Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 Exécuté par Mond (administrateur) sur MONDHER (04-04-2016 17:59:28) Exécuté depuis C:\Users\Mond\Downloads Profils chargés: Mond (Profils disponibles: Mond) Platform: Windows 10 Home Version 1511 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Edge) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Christoph Pangerl) C:\Users\Mond\Downloads\Logiciels +\WindowsUpdateNotifier.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe () C:\Users\Mond\AppData\Local\Viber\Viber.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe () C:\Program Files\Intel Security\True Key\Application\truekey.exe () C:\Program Files\Intel Security\True Key\Application\truekey.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-23] (ELAN Microelectronics Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKU\S-1-5-21-3912149505-446035777-1710793193-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-3912149505-446035777-1710793193-1001\...\Run: [Viber] => C:\Users\Mond\AppData\Local\Viber\Viber.exe [59171920 2016-03-03] () Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d84826fd-822e-476e-80b7-0297e5d3f416}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_dnldastr_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAtCtB0DtAtByC0AtCtAtDtN0D0Tzu0StCyDyDtDtN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0D0B0AyEtC0FtAtGtCtCyDyBtGtAtCyB0BtGtC0D0EtBtGyE0E0F0BtC0EtDyDyB0A0E0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FtDtA0C0F0A0EtG0BtAyByCtGyEyD0EyDtG0A0FyDtDtG0F0EtAtAtAtA0A0CtBtAtAyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D2018555704%26a%3Djmb_dnldastr_16_13%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_dnldastr_16_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAtCtB0DtAtByC0AtCtAtDtN0D0Tzu0StCyDyDtDtN1L2XzutAtFtCzytFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0D0B0AyEtC0FtAtGtCtCyDyBtGtAtCyB0BtGtC0D0EtBtGyE0E0F0BtC0EtDyDyB0A0E0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FtDtA0C0F0A0EtG0BtAyByCtGyEyD0EyDtG0A0FyDtDtG0F0EtAtAtAtA0A0CtBtAtAyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByEzy%26cr%3D2018555704%26a%3Djmb_dnldastr_16_13%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3912149505-446035777-1710793193-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-03-14] (Intel Security) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-03-14] (Intel Security) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Mond\AppData\Roaming\Mozilla\Firefox\Profiles\rydpx3c5.default FF Homepage: hxxps://www.google.fr/ FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-26] (Adobe Systems Inc.) FF Extension: Yamli for Firefox - C:\Users\Mond\AppData\Roaming\Mozilla\Firefox\Profiles\rydpx3c5.default\extensions\yamlitoolbar@yamli.com.xpi [2016-03-30] FF Extension: Bitdefender QuickScan - C:\Users\Mond\AppData\Roaming\Mozilla\Firefox\Profiles\rydpx3c5.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-03-30] FF Extension: Adblock Plus - C:\Users\Mond\AppData\Roaming\Mozilla\Firefox\Profiles\rydpx3c5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-30] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [non signé] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Users\Mond\AppData\Local\Google\Chrome\User Data\Default ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 0185141459774357mcinstcleanup; C:\WINDOWS\TEMP\018514~1.EXE [883024 2015-05-04] (McAfee, Inc.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-08-23] (ELAN Microelectronics Corp.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-12-10] (Intel Corporation) S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [144008 2016-02-24] (McAfee, Inc.) R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel(R) Corporation) S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [864472 2016-03-10] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-03-10] (McAfee, Inc.) R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-03-10] (McAfee, Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-28] (Qualcomm Atheros Communications, Inc.) S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-06-16] (Intel Mobile Communications) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2016-03-30] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.) S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2014-06-16] (MobileTop) S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2014-06-16] (MCCI Corporation) S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2014-06-16] (MCCI Corporation) S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2014-06-16] (MCCI) S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2014-06-16] (MCCI Corporation) S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2014-06-16] (MCCI Corporation) S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [34488 2012-02-16] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-06-16] (DEVGURU Co., LTD.) S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2014-06-16] (MCCI Corporation) S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-06-16] (DEVGURU Co., LTD.) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-04-04 17:59 - 2016-04-04 18:00 - 00014107 _____ C:\Users\Mond\Downloads\FRST.txt 2016-04-04 17:58 - 2016-04-04 17:59 - 00000000 ____D C:\FRST 2016-04-04 17:57 - 2016-04-04 17:58 - 02374144 _____ (Farbar) C:\Users\Mond\Downloads\FRST64.exe 2016-04-04 16:50 - 2016-04-04 13:57 - 00000030 _____ C:\AVScanner.ini 2016-04-04 14:56 - 2016-04-04 14:56 - 00000000 ____D C:\Users\Mond\AppData\Local\tkdata 2016-04-04 14:56 - 2016-04-04 14:56 - 00000000 ____D C:\Users\Mond\AppData\Local\CEF 2016-04-04 14:56 - 2016-04-04 14:56 - 00000000 ____D C:\ProgramData\TrueKey 2016-04-04 14:55 - 2016-04-04 14:55 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2016-04-04 14:55 - 2016-04-04 14:55 - 00001236 _____ C:\Users\Public\Desktop\True Key.lnk 2016-04-04 14:55 - 2016-04-04 14:55 - 00000000 ____D C:\Program Files\Intel Security 2016-04-04 14:55 - 2016-04-04 14:55 - 00000000 ____D C:\Program Files\Common Files\Intel 2016-04-04 14:52 - 2016-04-04 14:52 - 00000000 ____D C:\Program Files\Common Files\McAfee 2016-04-04 14:52 - 2016-04-04 14:52 - 00000000 ____D C:\Program Files\Common Files\AV 2016-04-04 14:52 - 2016-04-04 14:52 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-04-04 14:01 - 2016-04-04 14:01 - 01192656 _____ (Adobe Systems Incorporated) C:\Users\Mond\Downloads\flashplayer21_ka_install.exe 2016-04-04 13:59 - 2016-04-04 13:59 - 00000000 ____D C:\Users\Mond\AppData\Roaming\Macromedia 2016-04-04 13:57 - 2016-04-04 14:56 - 00000000 ____D C:\Program Files\TrueKey 2016-04-04 13:56 - 2016-04-04 14:52 - 00000000 ____D C:\ProgramData\McAfee 2016-04-04 13:56 - 2016-04-04 13:56 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-04-04 13:56 - 2016-04-04 13:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-04-04 13:56 - 2016-04-04 13:56 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-04-04 13:55 - 2016-04-04 16:27 - 00000000 ____D C:\ProgramData\Adobe 2016-04-04 13:55 - 2016-04-04 13:55 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-04-04 13:54 - 2016-04-04 13:59 - 00000000 ____D C:\Users\Mond\AppData\Local\Adobe 2016-04-03 04:47 - 2016-04-03 04:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-04-03 01:15 - 2016-04-03 01:15 - 00005292 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MONDHER-Mond mondher 2016-04-02 11:34 - 2016-04-02 11:34 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2016-04-02 11:34 - 2016-04-02 11:34 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2016-04-02 11:15 - 2016-04-04 14:54 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-01 10:27 - 2016-04-01 10:27 - 00000000 ____D C:\Users\Mond\AppData\Local\Viber Media S.à r.l 2016-03-31 23:07 - 2016-04-04 14:53 - 00000000 ____D C:\Users\Mond\AppData\Roaming\ViberPC 2016-03-31 23:07 - 2016-04-01 21:24 - 00001037 _____ C:\Users\Mond\Desktop\Viber.lnk 2016-03-31 23:07 - 2016-03-31 23:07 - 00001039 _____ C:\Users\Mond\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk 2016-03-31 23:07 - 2016-03-31 23:07 - 00000000 ____D C:\Users\Mond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber 2016-03-31 23:06 - 2016-03-31 23:07 - 00000000 ____D C:\Users\Mond\AppData\Local\Viber 2016-03-31 23:06 - 2016-03-31 23:06 - 00000000 ____D C:\Users\Mond\AppData\Local\Package Cache 2016-03-31 23:04 - 2016-03-31 23:03 - 03102720 _____ C:\Users\Mond\Desktop\adwcleaner_5.108.exe 2016-03-31 23:03 - 2016-04-04 14:57 - 00000000 ____D C:\AdwCleaner 2016-03-31 23:03 - 2016-03-31 23:03 - 03102720 _____ C:\Users\Mond\Downloads\adwcleaner_5.108.exe 2016-03-31 22:58 - 2016-03-31 23:01 - 110241408 _____ (Viber Media Inc.) C:\Users\Mond\Downloads\ViberSetup.exe 2016-03-30 19:59 - 2016-03-30 19:59 - 00004608 _____ C:\WINDOWS\SECOH-QAD.exe 2016-03-30 19:59 - 2016-03-30 19:59 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll 2016-03-30 19:58 - 2016-03-31 18:25 - 00000000 ____D C:\Program Files\KMSpico 2016-03-30 19:58 - 2016-03-30 19:58 - 00000000 ____D C:\Users\Mond\Desktop\Nouveau dossier 2016-03-30 19:58 - 2016-03-30 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2016-03-30 19:58 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll 2016-03-30 19:48 - 2016-04-03 01:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-03-30 19:47 - 2016-03-30 19:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-03-30 19:47 - 2016-03-30 19:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2016-03-30 19:46 - 2016-03-30 19:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2016-03-30 19:46 - 2016-03-30 19:46 - 00000000 ____D C:\WINDOWS\PCHEALTH 2016-03-30 19:41 - 2016-03-30 19:46 - 00000000 ____D C:\Program Files\Microsoft Office 2016-03-30 19:41 - 2016-03-30 19:41 - 00000000 ____D C:\Users\Mond\AppData\Local\Microsoft Help 2016-03-30 19:41 - 2016-03-30 19:41 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2016-03-30 19:41 - 2016-03-30 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-03-30 19:41 - 2016-03-30 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2016-03-30 19:36 - 2016-03-30 19:36 - 00003488 _____ C:\WINDOWS\System32\Tasks\WindowsUpdateNotifierStartup 2016-03-30 19:36 - 2016-03-30 19:36 - 00000000 ____D C:\Users\Mond\AppData\Local\WindowsUpdateNotifier 2016-03-30 18:56 - 2016-03-30 19:13 - 00000000 ____D C:\Users\Mond\AppData\Roaming\QuickScan 2016-03-30 18:37 - 2016-03-30 18:37 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\3E836D77.sys 2016-03-30 18:36 - 2016-03-30 18:36 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-03-30 18:36 - 2016-03-30 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-03-30 18:36 - 2016-03-30 18:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-03-30 18:36 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-03-30 18:36 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-03-30 18:36 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2016-03-30 18:32 - 2016-03-30 19:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-30 18:23 - 2016-03-30 18:23 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\63D7632C.sys 2016-03-30 16:58 - 2016-03-30 16:59 - 00000000 ____D C:\Users\Mond\Downloads\Malwarebytes Anti-Malware Premium v2.2.0.1024-2016 (Pre-Activated) 2016-03-30 16:57 - 2016-03-30 16:58 - 22830413 ____R C:\Users\Mond\Downloads\Malwarebytes Anti-Malware Premium 2.2.1.1043 + License Key [SadeemPC].zip 2016-03-30 16:46 - 2016-03-30 16:46 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-30 16:43 - 2016-03-30 16:43 - 00000000 ____D C:\Users\Mond\AppData\Roaming\WinRAR 2016-03-30 16:43 - 2016-03-30 16:43 - 00000000 ____D C:\Users\Mond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-30 16:43 - 2016-03-30 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-30 16:43 - 2016-03-30 16:43 - 00000000 ____D C:\Program Files\WinRAR 2016-03-30 16:42 - 2016-03-30 16:42 - 02052648 _____ C:\Users\Mond\Downloads\winrar-x64-530fr.exe 2016-03-30 16:40 - 2016-03-30 16:43 - 00000000 ____D C:\Users\Mond\Downloads\Malwarebytes Anti-Malware Premium 2.2.0.1024 Final Multilingual incl Keygen-=TEAM OS=- 2016-03-30 16:02 - 2016-03-30 16:18 - 00000000 ____D C:\Users\Mond\AppData\Roaming\ZHP 2016-03-30 15:13 - 2016-03-30 20:05 - 00000000 ____D C:\Users\Mond\AppData\Roaming\BitTorrent 2016-03-30 15:13 - 2016-03-30 15:13 - 01930760 _____ (BitTorrent Inc.) C:\Users\Mond\Downloads\BitTorrent(1).exe 2016-03-30 15:01 - 2016-03-30 15:01 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-03-30 15:00 - 2016-03-30 15:00 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-03-30 15:00 - 2016-03-30 15:00 - 00000000 ____D C:\Program Files\CCleaner 2016-03-30 14:59 - 2016-03-30 14:59 - 06868672 _____ (Piriform Ltd) C:\Users\Mond\Downloads\ccsetup516.exe 2016-03-30 14:58 - 2016-03-30 14:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-03-30 13:50 - 2016-04-03 03:29 - 00000000 ____D C:\ProgramData\TEMP 2016-03-30 13:50 - 2016-03-30 13:50 - 00001336 _____ C:\Users\Mond\Desktop\Stellar Phoenix Photo Recovery.lnk 2016-03-30 13:50 - 2016-03-30 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Photo Recovery 2016-03-30 13:50 - 2016-03-30 13:50 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Photo Recovery 2016-03-30 13:34 - 2016-03-30 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-03-30 13:34 - 2016-03-30 13:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-03-30 13:34 - 2016-03-30 13:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-03-30 13:33 - 2016-03-30 13:33 - 13163744 _____ (Microsoft Corporation) C:\Users\Mond\Downloads\Silverlight_x64.exe 2016-03-30 12:54 - 2016-03-30 12:55 - 00000290 __RSH C:\ProgramData\ntuser.pol 2016-03-30 12:54 - 2016-03-30 12:54 - 00000000 ____D C:\Users\Mond\AppData\Local\Google 2016-03-29 23:29 - 2016-04-04 12:57 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{601884A9-77AC-4E16-BC83-C8823B4EA139} 2016-03-29 23:25 - 2015-12-09 05:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-03-29 23:22 - 2016-03-30 12:22 - 00000000 ____D C:\Users\Mond\AppData\Local\Mozilla 2016-03-29 23:22 - 2016-03-29 23:23 - 00000000 ____D C:\Users\Mond\AppData\Roaming\Mozilla 2016-03-29 23:18 - 2016-03-29 23:19 - 43660240 _____ C:\Users\Mond\Downloads\Firefox Setup 45.0.1.exe 2016-03-29 23:14 - 2016-03-30 16:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-29 23:14 - 2016-03-29 23:21 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-29 23:14 - 2016-03-29 23:21 - 00001227 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-03-29 23:13 - 2016-04-03 01:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-29 23:13 - 2016-03-29 23:15 - 00000000 ____D C:\Users\Mond\AppData\Roaming\vlc 2016-03-29 23:09 - 2016-03-29 23:09 - 00001150 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-03-29 23:09 - 2016-03-29 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-03-29 23:08 - 2016-03-29 23:09 - 00242320 _____ C:\Users\Mond\Downloads\Firefox Setup Stub 45.0.1.exe 2016-03-29 23:08 - 2016-03-29 23:08 - 00000000 ____D C:\Users\Mond\AppData\Roaming\Sun 2016-03-29 23:08 - 2016-03-29 23:08 - 00000000 ____D C:\Users\Mond\.oracle_jre_usage 2016-03-29 23:07 - 2016-03-29 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-29 23:07 - 2016-03-29 23:05 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-03-29 23:06 - 2016-03-29 23:06 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2016-03-29 23:05 - 2016-03-29 23:19 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-03-29 23:05 - 2016-03-29 23:05 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-03-29 23:04 - 2016-03-29 23:05 - 30510920 _____ C:\Users\Mond\Downloads\vlc-2.2.2-win32.exe 2016-03-29 23:03 - 2016-03-29 23:29 - 00000000 ____D C:\ProgramData\Oracle 2016-03-29 23:02 - 2016-03-29 23:02 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-29 22:59 - 2016-03-29 22:59 - 00000000 ____D C:\Users\Mond\AppData\LocalLow\Oracle 2016-03-29 22:58 - 2016-03-29 22:58 - 00734784 _____ (Oracle Corporation) C:\Users\Mond\Downloads\JavaSetup8u77 (1).exe 2016-03-29 22:52 - 2016-03-29 22:52 - 00734784 _____ (Oracle Corporation) C:\Users\Mond\Downloads\JavaSetup8u77.exe 2016-03-29 22:48 - 2016-03-29 22:48 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-03-29 19:41 - 2016-03-30 15:01 - 00000000 ___DC C:\WINDOWS\Panther 2016-03-29 19:41 - 2016-03-29 19:41 - 00000000 ____D C:\WINDOWS\InfusedApps 2016-03-29 19:40 - 2016-03-30 16:00 - 00000000 ____D C:\Windows.old 2016-03-29 19:40 - 2016-03-29 19:40 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-03-29 19:38 - 2016-03-29 19:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2016-03-29 19:38 - 2016-03-29 18:53 - 00000000 ____D C:\Program Files\Elantech 2016-03-29 19:35 - 2016-03-29 19:35 - 00000000 ____D C:\WINDOWS\Setup 2016-03-29 19:29 - 2016-03-29 19:29 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-03-29 19:29 - 2016-03-29 19:29 - 00000000 ____D C:\WINDOWS\OCR 2016-03-29 19:29 - 2016-03-29 19:29 - 00000000 ____D C:\Users\Mond\AppData\Local\Comms 2016-03-29 19:29 - 2016-03-29 19:29 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-03-29 19:29 - 2016-03-29 19:29 - 00000000 ____D C:\Program Files\MSBuild 2016-03-29 19:29 - 2016-03-29 19:29 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-03-29 19:29 - 2016-03-29 19:29 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-03-29 19:27 - 2016-04-03 23:34 - 00825500 _____ C:\WINDOWS\system32\perfh00C.dat 2016-03-29 19:27 - 2016-04-03 23:34 - 00155764 _____ C:\WINDOWS\system32\perfc00C.dat 2016-03-29 19:27 - 2016-03-29 19:25 - 00350774 _____ C:\WINDOWS\system32\perfi00C.dat 2016-03-29 19:27 - 2016-03-29 19:25 - 00040528 _____ C:\WINDOWS\system32\perfd00C.dat 2016-03-29 19:26 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\fr 2016-03-29 19:26 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\system32\fr 2016-03-29 19:16 - 2016-04-03 23:34 - 00419644 _____ C:\WINDOWS\system32\perfh001.dat 2016-03-29 19:16 - 2016-04-03 23:34 - 00064110 _____ C:\WINDOWS\system32\perfc001.dat 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-03-29 19:16 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-03-29 19:16 - 2016-03-29 19:16 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2016-03-29 19:16 - 2016-03-29 19:16 - 00000000 ____D C:\WINDOWS\SysWOW64\0409 2016-03-29 19:16 - 2016-03-29 19:15 - 00296742 _____ C:\WINDOWS\system32\perfi001.dat 2016-03-29 19:16 - 2016-03-29 19:15 - 00033362 _____ C:\WINDOWS\system32\perfd001.dat 2016-03-29 19:15 - 2016-03-29 19:16 - 00002415 _____ C:\Users\Mond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-29 19:15 - 2016-03-29 19:15 - 00000000 ____D C:\WINDOWS\system32\ar 2016-03-29 19:15 - 2016-03-29 19:15 - 00000000 ____D C:\WINDOWS\system32\0409 2016-03-29 19:15 - 2016-03-29 19:15 - 00000000 ____D C:\WINDOWS\DigitalLocker 2016-03-29 19:14 - 2016-03-29 19:14 - 00000000 ____D C:\Users\Mond\AppData\Local\MicrosoftEdge 2016-03-29 19:12 - 2016-03-29 19:12 - 00029822 _____ C:\Users\Mond\Desktop\Applications supprimées.html 2016-03-29 19:12 - 2016-03-29 19:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-03-29 19:11 - 2016-03-29 19:11 - 00000000 ____D C:\Users\Mond\AppData\Local\ActiveSync 2016-03-29 19:10 - 2016-03-29 19:10 - 00000000 ____D C:\Users\Mond\AppData\Local\Publishers 2016-03-29 19:09 - 2016-03-30 13:07 - 00000000 ____D C:\Users\Mond\AppData\Local\Packages 2016-03-29 19:09 - 2016-03-29 19:09 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2016-03-29 19:09 - 2016-03-29 19:09 - 00000000 ____D C:\Users\Mond\AppData\Roaming\Adobe 2016-03-29 19:09 - 2016-03-29 19:09 - 00000000 ____D C:\Users\Mond\AppData\Local\VirtualStore 2016-03-29 19:09 - 2016-03-08 09:12 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-03-29 19:09 - 2016-03-08 09:12 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-29 19:08 - 2016-03-29 19:08 - 00000020 ___SH C:\Users\Mond\ntuser.ini 2016-03-29 19:08 - 2016-03-29 19:08 - 00000000 ____D C:\Users\Mond\AppData\Local\TileDataLayer 2016-03-29 19:06 - 2016-04-03 23:34 - 02328422 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-29 19:06 - 2016-04-03 23:29 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-29 19:06 - 2016-04-03 04:52 - 00000000 ____D C:\WINDOWS\rescache 2016-03-29 19:06 - 2016-04-03 01:00 - 00000167 _____ C:\WINDOWS\win.ini 2016-03-29 19:06 - 2016-04-02 22:59 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-29 19:06 - 2016-04-02 12:12 - 00000000 ____D C:\Program Files\Common Files\System 2016-03-29 19:06 - 2016-04-02 12:07 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-03-29 19:06 - 2016-03-30 19:48 - 00000000 ____D C:\WINDOWS\ShellNew 2016-03-29 19:06 - 2016-03-30 19:46 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-03-29 19:06 - 2016-03-30 16:23 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 __RSD C:\WINDOWS\Media 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ____D C:\WINDOWS\Provisioning 2016-03-29 19:06 - 2016-03-30 16:22 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-03-29 19:06 - 2016-03-30 16:21 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-29 19:06 - 2016-03-30 16:21 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-29 19:06 - 2016-03-30 16:21 - 00000000 ____D C:\Program Files\Windows Journal 2016-03-29 19:06 - 2016-03-30 16:21 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-29 19:06 - 2016-03-30 16:21 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-29 19:06 - 2016-03-30 12:54 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-03-29 19:06 - 2016-03-30 12:54 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-03-29 19:06 - 2016-03-30 12:19 - 00000000 ____D C:\WINDOWS\appcompat 2016-03-29 19:06 - 2016-03-29 19:41 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-03-29 19:06 - 2016-03-29 19:29 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-03-29 19:06 - 2016-03-29 19:29 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-03-29 19:06 - 2016-03-29 19:27 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\system32\Com 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\IME 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\Help 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\Program Files\Windows Defender 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-03-29 19:06 - 2016-03-29 19:26 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-03-29 19:06 - 2016-03-29 19:16 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-03-29 19:06 - 2016-03-29 19:16 - 00000000 ____D C:\WINDOWS\system32\setup 2016-03-29 19:06 - 2016-03-29 19:10 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-03-29 19:06 - 2016-03-29 19:09 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___SD C:\WINDOWS\system32\Nui 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___SD C:\WINDOWS\system32\Configuration 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___RD C:\WINDOWS\DesktopTileResources 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Web 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Vss 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\tracing 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\TAPI 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\ras 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SystemResources 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SystemApps 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\WinMetadata 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\winevt 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\ras 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\ProximityToast 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\PointOfService 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\MsDtc 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\Ipmi 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\IME 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\icsxml 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\ias 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\downlevel 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\config\Journal 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\Bthprops 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\System 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SKB 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\security 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\schemas 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\SchCache 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Resources 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Registration 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\PLA 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Performance 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\ModemLogs 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\InputMethod 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Globalization 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Cursors 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\Branding 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\addins 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\ProgramData\USOPrivate 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\ProgramData\Comms 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\Program Files\Common Files\Services 2016-03-29 19:06 - 2016-03-29 19:06 - 00000000 ____D C:\Program Files (x86)\Windows NT 2016-03-29 19:06 - 2016-03-29 19:02 - 00000000 ____D C:\Program Files\Windows NT 2016-03-29 19:06 - 2016-03-29 19:01 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2016-03-29 19:06 - 2016-03-29 19:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2016-03-29 19:06 - 2016-03-29 19:01 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat 2016-03-29 19:06 - 2016-03-29 19:01 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat 2016-03-29 19:06 - 2016-03-29 19:01 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2016-03-29 19:06 - 2016-03-29 19:01 - 00000000 __RHD C:\Users\Public\Libraries 2016-03-29 19:06 - 2016-03-29 19:01 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-03-29 19:06 - 2016-03-29 19:01 - 00000000 ____D C:\WINDOWS\system32\spool 2016-03-29 19:06 - 2016-03-29 19:01 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-03-29 19:06 - 2016-03-29 19:00 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2016-03-29 19:06 - 2016-03-29 19:00 - 00215943 _____ C:\WINDOWS\system32\dssec.dat 2016-03-29 19:06 - 2016-03-29 19:00 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services 2016-03-29 19:06 - 2016-03-29 19:00 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-03-29 19:06 - 2016-03-29 19:00 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat 2016-03-29 19:06 - 2016-03-29 19:00 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2016-03-29 19:06 - 2016-03-29 19:00 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat 2016-03-29 19:06 - 2016-03-29 19:00 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2016-03-29 19:06 - 2016-03-29 19:00 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2016-03-29 19:06 - 2016-03-29 19:00 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT 2016-03-29 19:06 - 2016-03-29 19:00 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2016-03-29 19:06 - 2016-03-29 19:00 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config 2016-03-29 19:06 - 2016-03-29 19:00 - 00000219 _____ C:\WINDOWS\system.ini 2016-03-29 19:06 - 2016-03-29 18:56 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-03-29 19:03 - 2016-04-03 23:34 - 00000000 ____D C:\WINDOWS\INF 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Voisinage réseau 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Modèles 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Mes documents 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Menu Démarrer 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Documents\Mes images 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\Default User 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Users\All Users 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\ProgramData\Modèles 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\ProgramData\Menu Démarrer 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\ProgramData\Bureau 2016-03-29 19:02 - 2016-03-29 19:02 - 00000000 _SHDL C:\Program Files\Fichiers communs 2016-03-29 19:00 - 2016-03-29 23:08 - 00000000 ____D C:\Users\Mond 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Voisinage réseau 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Voisinage d'impression 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Modèles 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Mes documents 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Menu Démarrer 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Documents\Mes vidéos 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Documents\Mes images 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\Documents\Ma musique 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2016-03-29 19:00 - 2016-03-29 19:00 - 00000000 _SHDL C:\Users\Mond\AppData\Local\Historique 2016-03-29 18:52 - 2016-04-04 14:55 - 00000000 ____D C:\Program Files\Intel 2016-03-29 18:52 - 2016-03-29 18:52 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-03-29 18:52 - 2016-03-29 18:52 - 00000000 ____D C:\ProgramData\USOShared 2016-03-29 18:52 - 2016-03-29 18:52 - 00000000 ____D C:\ProgramData\Conexant 2016-03-29 18:52 - 2016-03-29 18:52 - 00000000 ____D C:\Program Files\CONEXANT 2016-03-29 18:52 - 2015-12-10 15:09 - 00072696 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-03-29 18:52 - 2015-12-10 15:09 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-03-29 18:51 - 2016-03-29 18:51 - 00000000 ____D C:\Program Files\Common Files\Atheros 2016-03-29 18:47 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-03-29 18:46 - 2016-03-29 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-29 18:44 - 2016-04-03 03:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-29 18:43 - 2016-04-03 03:31 - 00350608 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-29 18:43 - 2016-03-29 18:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-03-29 18:16 - 2015-10-30 08:33 - 00000164 _____ C:\WINDOWS\system32\config\FP 2016-03-29 18:15 - 2016-04-03 03:30 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-03-29 18:15 - 2016-03-29 19:26 - 00000000 ____D C:\WINDOWS\servicing 2016-03-29 18:15 - 2016-03-29 19:06 - 00000000 ____D C:\WINDOWS\system32\SMI 2016-03-29 18:15 - 2016-03-29 18:52 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-03-29 15:36 - 2016-03-30 15:04 - 00000000 ___HD C:\$SysReset 2016-03-29 14:59 - 2016-03-30 16:18 - 00006317 _____ C:\Users\Mond\Desktop\ZHPCleaner.txt 2016-03-29 13:36 - 2016-03-30 16:02 - 00000885 _____ C:\Users\Mond\Desktop\ZHPCleaner.lnk 2016-03-29 13:36 - 2016-03-29 12:51 - 02102784 _____ C:\Users\Mond\Desktop\ZHPCleaner.exe 2016-03-29 10:51 - 2016-03-29 10:51 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-03-29 10:49 - 2016-03-30 17:51 - 00000000 ____D C:\Users\Mond\AppData\LocalLow\Company 2016-03-29 10:49 - 2016-03-29 10:49 - 00000000 ____D C:\uninst 2016-03-29 09:20 - 2016-03-29 09:21 - 02449376 _____ (Megaify Software ) C:\Users\Mond\Downloads\DriverToolkitInstaller.exe 2016-03-25 23:58 - 2016-03-25 23:58 - 10121064 _____ (Stellar Information Systems Ltd ) C:\Users\Mond\Downloads\Stellar_Phoenix_Windows_Photo_Recovery_01net.EXE 2016-03-25 19:29 - 2016-03-25 19:30 - 03267488 _____ C:\Users\Mond\Downloads\PandoraRecovery.exe 2016-03-25 19:28 - 2016-03-25 19:28 - 16194048 _____ C:\Users\Mond\Downloads\disk-drill-win.msi 2016-03-25 19:27 - 2016-03-25 19:27 - 03004240 _____ (SharpNight Co,Ltd ) C:\Users\Mond\Downloads\7data-recovery-suite.exe 2016-03-25 18:56 - 2016-03-25 18:56 - 00302011 _____ C:\Users\Mond\Downloads\WindowsUpdateDiagnostic.diagcab 2016-03-25 18:41 - 2016-03-25 18:41 - 00652800 _____ C:\Users\Mond\Downloads\MicrosoftFixit50362.msi 2016-03-25 16:23 - 2016-03-25 16:23 - 00000000 ____D C:\Users\Mond\Documents\My Data Files 2016-03-25 16:21 - 2016-03-25 16:22 - 27641136 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Mond\Downloads\data-recovery.exe 2016-03-25 16:11 - 2016-03-25 16:12 - 01879688 _____ (Pro Data Doctor Pvt. Ltd. ) C:\Users\Mond\Downloads\DigiPhotoRecDemo.exe 2016-03-23 18:46 - 2016-03-23 18:47 - 05321559 _____ C:\Users\Mond\Downloads\Get back Data_by_HAMMA_ben_aissa.rar 2016-03-23 18:28 - 2016-03-23 18:28 - 00000000 ____D C:\Users\Mond\.ViberPC 2016-03-23 18:28 - 2016-03-23 18:28 - 00000000 ____D C:\Users\Mond\.QtWebEngineProcess 2016-03-23 18:20 - 2016-04-02 22:48 - 00000000 ____D C:\Users\Mond\Documents\ViberDownloads 2016-03-23 16:52 - 2016-03-23 16:52 - 00171054 _____ C:\Users\Mond\Downloads\watch.htm 2016-03-23 16:43 - 2016-03-23 16:44 - 101213136 _____ (Viber Media Inc.) C:\Users\Mond\Downloads\viber_5-4-0-1664_fr_430571.exe 2016-03-23 12:44 - 2016-03-23 12:44 - 04636312 _____ C:\Users\Mond\Downloads\glary-undelete_5-0-1-19_fr_195610.exe 2016-03-23 11:53 - 2016-03-23 11:53 - 14640472 _____ ({code:GDConstant/CompanyName} ) C:\Users\Mond\Downloads\RecoverMyPhotos-Setup-4.4.6.1608.exe 2016-03-23 11:38 - 2016-03-23 11:38 - 00502264 _____ C:\Users\Mond\Downloads\file_recovery-1.2.exe 2016-03-22 23:13 - 2016-03-22 23:14 - 04426120 _____ (Piriform Ltd) C:\Users\Mond\Downloads\rcsetup152.exe 2016-03-22 14:05 - 2016-03-22 14:05 - 00987728 _____ (Google Inc.) C:\Users\Mond\Downloads\ChromeSetup.exe 2016-03-22 11:48 - 2016-03-22 11:48 - 05202180 _____ C:\Users\Mond\Downloads\pf7-setup-fr-7.2.1.exe 2016-03-20 13:11 - 2016-03-20 13:11 - 02904442 _____ C:\Users\Mond\Downloads\Windows7-USB-DVD-tool.rar 2016-03-20 13:07 - 2016-03-20 13:41 - 00000000 ____D C:\Users\Mond\Documents\MEGAsync Downloads 2016-03-20 13:06 - 2016-03-20 13:06 - 10461168 _____ (MEGA Limited) C:\Users\Mond\Downloads\MEGAsyncSetup.exe 2016-03-20 13:03 - 2016-03-20 13:06 - 175335648 _____ C:\Users\Mond\Downloads\repairdisc64bits.zip 2016-03-18 10:17 - 2016-03-18 10:27 - 00000000 ____D C:\Users\Mond\Downloads\Nouveau dossier (8) 2016-03-12 13:06 - 2016-03-12 13:07 - 08891465 _____ C:\Users\Mond\Downloads\لا تحزن.pdf 2016-03-12 12:59 - 2016-03-12 12:59 - 17174004 _____ C:\Users\Mond\Downloads\la ta7zan.pdf 2016-03-10 23:40 - 2016-02-24 11:52 - 01997328 ____N (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-03-10 23:40 - 2016-02-24 11:51 - 07474528 ____N (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-03-10 23:40 - 2016-02-24 11:48 - 00713568 ____N (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-03-10 23:40 - 2016-02-24 11:34 - 01613664 ____N (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-03-10 23:40 - 2016-02-24 11:28 - 03449168 ____N (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-03-10 23:40 - 2016-02-24 11:15 - 01557768 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-03-10 23:40 - 2016-02-24 10:51 - 01322248 ____N (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-03-10 23:40 - 2016-02-24 10:50 - 00808800 ____N (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-03-10 23:40 - 2016-02-24 10:46 - 06607080 ____N (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-03-10 23:40 - 2016-02-24 10:19 - 00670928 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-03-10 23:40 - 2016-02-24 10:11 - 01997152 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-03-10 23:40 - 2016-02-24 10:11 - 00703840 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-03-10 23:40 - 2016-02-24 10:11 - 00652392 ____N (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-03-10 23:40 - 2016-02-24 10:10 - 00576864 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-03-10 23:40 - 2016-02-24 10:06 - 05242496 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-03-10 23:40 - 2016-02-24 09:35 - 00523752 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-03-10 23:40 - 2016-02-24 08:44 - 01713664 ____N (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-03-10 23:40 - 2016-02-24 08:40 - 01224704 ____N (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-03-10 23:40 - 2016-02-24 08:39 - 01390592 ____N (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-03-10 23:40 - 2016-02-24 08:34 - 00938496 ____N (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-03-10 23:40 - 2016-02-24 08:11 - 03593216 ____N (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-03-10 23:40 - 2016-02-24 08:09 - 01443328 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-03-10 23:40 - 2016-02-24 08:07 - 00949248 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-03-10 23:40 - 2016-02-24 08:04 - 01497088 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-03-10 23:40 - 2016-02-24 08:03 - 00769536 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-03-10 23:40 - 2016-02-24 08:01 - 01831936 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-03-10 23:40 - 2016-02-24 08:00 - 02273792 ____N (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-03-10 23:40 - 2016-02-24 08:00 - 01098752 ____N (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-03-10 23:40 - 2016-02-24 07:55 - 01996288 ____N (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-03-10 23:40 - 2016-02-24 07:34 - 01707520 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-03-10 23:40 - 2016-02-24 07:20 - 22376960 ____N (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-03-10 23:40 - 2016-02-24 07:18 - 18677760 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-03-10 23:40 - 2016-02-24 07:12 - 19339776 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-10 23:40 - 2016-02-24 07:12 - 05321728 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-10 23:40 - 2016-02-24 07:10 - 24600576 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-03-10 23:40 - 2016-02-24 07:09 - 06972416 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-03-10 23:40 - 2016-02-24 07:05 - 12586496 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-03-10 23:40 - 2016-02-24 07:03 - 14252544 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-03-10 23:40 - 2016-02-24 06:59 - 05661696 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-03-10 23:40 - 2016-02-24 06:55 - 07835648 ____N (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-03-10 23:39 - 2016-03-01 07:31 - 00848168 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-03-10 23:39 - 2016-03-01 07:22 - 00709688 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-03-10 23:39 - 2016-02-24 11:47 - 01173344 ____N (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-03-10 23:39 - 2016-02-24 11:40 - 00513888 ____N (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-03-10 23:39 - 2016-02-24 10:58 - 00794888 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-03-10 23:39 - 2016-02-24 10:54 - 00127840 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-03-10 23:39 - 2016-02-24 10:43 - 00625000 ____N (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-03-10 23:39 - 2016-02-24 10:39 - 00358752 ____N (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-03-10 23:39 - 2016-02-24 10:39 - 00141560 ____N (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-03-10 23:39 - 2016-02-24 10:14 - 00216416 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-03-10 23:39 - 2016-02-24 10:11 - 00957608 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-03-10 23:39 - 2016-02-24 10:11 - 00394080 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-03-10 23:39 - 2016-02-24 10:11 - 00258280 ____N (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-03-10 23:39 - 2016-02-24 10:10 - 00630632 ____N (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-03-10 23:39 - 2016-02-24 10:09 - 00640472 ____N (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-03-10 23:39 - 2016-02-24 10:09 - 00147808 ____N (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-03-10 23:39 - 2016-02-24 09:59 - 00294752 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-03-10 23:39 - 2016-02-24 09:39 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-03-10 23:39 - 2016-02-24 09:39 - 00023552 ____N (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-03-10 23:39 - 2016-02-24 09:38 - 00187744 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-03-10 23:39 - 2016-02-24 09:38 - 00111616 ____N (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-03-10 23:39 - 2016-02-24 09:37 - 00045056 ____N (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-03-10 23:39 - 2016-02-24 09:36 - 00060416 ____N (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-03-10 23:39 - 2016-02-24 09:35 - 00540752 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-03-10 23:39 - 2016-02-24 09:35 - 00220064 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-03-10 23:39 - 2016-02-24 09:35 - 00045568 ____N (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-03-10 23:39 - 2016-02-24 09:33 - 00538736 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-03-10 23:39 - 2016-02-24 09:33 - 00141664 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-03-10 23:39 - 2016-02-24 09:31 - 00118272 ____N (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-03-10 23:39 - 2016-02-24 09:30 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-03-10 23:39 - 2016-02-24 09:28 - 00070656 ____N (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-03-10 23:39 - 2016-02-24 09:23 - 00112640 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-03-10 23:39 - 2016-02-24 09:23 - 00091648 ____N (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-03-10 23:39 - 2016-02-24 09:23 - 00068096 ____N (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-03-10 23:39 - 2016-02-24 09:22 - 00196608 ____N (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-03-10 23:39 - 2016-02-24 09:20 - 00195072 ____N (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-03-10 23:39 - 2016-02-24 09:20 - 00167936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-03-10 23:39 - 2016-02-24 09:20 - 00087552 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-03-10 23:39 - 2016-02-24 09:19 - 00145408 ____N (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-03-10 23:39 - 2016-02-24 09:19 - 00031232 ____N (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-03-10 23:39 - 2016-02-24 09:15 - 00365568 ____N (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-03-10 23:39 - 2016-02-24 09:14 - 00274944 ____N (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-03-10 23:39 - 2016-02-24 09:13 - 00121856 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-03-10 23:39 - 2016-02-24 09:12 - 00243712 ____N (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-03-10 23:39 - 2016-02-24 09:12 - 00221184 ____N (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-03-10 23:39 - 2016-02-24 09:10 - 00093184 ____N (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-03-10 23:39 - 2016-02-24 09:09 - 00258560 ____N (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-03-10 23:39 - 2016-02-24 09:09 - 00161792 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-03-10 23:39 - 2016-02-24 09:07 - 00252928 ____N (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-03-10 23:39 - 2016-02-24 09:05 - 00208896 ____N (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-03-10 23:39 - 2016-02-24 09:03 - 00088576 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-10 23:39 - 2016-02-24 09:02 - 00161280 ____N (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-03-10 23:39 - 2016-02-24 09:01 - 00764928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-03-10 23:39 - 2016-02-24 09:01 - 00146432 ____N (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-03-10 23:39 - 2016-02-24 09:01 - 00067584 ____N (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-03-10 23:39 - 2016-02-24 09:00 - 00214528 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-03-10 23:39 - 2016-02-24 08:59 - 00450560 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-03-10 23:39 - 2016-02-24 08:59 - 00360448 ____N (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-03-10 23:39 - 2016-02-24 08:59 - 00318976 ____N (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-03-10 23:39 - 2016-02-24 08:58 - 00685568 ____N (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-03-10 23:39 - 2016-02-24 08:55 - 00790528 ____N (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-03-10 23:39 - 2016-02-24 08:55 - 00224256 ____N (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-03-10 23:39 - 2016-02-24 08:55 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-03-10 23:39 - 2016-02-24 08:54 - 00526336 ____N (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-03-10 23:39 - 2016-02-24 08:54 - 00288768 ____N (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-03-10 23:39 - 2016-02-24 08:54 - 00228352 ____N (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-03-10 23:39 - 2016-02-24 08:54 - 00037888 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-10 23:39 - 2016-02-24 08:53 - 00089088 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-03-10 23:39 - 2016-02-24 08:53 - 00037888 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-03-10 23:39 - 2016-02-24 08:52 - 00451584 ____N (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-03-10 23:39 - 2016-02-24 08:52 - 00048128 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-10 23:39 - 2016-02-24 08:51 - 00037376 ____N (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-03-10 23:39 - 2016-02-24 08:49 - 00726528 ____N (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-03-10 23:39 - 2016-02-24 08:47 - 00093696 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-03-10 23:39 - 2016-02-24 08:46 - 00020480 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-03-10 23:39 - 2016-02-24 08:44 - 00915456 ____N (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-03-10 23:39 - 2016-02-24 08:44 - 00700416 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-03-10 23:39 - 2016-02-24 08:44 - 00056320 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-03-10 23:39 - 2016-02-24 08:43 - 00957952 ____N (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-03-10 23:39 - 2016-02-24 08:43 - 00286720 ____N (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-03-10 23:39 - 2016-02-24 08:42 - 00954368 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-03-10 23:39 - 2016-02-24 08:42 - 00084992 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-03-10 23:39 - 2016-02-24 08:41 - 00982016 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-03-10 23:39 - 2016-02-24 08:41 - 00436736 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-03-10 23:39 - 2016-02-24 08:40 - 00078848 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-10 23:39 - 2016-02-24 08:40 - 00056320 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-10 23:39 - 2016-02-24 08:39 - 00164864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-03-10 23:39 - 2016-02-24 08:38 - 00150528 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-03-10 23:39 - 2016-02-24 08:36 - 01847808 ____N (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-03-10 23:39 - 2016-02-24 08:34 - 00303104 ____N (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-10 23:39 - 2016-02-24 08:32 - 00223744 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-03-10 23:39 - 2016-02-24 08:32 - 00098304 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-03-10 23:39 - 2016-02-24 08:31 - 00200704 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-03-10 23:39 - 2016-02-24 08:31 - 00169984 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-03-10 23:39 - 2016-02-24 08:28 - 00870912 ____N (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-03-10 23:39 - 2016-02-24 08:28 - 00196608 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-03-10 23:39 - 2016-02-24 08:28 - 00135168 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-03-10 23:39 - 2016-02-24 08:25 - 00401408 ____N (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-03-10 23:39 - 2016-02-24 08:23 - 00129024 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-03-10 23:39 - 2016-02-24 08:22 - 00053248 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-03-10 23:39 - 2016-02-24 08:21 - 00315904 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-10 23:39 - 2016-02-24 08:21 - 00168448 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-03-10 23:39 - 2016-02-24 08:18 - 01490432 ____N (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-03-10 23:39 - 2016-02-24 08:18 - 00575488 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-03-10 23:39 - 2016-02-24 08:18 - 00184832 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-03-10 23:39 - 2016-02-24 08:17 - 00369664 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-03-10 23:39 - 2016-02-24 08:16 - 00394752 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-03-10 23:39 - 2016-02-24 08:13 - 00540160 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-03-10 23:39 - 2016-02-24 08:09 - 00793600 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-03-10 23:39 - 2016-02-24 08:09 - 00552960 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-03-10 23:39 - 2016-02-24 08:09 - 00228352 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-03-10 23:39 - 2016-02-24 08:07 - 00890368 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-03-10 23:39 - 2016-02-24 08:07 - 00342528 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-03-10 23:39 - 2016-02-24 07:57 - 02158592 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-03-10 23:39 - 2016-02-24 07:43 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-03-10 23:39 - 2016-02-24 07:22 - 00163328 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-04-04 14:52 - 2014-10-28 20:54 - 00000000 __SHD C:\Users\Mond\IntelGraphicsProfiles 2016-03-30 19:29 - 2015-02-17 11:17 - 00000000 ____D C:\Users\Mond\Downloads\bittorent 2016-03-30 16:30 - 2014-10-29 02:43 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-30 15:15 - 2014-10-29 00:14 - 00002730 _____ C:\Users\Mond\Desktop\BitTorrent.lnk 2016-03-29 19:25 - 2015-03-20 01:00 - 00000000 ____D C:\Users\Mond\Downloads\decodage mobile 2016-03-29 19:16 - 2015-08-23 16:19 - 00000000 ___RD C:\Users\Mond\OneDrive 2016-03-16 21:04 - 2015-03-23 15:02 - 00000000 ____D C:\Users\Mond\Downloads\Mon CV 2016-03-16 18:03 - 2015-12-16 22:34 - 00000000 ____D C:\Users\Mond\Downloads\Nouveau dossier (6) ==================== Fichiers à la racine de certains dossiers ======= 2016-03-29 18:52 - 2016-03-29 18:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Certains fichiers dans TEMP: ==================== C:\Users\Mond\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-03-29 18:42 ==================== Fin de FRST.txt ============================