:14 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-11-21 15:43 - 2016-08-06 05:07 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-11-21 15:43 - 2016-08-06 05:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-11-21 15:43 - 2016-08-06 04:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-11-21 15:43 - 2016-08-06 04:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-11-21 15:43 - 2016-08-06 04:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-11-21 15:43 - 2016-08-06 04:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-11-21 15:43 - 2016-08-06 04:47 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-11-21 15:43 - 2016-08-06 04:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-11-21 15:43 - 2016-08-06 04:46 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-11-21 15:43 - 2016-08-06 04:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-11-21 15:43 - 2016-08-06 04:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-11-21 15:43 - 2016-08-06 04:40 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-11-21 15:43 - 2016-08-06 04:39 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-11-21 15:43 - 2016-08-06 04:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-21 15:43 - 2016-08-06 04:32 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-11-21 15:43 - 2016-08-06 04:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-11-21 15:43 - 2016-08-06 04:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-11-21 15:43 - 2016-08-02 05:47 - 00094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-11-21 15:42 - 2016-11-02 12:22 - 01583112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-21 15:42 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-21 15:42 - 2016-11-02 12:21 - 01957216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-21 15:42 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-21 15:42 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-21 15:42 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-21 15:42 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-21 15:42 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-21 15:42 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-21 15:42 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-21 15:42 - 2016-11-02 11:42 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-21 15:42 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-21 15:42 - 2016-11-02 11:42 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-21 15:42 - 2016-11-02 11:40 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-21 15:42 - 2016-11-02 11:39 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-21 15:42 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-21 15:42 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-21 15:42 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-21 15:42 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-21 15:42 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-21 15:42 - 2016-11-02 11:36 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-21 15:42 - 2016-11-02 11:32 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-21 15:42 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-21 15:42 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-21 15:42 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-21 15:42 - 2016-11-02 11:27 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-21 15:42 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-21 15:42 - 2016-11-02 11:26 - 03595776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-21 15:42 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-21 15:42 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-21 15:42 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-21 15:42 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-21 15:42 - 2016-11-02 11:26 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-21 15:42 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-21 15:42 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-21 15:42 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-21 15:42 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-21 15:42 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 01415520 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 01026400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 00496992 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 00486752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 00115552 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-11-21 15:42 - 2016-10-15 06:11 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-11-21 15:42 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-11-21 15:42 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-11-21 15:42 - 2016-10-15 05:27 - 00421216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-11-21 15:42 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-11-21 15:42 - 2016-10-15 05:20 - 01898336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-11-21 15:42 - 2016-10-15 05:20 - 00550752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-11-21 15:42 - 2016-10-15 05:20 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-11-21 15:42 - 2016-10-15 05:18 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-11-21 15:42 - 2016-10-15 05:18 - 00261984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-11-21 15:42 - 2016-10-15 04:56 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-11-21 15:42 - 2016-10-15 04:56 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-11-21 15:42 - 2016-10-15 04:55 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-11-21 15:42 - 2016-10-15 04:55 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-11-21 15:42 - 2016-10-15 04:54 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-11-21 15:42 - 2016-10-15 04:51 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-11-21 15:42 - 2016-10-15 04:50 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-11-21 15:42 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-11-21 15:42 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-11-21 15:42 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-21 15:42 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-11-21 15:42 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-11-21 15:42 - 2016-10-15 04:47 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-11-21 15:42 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-11-21 15:42 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-11-21 15:42 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-11-21 15:42 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-11-21 15:42 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-11-21 15:42 - 2016-10-15 04:40 - 01135616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-11-21 15:42 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-11-21 15:42 - 2016-10-15 04:37 - 01485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-11-21 15:42 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-11-21 15:42 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-11-21 15:42 - 2016-10-15 04:37 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-11-21 15:42 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-11-21 15:42 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-11-21 15:42 - 2016-10-05 11:10 - 00231776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-11-21 15:42 - 2016-10-05 11:03 - 01724584 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-11-21 15:42 - 2016-10-05 10:53 - 00154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-11-21 15:42 - 2016-10-05 10:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-11-21 15:42 - 2016-10-05 10:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-11-21 15:42 - 2016-10-05 10:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-11-21 15:42 - 2016-10-05 10:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-11-21 15:42 - 2016-10-05 10:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-11-21 15:42 - 2016-10-05 10:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-11-21 15:42 - 2016-10-05 10:10 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-11-21 15:42 - 2016-10-05 10:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-11-21 15:42 - 2016-10-05 10:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-11-21 15:42 - 2016-10-05 10:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-11-21 15:42 - 2016-09-15 18:42 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-11-21 15:42 - 2016-09-15 18:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-11-21 15:42 - 2016-09-15 18:36 - 00021344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-11-21 15:42 - 2016-09-15 18:31 - 00583648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-11-21 15:42 - 2016-09-15 18:27 - 00868704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-11-21 15:42 - 2016-09-15 18:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-11-21 15:42 - 2016-09-15 18:23 - 00170448 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-11-21 15:42 - 2016-09-15 18:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-11-21 15:42 - 2016-09-15 18:21 - 00175968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-11-21 15:42 - 2016-09-15 18:20 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-11-21 15:42 - 2016-09-15 18:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-11-21 15:42 - 2016-09-15 18:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-11-21 15:42 - 2016-09-15 18:00 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2016-11-21 15:42 - 2016-09-15 18:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-11-21 15:42 - 2016-09-15 17:58 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-11-21 15:42 - 2016-09-15 17:58 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-11-21 15:42 - 2016-09-15 17:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-11-21 15:42 - 2016-09-15 17:57 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-11-21 15:42 - 2016-09-15 17:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-11-21 15:42 - 2016-09-15 17:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-11-21 15:42 - 2016-09-15 17:56 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-11-21 15:42 - 2016-09-15 17:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-11-21 15:42 - 2016-09-15 17:55 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-11-21 15:42 - 2016-09-15 17:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-11-21 15:42 - 2016-09-15 17:55 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-11-21 15:42 - 2016-09-15 17:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-11-21 15:42 - 2016-09-15 17:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-11-21 15:42 - 2016-09-15 17:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-11-21 15:42 - 2016-09-15 17:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-11-21 15:42 - 2016-09-15 17:52 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-11-21 15:42 - 2016-09-15 17:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-11-21 15:42 - 2016-09-15 17:52 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-11-21 15:42 - 2016-09-15 17:52 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-11-21 15:42 - 2016-09-15 17:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-11-21 15:42 - 2016-09-15 17:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-11-21 15:42 - 2016-09-15 17:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-11-21 15:42 - 2016-09-15 17:51 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-11-21 15:42 - 2016-09-15 17:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-11-21 15:42 - 2016-09-15 17:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-11-21 15:42 - 2016-09-15 17:48 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-11-21 15:42 - 2016-09-15 17:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-11-21 15:42 - 2016-09-15 17:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-11-21 15:42 - 2016-09-15 17:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-11-21 15:42 - 2016-09-15 17:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-11-21 15:42 - 2016-09-15 17:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-11-21 15:42 - 2016-09-15 17:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-11-21 15:42 - 2016-09-15 17:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-11-21 15:42 - 2016-09-15 17:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-11-21 15:42 - 2016-09-15 17:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-11-21 15:42 - 2016-09-15 17:35 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-11-21 15:42 - 2016-09-07 06:35 - 00315736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-21 15:42 - 2016-09-07 06:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-11-21 15:42 - 2016-09-07 06:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-11-21 15:42 - 2016-09-07 06:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-11-21 15:42 - 2016-09-07 06:13 - 00432328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-11-21 15:42 - 2016-09-07 06:13 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-11-21 15:42 - 2016-09-07 06:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-11-21 15:42 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-11-21 15:42 - 2016-09-07 05:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-11-21 15:42 - 2016-09-07 05:56 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-11-21 15:42 - 2016-09-07 05:55 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-11-21 15:42 - 2016-09-07 05:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-11-21 15:42 - 2016-09-07 05:50 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-11-21 15:42 - 2016-09-07 05:50 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-11-21 15:42 - 2016-09-07 05:46 - 01774080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-11-21 15:42 - 2016-09-07 05:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-11-21 15:42 - 2016-09-07 05:44 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-11-21 15:42 - 2016-09-07 05:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-11-21 15:42 - 2016-09-07 05:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-11-21 15:42 - 2016-09-07 05:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-11-21 15:42 - 2016-09-07 05:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-11-21 15:42 - 2016-09-07 05:34 - 00920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-11-21 15:42 - 2016-08-20 06:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-11-21 15:42 - 2016-08-20 05:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-11-21 15:42 - 2016-08-06 05:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-11-21 15:42 - 2016-08-06 04:47 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-11-21 15:42 - 2016-08-06 04:47 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-11-21 15:42 - 2016-08-06 04:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-11-21 15:42 - 2016-08-06 04:45 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-11-21 15:42 - 2016-08-06 04:37 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-11-21 15:42 - 2016-08-06 04:30 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-11-21 15:42 - 2016-08-06 04:25 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-11-21 15:41 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-21 15:41 - 2016-11-02 12:06 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-21 15:41 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2016-11-21 15:41 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-21 15:41 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-21 15:41 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-21 15:41 - 2016-11-02 11:46 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-21 15:41 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-21 15:41 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-21 15:41 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthExt.dll
2016-11-21 15:41 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-21 15:41 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-21 15:41 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-21 15:41 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-21 15:41 - 2016-11-02 11:42 - 00384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-21 15:41 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-21 15:41 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-11-21 15:41 - 2016-11-02 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2016-11-21 15:41 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-21 15:41 - 2016-11-02 11:40 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-21 15:41 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-21 15:41 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-21 15:41 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-21 15:41 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-21 15:41 - 2016-11-02 11:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-21 15:41 - 2016-10-15 05:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-11-21 15:41 - 2016-10-15 04:59 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-11-21 15:41 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-21 15:41 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-11-21 15:41 - 2016-10-15 04:54 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-11-21 15:41 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-11-21 15:41 - 2016-10-15 04:53 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-11-21 15:41 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-21 15:41 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2016-11-21 15:41 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-21 15:41 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-11-21 15:41 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-21 15:41 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-11-21 15:41 - 2016-10-15 04:36 - 01523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-11-21 15:41 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-21 15:41 - 2016-10-05 10:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-11-21 15:41 - 2016-10-05 10:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-11-21 15:41 - 2016-10-05 10:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-11-21 15:41 - 2016-10-05 10:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-11-21 15:41 - 2016-10-05 10:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-11-21 15:41 - 2016-10-05 10:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-11-21 15:41 - 2016-10-05 10:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-11-21 15:41 - 2016-10-05 10:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-11-21 15:41 - 2016-10-05 10:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-11-21 15:41 - 2016-10-05 10:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-11-21 15:41 - 2016-10-05 10:11 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-11-21 15:41 - 2016-10-05 10:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-11-21 15:41 - 2016-10-05 10:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-11-21 15:41 - 2016-10-05 10:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-11-21 15:41 - 2016-09-15 18:37 - 00320152 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-11-21 15:41 - 2016-09-15 18:34 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-11-21 15:41 - 2016-09-15 18:32 - 00279416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-11-21 15:41 - 2016-09-15 18:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-11-21 15:41 - 2016-09-15 18:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-11-21 15:41 - 2016-09-15 18:00 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-11-21 15:41 - 2016-09-15 17:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-11-21 15:41 - 2016-09-15 17:58 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-11-21 15:41 - 2016-09-15 17:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-11-21 15:41 - 2016-09-15 17:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-11-21 15:41 - 2016-09-15 17:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-11-21 15:41 - 2016-09-15 17:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-11-21 15:41 - 2016-09-15 17:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-11-21 15:41 - 2016-09-15 17:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-11-21 15:41 - 2016-09-15 17:48 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-11-21 15:41 - 2016-09-15 17:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-11-21 15:41 - 2016-09-15 17:47 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-11-21 15:41 - 2016-09-15 17:46 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-11-21 15:41 - 2016-09-15 17:46 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-11-21 15:41 - 2016-09-15 17:45 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-11-21 15:41 - 2016-09-15 17:44 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-11-21 15:41 - 2016-09-15 17:44 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-11-21 15:41 - 2016-09-15 17:44 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-11-21 15:41 - 2016-09-15 17:44 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-11-21 15:41 - 2016-09-15 17:44 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-11-21 15:41 - 2016-09-15 17:43 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-11-21 15:41 - 2016-09-15 17:42 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-11-21 15:41 - 2016-09-15 17:42 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-11-21 15:41 - 2016-09-15 17:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-11-21 15:41 - 2016-09-15 17:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-11-21 15:41 - 2016-09-07 06:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-11-21 15:41 - 2016-09-07 06:29 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-11-21 15:41 - 2016-09-07 06:18 - 00290264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-11-21 15:41 - 2016-09-07 06:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-11-21 15:41 - 2016-09-07 06:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-11-21 15:41 - 2016-09-07 05:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-11-21 15:41 - 2016-09-07 05:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-11-21 15:41 - 2016-09-07 05:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-11-21 15:41 - 2016-09-07 05:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-11-21 15:41 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-11-21 15:41 - 2016-09-07 05:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-11-21 15:41 - 2016-09-07 05:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-11-21 15:41 - 2016-09-07 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-11-21 15:41 - 2016-09-07 05:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-11-21 15:41 - 2016-09-07 05:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-11-21 15:41 - 2016-09-07 05:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-11-21 15:41 - 2016-09-07 05:54 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-11-21 15:41 - 2016-09-07 05:54 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-11-21 15:41 - 2016-09-07 05:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-11-21 15:41 - 2016-09-07 05:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-11-21 15:41 - 2016-09-07 05:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-11-21 15:41 - 2016-09-07 05:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-11-21 15:41 - 2016-09-07 05:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-11-21 15:41 - 2016-09-07 05:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-11-21 15:41 - 2016-09-07 05:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-11-21 15:41 - 2016-09-07 05:47 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-11-21 15:41 - 2016-09-07 05:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-11-21 15:41 - 2016-09-07 05:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-11-21 15:41 - 2016-09-07 05:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-11-21 15:41 - 2016-09-07 05:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-11-21 15:41 - 2016-08-20 06:15 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-11-21 15:41 - 2016-08-20 06:10 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-11-21 15:41 - 2016-08-20 06:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-11-21 15:41 - 2016-08-06 05:26 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-11-21 15:41 - 2016-08-06 05:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-11-21 15:41 - 2016-08-06 04:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-11-21 15:41 - 2016-08-06 04:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-11-21 15:41 - 2016-08-06 04:48 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-11-21 15:41 - 2016-08-06 04:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-11-21 15:41 - 2016-08-06 04:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-11-21 15:41 - 2016-08-06 04:45 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-11-21 15:41 - 2016-08-06 04:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-11-21 15:41 - 2016-08-06 04:43 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-11-21 15:41 - 2016-08-06 04:43 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-11-21 15:41 - 2016-08-06 04:40 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-21 15:41 - 2016-08-06 04:25 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-11-21 15:41 - 2016-08-02 05:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-11-21 15:41 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-11-21 02:03 - 2016-11-21 02:03 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-11-21 02:00 - 2016-11-21 02:00 - 00000000 ____D C:\ProgramData\USOShared
2016-11-21 01:59 - 2016-11-21 01:59 - 00000020 ___SH C:\Users\Ralek Bibi\ntuser.ini
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Modèles
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Mes documents
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2016-11-21 01:33 - 2016-11-21 01:38 - 00015243 _____ C:\WINDOWS\diagwrn.xml
2016-11-21 01:33 - 2016-11-21 01:38 - 00015243 _____ C:\WINDOWS\diagerr.xml
2016-11-21 01:19 - 2016-11-23 18:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-21 01:04 - 2016-11-21 01:04 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-21 01:04 - 2016-11-21 01:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-11-21 01:04 - 2016-11-21 01:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-11-21 00:53 - 2016-11-23 15:17 - 00000000 ____D C:\Users\Audrey
2016-11-21 00:53 - 2016-11-23 13:53 - 00000000 ____D C:\Users\Administrateur
2016-11-21 00:53 - 2016-11-22 15:44 - 00000000 ____D C:\Users\Ralek Bibi
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Voisinage réseau
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Voisinage d'impression
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Modèles
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Mes documents
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Menu Démarrer
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Voisinage réseau
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Voisinage d'impression
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Modèles
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Mes documents
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Menu Démarrer
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Documents\Mes vidéos
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Documents\Mes images
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Documents\Ma musique
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\AppData\Local\Historique
2016-11-21 00:49 - 2016-11-23 18:18 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-21 00:49 - 2016-11-21 00:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____D C:\Program Files\AuthenTec
2016-11-21 00:49 - 2016-01-29 11:14 - 04397624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-11-21 00:49 - 2016-01-29 11:14 - 03068864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2016-11-21 00:49 - 2016-01-29 11:14 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-11-21 00:49 - 2016-01-29 11:14 - 00678968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-11-21 00:49 - 2016-01-29 11:14 - 00381888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-11-21 00:49 - 2016-01-29 11:14 - 00070200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-11-21 00:49 - 2016-01-28 17:18 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-21 00:48 - 2016-11-21 00:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-21 00:48 - 2016-11-21 00:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01005.Wdf
2016-11-21 00:48 - 2016-11-21 00:48 - 00000000 ____D C:\Program Files\Sigmatel
2016-11-21 00:48 - 2016-11-21 00:48 - 00000000 ____D C:\Program Files\DellTPad
2016-11-21 00:48 - 2007-09-28 06:56 - 04947968 _____ (IDT, Inc.) C:\WINDOWS\system32\stacgui.cpl
2016-11-21 00:48 - 2007-09-28 06:56 - 01601536 _____ (SigmaTel, Inc.) C:\WINDOWS\system32\stlang.dll
2016-11-21 00:48 - 2007-09-28 06:56 - 00643072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\aestecap.dll
2016-11-21 00:48 - 2007-09-28 06:56 - 00131072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\aestacap.dll
2016-11-21 00:48 - 2007-09-28 06:56 - 00102400 _____ (IDT, Inc.) C:\WINDOWS\system32\stacsv.exe
2016-11-21 00:48 - 2007-09-28 06:56 - 00073728 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AEstSrv.exe
2016-11-21 00:48 - 2007-09-28 06:56 - 00053248 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\aestaren.dll
2016-11-21 00:44 - 2016-11-24 00:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-21 00:43 - 2016-11-21 20:12 - 03564504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-21 00:41 - 2016-11-23 15:01 - 00000000 ___DC C:\WINDOWS\Panther
2016-11-21 00:31 - 2016-11-21 00:32 - 00000000 ____D C:\Windows.old
2016-11-21 00:22 - 2016-11-21 00:44 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-11-21 00:12 - 2016-11-21 00:12 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-11-21 00:12 - 2016-11-21 00:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-11-21 00:12 - 2016-11-21 00:12 - 00000000 ____D C:\Program Files\MSBuild
2016-11-21 00:11 - 2016-11-21 00:11 - 03716096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-11-21 00:11 - 2016-11-21 00:11 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-11-21 00:11 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-11-21 00:11 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-21 00:11 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-11-20 20:33 - 2016-11-20 20:33 - 00032768 _____ C:\WINDOWS\system32\persistent_q.db-shm
2016-11-20 20:33 - 2016-11-20 20:33 - 00001080 _____ C:\WINDOWS\system32\persistent_q.db-wal
2016-11-20 20:33 - 2016-11-20 20:33 - 00001024 _____ C:\WINDOWS\system32\persistent_q.db
2016-11-20 19:41 - 2016-11-20 20:02 - 00000000 ____D C:\Program Files\Tolackcebersh_
2016-11-20 19:41 - 2016-11-20 20:02 - 00000000 ____D C:\Program Files\Deringchederse
2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\Users\Public\Thunder Network
2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\ProgramData\Avira
2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\ProgramData\Avg
2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-20 19:40 - 2016-11-20 20:02 - 00000000 ____D C:\Program Files\Tolackcebersh
2016-11-20 19:39 - 2016-11-20 19:39 - 00000000 _____ C:\TOSTACK
2016-11-20 19:37 - 2016-11-20 20:08 - 00000000 ___HD C:\ProgramData\52231.69108
2016-11-20 19:29 - 2016-11-20 19:53 - 00000000 ___HD C:\ProgramData\62972.21804
2016-11-20 19:18 - 2016-11-20 21:15 - 00000000 ____D C:\Program Files\Microsoft Toolkit Final
2016-11-20 19:08 - 2016-11-20 19:08 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-11-17 12:16 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\Foxit Software
2016-11-16 14:39 - 2016-11-16 14:41 - 03910208 _____ C:\Users\Ralek Bibi\Desktop\adwcleaner_6.030.exe
2016-11-16 13:52 - 2016-11-16 13:52 - 00000000 ____D C:\ProgramData\FileOpen
2016-11-16 13:51 - 2016-11-16 13:51 - 00000000 ____D C:\ProgramData\Nitro
2016-11-15 20:12 - 2016-11-21 00:58 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-11-15 18:49 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-15 03:34 - 2016-11-15 03:34 - 00000000 ____D C:\Users\Audrey\AppData\Local\Apple
2016-11-14 11:55 - 2016-11-14 11:55 - 00118820 _____ C:\Users\Audrey\Downloads\Notice sécurité incendie.pdf
2016-11-14 11:55 - 2016-11-14 11:55 - 00118820 _____ C:\Users\Audrey\Desktop\Notice sécurité incendie.pdf
2016-11-14 11:49 - 2016-11-14 11:49 - 00118820 _____ C:\Users\Audrey\Downloads\5- jarzuel thieme charlotte-gerard.thieme@neuf.fr.pdf
2016-11-14 11:49 - 2016-11-14 11:49 - 00118820 _____ C:\Users\Audrey\Desktop\notice incendie.pdf
2016-11-14 11:39 - 2016-11-14 11:39 - 00205165 _____ C:\Users\Audrey\Downloads\5-jarzuelthiemecharlotte-gerard.thiemeneuf.fr.pdf
2016-11-14 11:33 - 2016-11-14 11:33 - 00000000 ____D C:\Users\Audrey\AppData\Local\CEF
2016-11-14 11:32 - 2016-11-23 22:31 - 00000000 ____D C:\Users\Audrey\AppData\Local\Adobe
2016-11-14 11:32 - 2016-11-14 11:32 - 00000000 ____D C:\Users\Audrey\AppData\LocalLow\Adobe
2016-11-14 11:16 - 2016-11-14 11:16 - 00000000 ____D C:\Users\Audrey\AppData\LocalLow\Temp
2016-11-14 11:07 - 2016-11-14 11:02 - 00543310 _____ C:\Users\Audrey\Desktop\5 - NOTICE DESCRIPTIVE DE SECURITE AKERIA - Copie.pdf
2016-11-14 11:02 - 2016-11-14 11:02 - 00543310 _____ C:\Users\Audrey\Desktop\5 - NOTICE DESCRIPTIVE DE SECURITE AKERIA.pdf
2016-11-14 11:01 - 2016-11-14 11:01 - 00543310 _____ C:\Users\Audrey\Downloads\5 - NOTICE DESCRIPTIVE DE SECURITE AKERIA.pdf
2016-11-12 00:11 - 2016-11-21 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 16:53 - 2016-11-10 16:53 - 00248323 _____ C:\Users\Audrey\Desktop\synthese SAFRIOUINE Linda - CABINET ADROT & LS - CABINET.ADROT.LS@ORANGE.FR.pdf
2016-11-10 15:43 - 2016-11-10 15:43 - 00131951 _____ C:\Users\Audrey\Desktop\Synthese Laurent Malassis - ouest equipement hotelier - cpta.eco@orange.fr.pdf
2016-11-10 12:42 - 2016-11-10 12:42 - 00000000 ____D C:\Users\Audrey\AppData\Local\Microsoft Help
2016-11-10 12:03 - 2016-11-10 12:03 - 00327342 _____ C:\Users\Audrey\Desktop\Synthese TECHNORD FRANCE.pdf
2016-11-10 11:50 - 2016-11-10 11:50 - 00340193 _____ C:\Users\Audrey\Desktop\SYNTHESE BARGAIN.pdf
2016-11-10 11:04 - 2016-11-10 11:48 - 00158039 _____ C:\Users\Audrey\Desktop\6- BARGAIN NICOLE - HOTEL DU PARC - hotelduparc.md@wanadoo.fr.pdf
2016-11-10 10:06 - 2016-11-10 10:06 - 00131951 _____ C:\Users\Audrey\Desktop\6- Corgie Patrice - MEUBLES CORGIE - patrice@corgie.fr.pdf
2016-11-10 09:51 - 2016-11-10 09:51 - 00809741 _____ C:\Users\Audrey\Desktop\3- cerfa erp.pdf
2016-11-10 09:48 - 2016-11-10 09:48 - 00000000 ____D C:\Users\Audrey\Documents\Modèles Office personnalisés
2016-11-10 09:47 - 2016-11-10 09:47 - 00809741 _____ C:\Users\Audrey\Downloads\3- Jarzuel thieme Charlotte - gerard.thieme@neuf.fr.pdf
2016-11-08 19:35 - 2015-09-29 13:40 - 00002506 _____ C:\Users\Audrey\Desktop\PowerPoint 2013.lnk
2016-11-08 19:35 - 2015-09-29 13:40 - 00002489 _____ C:\Users\Audrey\Desktop\Word 2013.lnk
2016-11-08 19:35 - 2015-09-29 13:40 - 00002479 _____ C:\Users\Audrey\Desktop\OneNote 2013.lnk
2016-11-08 19:35 - 2015-09-29 13:40 - 00002479 _____ C:\Users\Audrey\Desktop\Excel 2013.lnk
2016-11-08 19:32 - 2016-11-08 19:33 - 00000000 ____D C:\Users\Audrey\Desktop\Projet Audrey
2016-11-08 13:30 - 2016-11-08 13:30 - 00310705 _____ C:\Users\Audrey\Desktop\synthese_1478608151 (1).pdf
2016-11-08 11:45 - 2016-11-10 21:31 - 00113152 ___SH C:\Users\Audrey\Desktop\Thumbs.db
2016-11-08 11:25 - 2016-11-08 11:25 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\WinRAR
2016-11-08 11:25 - 2016-11-08 11:25 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Apple Computer
2016-11-08 11:11 - 2016-11-08 11:11 - 00000000 ____D C:\Users\Audrey\AppData\Local\MicrosoftEdge
2016-11-08 10:55 - 2016-11-08 10:55 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\ProductData
2016-11-07 23:49 - 2016-11-07 23:49 - 00063600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00063600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00063600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00035440 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-11-07 18:10 - 2016-11-20 20:34 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-11-07 17:41 - 2016-11-15 19:08 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\EODOM
2016-11-07 17:41 - 2016-11-07 17:42 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Audrey
2016-11-07 17:36 - 2016-11-09 14:22 - 00000000 ____D C:\Users\Audrey\Desktop\Audrey_ERP
2016-11-07 15:21 - 2016-11-07 15:21 - 00000000 ____D C:\Users\Audrey\AppData\Local\Comms
2016-11-07 15:13 - 2016-11-07 15:13 - 01065376 _____ (Google Inc.) C:\Users\Audrey\Downloads\ChromeSetup.exe
2016-11-07 15:12 - 2016-11-14 15:41 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Skype
2016-11-07 15:12 - 2016-11-07 15:12 - 00000000 ____D C:\Users\Audrey\Tracing
2016-11-07 15:10 - 2016-11-07 15:10 - 00000424 _____ C:\Users\Audrey\Desktop\Ce PC.lnk
2016-11-07 15:07 - 2016-11-23 15:23 - 00002458 _____ C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-11-07 15:07 - 2016-11-23 15:23 - 00000000 ___RD C:\Users\Audrey\OneDrive
2016-11-07 15:04 - 2016-11-07 15:05 - 00000000 ____D C:\Users\Audrey\AppData\Local\Dropbox
2016-11-07 15:04 - 2016-11-07 15:04 - 00000000 ____D C:\Users\Audrey\AppData\Local\ActiveSync
2016-11-07 15:03 - 2016-11-07 16:43 - 00000000 ____D C:\Users\Audrey\AppData\Local\Google
2016-11-07 15:03 - 2016-11-07 15:12 - 00002318 _____ C:\Users\Audrey\Desktop\Chrome.lnk
2016-11-07 15:03 - 2016-11-07 15:03 - 00000000 ____D C:\Users\Audrey\AppData\Local\Publishers
2016-11-07 15:02 - 2016-11-23 22:31 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Adobe
2016-11-07 15:02 - 2016-11-23 15:35 - 00000000 ____D C:\Users\Audrey\AppData\Local\Packages
2016-11-07 15:02 - 2016-11-07 15:02 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\IObit
2016-11-07 15:02 - 2016-11-07 15:02 - 00000000 ____D C:\Users\Audrey\AppData\Local\VirtualStore
2016-11-07 15:02 - 2016-11-07 15:02 - 00000000 ____D C:\Users\Audrey\AppData\Local\TileDataLayer
2016-11-07 15:02 - 2016-03-08 20:01 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Macromedia
2016-11-02 14:25 - 2016-11-21 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-11-02 14:25 - 2016-11-20 19:41 - 00000000 ___RD C:\Program Files\Skype
2016-11-02 14:25 - 2016-11-07 15:12 - 00002628 _____ C:\Users\Public\Desktop\Skype.lnk
2016-11-02 14:25 - 2016-11-07 15:12 - 00000000 ____D C:\ProgramData\Skype
2016-11-02 14:25 - 2016-11-02 14:25 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-11-02 09:39 - 2016-11-02 09:39 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-29 18:59 - 2016-11-21 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-29 18:58 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\iTunes
2016-10-29 18:58 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\iPod

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-11-23 22:29 - 2015-09-29 21:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-11-23 17:40 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2016-11-23 16:41 - 2015-07-30 11:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-23 15:54 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-23 15:54 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-23 15:05 - 2015-09-10 17:14 - 00000000 ____D C:\AdwCleaner
2016-11-23 15:01 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-23 13:51 - 2015-10-19 12:52 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-23 13:13 - 2015-10-19 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-23 12:50 - 2015-09-29 19:24 - 00000000 ____D C:\Program Files\PeerBlock
2016-11-23 12:38 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-23 12:34 - 2016-07-16 18:15 - 00477288 _____ C:\WINDOWS\system32\perfh00C.dat
2016-11-23 12:34 - 2016-07-16 18:15 - 00076450 _____ C:\WINDOWS\system32\perfc00C.dat
2016-11-23 12:34 - 2015-09-28 17:21 - 01446522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-21 22:54 - 2015-10-05 14:09 - 00000000 ____D C:\Program Files\VideoLAN
2016-11-21 17:18 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\setup
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-11-21 17:17 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-11-21 17:17 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ___RD C:\Program Files\Windows Defender
2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Provisioning
2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-11-21 17:14 - 2016-07-16 09:30 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-11-21 16:02 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-21 15:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\appcompat
2016-11-21 02:29 - 2015-07-30 11:58 - 00000000 ___RD C:\Users\Ralek Bibi\OneDrive
2016-11-21 02:11 - 2015-09-28 19:39 - 00407720 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-11-21 02:00 - 2016-07-16 09:29 - 00000000 ____D C:\ProgramData\USOPrivate
2016-11-21 01:46 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
2016-11-21 01:40 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows NT
2016-11-21 01:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-11-21 01:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Registration
2016-11-21 01:31 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-11-21 01:26 - 2015-06-11 18:35 - 00044632 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-11-21 01:19 - 2015-11-15 14:04 - 00021780 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-11-21 01:18 - 2016-07-16 09:29 - 00000000 __RHD C:\Users\Public\Libraries
2016-11-21 01:05 - 2016-07-16 09:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-21 01:05 - 2016-06-29 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6200 series
2016-11-21 01:05 - 2016-04-13 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CounterPath X-Lite
2016-11-21 01:05 - 2016-04-04 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-21 01:05 - 2016-03-21 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2016-11-21 01:05 - 2016-03-08 20:07 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-11-21 01:05 - 2016-03-01 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-21 01:05 - 2016-03-01 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-11-21 01:05 - 2015-12-14 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-21 01:05 - 2015-12-14 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-11-21 01:05 - 2015-11-15 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-11-21 01:05 - 2015-11-10 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-21 01:05 - 2015-10-07 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-11-21 01:05 - 2015-10-06 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-21 01:05 - 2015-10-05 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-11-21 01:05 - 2015-09-29 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-11-21 01:05 - 2015-09-29 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-21 01:04 - 2015-10-30 06:13 - 00000000 ____D C:\Users\Default.migrated
2016-11-21 01:00 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\spool
2016-11-21 01:00 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-21 00:58 - 2016-07-16 18:16 - 00000000 ____D C:\WINDOWS\OCR
2016-11-21 00:58 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Cursors
2016-11-21 00:58 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-21 00:58 - 2015-11-17 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland
2016-11-21 00:58 - 2015-11-15 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-11-21 00:58 - 2009-07-14 10:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-11-21 00:50 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-11-21 00:50 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-11-21 00:49 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Help
2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-11-21 00:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-11-21 00:31 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\servicing
2016-11-21 00:12 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-11-21 00:00 - 2015-09-11 21:58 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-11-20 23:55 - 2016-09-14 15:37 - 00001190 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-20 23:55 - 2006-11-13 09:42 - 00008192 __RSH C:\BOOTSECT.BAK
2016-11-20 23:46 - 2016-07-16 18:44 - 00000000 ___HD C:\$WINDOWS.~BT
2016-11-20 23:19 - 2016-03-01 14:04 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-20 20:34 - 2016-09-14 15:37 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-20 20:34 - 2016-03-01 14:04 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-20 20:31 - 2016-03-01 14:06 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-20 20:24 - 2015-09-21 15:21 - 00032256 ___SH C:\Users\Ralek Bibi\Desktop\Thumbs.db
2016-11-20 20:00 - 2015-11-15 14:32 - 00000284 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_DamienG.job
2016-11-20 19:58 - 2015-09-29 12:46 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-20 19:41 - 2016-10-05 13:42 - 00000000 ____D C:\Program Files\MuseScore 2
2016-11-20 19:41 - 2016-09-14 15:37 - 00000000 ____D C:\Program Files\Dropbox
2016-11-20 19:41 - 2016-05-07 20:14 - 00000000 ____D C:\Program Files\FFmpeg for Audacity
2016-11-20 19:41 - 2016-05-07 20:08 - 00000000 ____D C:\Program Files\Lame For Audacity
2016-11-20 19:41 - 2016-05-07 19:06 - 00000000 ____D C:\Program Files\Audacity
2016-11-20 19:41 - 2016-04-13 10:15 - 00000000 ____D C:\Program Files\CounterPath
2016-11-20 19:41 - 2016-04-04 15:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-11-20 19:41 - 2016-03-17 12:47 - 00000000 ____D C:\Program Files\Apple Software Update
2016-11-20 19:41 - 2016-03-11 16:23 - 00000000 ____D C:\Program Files\AdwCleaner
2016-11-20 19:41 - 2016-03-11 15:22 - 00000000 ____D C:\Program Files\Pianissimo
2016-11-20 19:41 - 2016-03-01 14:04 - 00000000 ____D C:\Program Files\Google
2016-11-20 19:41 - 2015-12-14 12:06 - 00000000 ____D C:\Program Files\QuickTime
2016-11-20 19:41 - 2015-11-17 17:28 - 00000000 ____D C:\Program Files\Roland
2016-11-20 19:41 - 2015-11-16 09:08 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2016-11-20 19:41 - 2015-11-15 18:16 - 00000000 ____D C:\Program Files\VSTPlugins
2016-11-20 19:41 - 2015-11-15 15:53 - 00000000 ____D C:\Program Files\MAGIX
2016-11-20 19:41 - 2015-11-15 14:32 - 00000000 ____D C:\Program Files\IObit
2016-11-20 19:41 - 2015-11-14 13:53 - 00000000 ____D C:\Program Files\MSXML 4.0
2016-11-20 19:41 - 2015-11-10 17:24 - 00000000 ____D C:\Program Files\AGEIA Technologies
2016-11-20 19:41 - 2015-10-27 16:50 - 00000000 ____D C:\Program Files\WinRar Password Remover Installer
2016-11-20 19:41 - 2015-10-16 13:44 - 00000000 ____D C:\Program Files\Noteworthy Software
2016-11-20 19:41 - 2015-10-14 16:14 - 00000000 ____D C:\Program Files\Java
2016-11-20 19:41 - 2015-10-07 13:22 - 00000000 ____D C:\Program Files\WinRAR
2016-11-20 19:41 - 2015-10-07 12:57 - 00000000 ____D C:\Program Files\7-Zip
2016-11-20 19:41 - 2015-10-06 14:23 - 00000000 ____D C:\Program Files\paint.net
2016-11-20 19:41 - 2015-10-06 12:54 - 00000000 ____D C:\Program Files\CCleaner
2016-11-20 19:41 - 2015-09-29 21:41 - 00000000 ____D C:\Program Files\Kaspersky Lab
2016-11-20 19:41 - 2015-09-29 14:18 - 00000000 ____D C:\Program Files\Adobe
2016-11-20 19:41 - 2015-09-29 14:07 - 00000000 ____D C:\Program Files\Bonjour
2016-11-20 19:41 - 2015-09-29 13:38 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-20 19:41 - 2015-09-29 13:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-20 19:41 - 2015-09-29 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-11-20 19:41 - 2015-09-28 19:24 - 00000000 ____D C:\Program Files\DriversCloud.com
2016-11-20 16:29 - 2010-06-09 10:28 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Partitions diverses
2016-11-16 16:19 - 2012-04-15 19:59 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Magix compo
2016-11-16 14:23 - 2016-09-26 14:32 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Allegro Musique
2016-11-16 13:16 - 2015-11-15 14:32 - 00000000 ____D C:\ProgramData\ProductData
2016-11-15 18:44 - 2015-11-15 14:32 - 00000000 ____D C:\ProgramData\IObit
2016-11-14 11:32 - 2016-07-20 11:42 - 05610688 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-11-10 10:46 - 2015-09-28 19:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-10 10:30 - 2015-09-28 19:38 - 138444440 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 20:17 - 2010-09-07 21:43 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\sounds pr IPhone
2016-11-08 19:58 - 2016-09-14 15:42 - 00000000 ___RD C:\Users\Ralek Bibi\Dropbox
2016-11-07 17:38 - 2014-03-30 13:24 - 00000000 ____D C:\Users\Audrey\Desktop\Audrey
2016-11-07 08:49 - 2015-09-29 14:18 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 16:56 - 2006-11-13 09:42 - 00389408 __RSH C:\bootmgr
2016-10-29 18:58 - 2015-09-29 14:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-10-29 00:56 - 2016-07-16 09:31 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-10-29 00:56 - 2016-07-16 09:31 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

Fichiers à déplacer ou supprimer:
====================
C:\Users\Ralek Bibi\UNINSTALL.EXE

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

ATTENTION: ==> Impossible d'accéder au BCD. L'utilisateur n'est pas administrateur

==================== Fin de FRST.txt ============================

GensoD · Nov 23, 2016

EDIT #2: Despite your advice and steps, I'm not able to run the RGSA software. It says :"this software cannot be run (executed) on your PC".
Even with others OS versions compatibility.

I will post the malwarebytes log tomorrow 24/11/16, with many issues on a first sight.

Regards,
GensoD.

Corrine · Nov 23, 2016

It seems that my brain was slow to engage! This is Windows 10. Are you using a Microsoft Account as your Administrator account (Hotmail/Live, etc.)? If so, can you log on to that email account (Hotmail, Live, etc.)? If not, go to Outlook.com - Microsoft free personal email and follow the instructions to change the password. Even though you didn't "forget" the password, it having been changed amounts to the same thing. (Images with instructions at How-to Geek: How to Reset Your Forgotten Password in Windows 10).

GensoD · Nov 24, 2016

Hello !

Here is the Malwarebytes log :

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Date de l'analyse: 23/11/2016
Heure de l'analyse: 23:45
Fichier journal:
Administrateur: Non

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.11.23.18
Base de données de rootkits: v2016.11.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x86
Système de fichiers: NTFS
Utilisateur: Audrey

Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 514496
Temps écoulé: 24 h, 19 min, 37 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 1
Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Dergesyghujase, , [f0ce2f945f3b1620752f04d7679c5aa6],

Valeurs du Registre: 0
(Aucun élément malveillant détecté)

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 1
Adware.Elex, C:\Program Files\Tolackcebersh, , [9628a023a9f11b1beeae815a7c8730d0],

Fichiers: 16
Adware.Elex.Generic, C:\Program Files\Deringchederse\absegrermughtlnc.dll, , [c3fbb90a4c4e3ef8ea62865614ef4db3],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\bzkuyfptffoxggdcfgvfobzqfyczlyia.back, , [c3fb893ac7d365d1b91952c13cc57b85],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\xqrhlgbswtexhaugvrvzzolsqfxgmdmw.back, , [7b432e9563379e981db48f84669bb947],
PUP.Optional.NoteUp, C:\AdwCleaner\Quarantine\files\dkxpzwlxnccucuqagyqsewknlwluipip\Note-up.exe, , [efcf7c4766341224855e03d53ec27a86],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdengine.dll, , [e8d62c97f7a371c5fad78e8517ea29d7],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdengine.exe, , [3f7fd3f0a3f7290d19b829ea05fc0af6],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdengine64.dll, , [912d3c87d4c60036f1e020f354ad57a9],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdenginecert.dll, , [5e6018ab4d4d0a2c4a8758bb827f5aa6],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdinstaller.exe, , [05b9cdf6d0ca1e18ad2519faef129f61],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdwfp.sys, , [546a17ac1981cd69d3ff60b3d32e629e],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdwfp64.sys, , [7c42843faeec88ae90424ec58c75f808],
PUP.Optional.Elex, C:\Program Files\Deringchederse\launcher_41.dll, , [229cd7ecb3e7f54146cbdfe7c63d1fe1],
PUP.Optional.Elex.WnskRST, C:\Program Files\Deringchederse\Proxy32.dll, , [6658dfe4a7f395a13c7102d257acd32d],
Adware.Elex.Generic, C:\Program Files\Tolackcebersh_\absegrermughtlnc.dll, , [833ba81bc0dab77fb19b9e3e43c0827e],
PUP.Optional.Elex, C:\Program Files\Tolackcebersh_\launcher_41.dll, , [b905bf0401996bcbed24a521669dac54],
Adware.Elex, C:\Program Files\Tolackcebersh\qaqersp.exe, , [9628a023a9f11b1beeae815a7c8730d0],

Secteurs physiques: 0
(Aucun élément malveillant détecté)

(end)

GensoD · Nov 25, 2016

Hi again,

My administrator user account is local, not a Microsoft one. (It was a Microsoft account at the begining but I changed it into a local admin).

So, I tried the instructions at How-to Geek: How to Reset Your Forgotten Password in Windows 10, but the step "create a new user to save account files" is unsuccessful for now (First, start by booting your Windows 10 installation into the setup by changing the boot order in your BIOS to take priority with the CD, or use the ISO as a startup disk instead. Once the setup begins, hit Shift+F10).
I have not a CD or ISO to startup my laptop.
My hard drive has a partition win10 and Ubuntu.

Help...

Corrine · Nov 25, 2016

Your issue does not appear to be a result of an infection. Looking over your two previous requests for assistance, I suggest you use the Windows10 x64 ISO that you indicated you have and follow the instructions in the Hot-To Geek article to create a new Admin account and remove the account you lost access to. Based on the history ([SOLVED] Windows 10 issue (error : 0x800f081f) and [SOLVED] Windows 10 issues), I suggest you maintain a good offline backup, particularly of any important, irreplaceable documents.

GensoD · Nov 30, 2016

Hi !

I resolved the issue thanks to a microsoft's tool named "DaRT" (Microsoft Diagnostics and Recovery Toolset).

I downloaded the *.iso file of it (you can choose between x64 or x86 version, depends of your OS of course), and, thanks to DaemonTool, I could mount the file and then put it (copy and past all the files) in an USB key.

After that, I rebooted Windows(10) by the USB key ; to make sure you reboot on USB device, don't forget to go in the Boot Menu (just hit F12 or ESC key when your system is rebooting, depends of your PC brand) and change the Boot sequence.

And follow the steps. :thumbsup2:

Here is a link of the *.iso file of DaRT and all the steps you have to do. It's a french web site. (I guess you can find an equivalent tuto in english)

Microsoft Diagnostics and Recovery Toolset (DaRT) | malekal's site

ps: here is the thread I opened after being here.
https://www.sysnative.com/forums/wi...-problem-administrator-account-connexion.html

Thanks for the help ! :grin1:

Regards,
GensoD.

Corrine · Nov 30, 2016

Since you had previously downloaded the *.iso, you were half-way there. :) Glad all is well now.

[SOLVED] Win10 : administrator's account impossible to connect (viruses, hacked, trojans??)

GensoD

Well-known member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

GensoD

Well-known member

GensoD

Well-known member

GensoD

Well-known member

GensoD

Well-known member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

GensoD

Well-known member

GensoD

Well-known member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

GensoD

Well-known member

Corrine

Administrator,
Microsoft MVP,
Security Analyst

[SOLVED] Win10 : administrator's account impossible to connect (viruses, hacked, trojans??)

Well-known member

Administrator, Microsoft MVP, Security Analyst

Well-known member

Well-known member

Well-known member

Well-known member

Administrator, Microsoft MVP, Security Analyst

Well-known member

Well-known member

Administrator, Microsoft MVP, Security Analyst

Well-known member

Administrator, Microsoft MVP, Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst

Administrator,
Microsoft MVP,
Security Analyst