Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Exécuté par meoua (administrateur) sur DESKTOP-H4HRTLA (05-09-2016 19:28:25)
Exécuté depuis C:\Users\meoua\Desktop
Profils chargés: meoua (Profils disponibles: meoua)
Platform: Windows 10 Pro Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-1430271797-4064762032-962017862-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{6655bd78-10f8-408d-9cc1-fadb3a556c74}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-03] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-03]
CHR Extension: (Google Docs) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-03]
CHR Extension: (Google Drive) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-03]
CHR Extension: (YouTube) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-03]
CHR Extension: (Google Sheets) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-03]
CHR Extension: (Google Docs Offline) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-03]
CHR Extension: (Gmail) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (QUALCOMM Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-09-04] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-09-05 19:28 - 2016-09-05 19:29 - 00007523 _____ C:\Users\meoua\Desktop\FRST.txt
2016-09-05 19:25 - 2016-09-05 19:28 - 00000000 ____D C:\FRST
2016-09-05 17:54 - 2016-09-05 19:25 - 02397696 _____ (Farbar) C:\Users\meoua\Desktop\FRST64.exe
2016-09-05 17:25 - 2016-09-05 17:25 - 00000000 ___HD C:\OneDriveTemp
2016-09-04 19:10 - 2016-09-04 19:10 - 00020480 _____ C:\Users\meoua\Desktop\rk_36F5.tmp.txt
2016-09-04 19:07 - 2016-09-04 19:07 - 00005296 _____ C:\Users\meoua\Desktop\rk_209C.tmp.txt
2016-09-04 17:47 - 2016-09-04 17:47 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-09-04 17:44 - 2016-09-04 17:44 - 00000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-09-04 17:44 - 2016-09-04 17:44 - 00000000 ____D C:\ProgramData\RogueKiller
2016-09-04 17:44 - 2016-09-04 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-09-04 17:44 - 2016-09-04 17:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-09-04 17:42 - 2016-09-04 17:43 - 31930936 _____ (Adlice Software ) C:\Users\meoua\Downloads\setup.exe
2016-09-04 17:28 - 2016-09-04 17:31 - 20832328 _____ C:\Users\meoua\Downloads\RogueKiller.exe
2016-09-04 12:19 - 2016-09-04 12:19 - 00062745 _____ C:\Users\meoua\Desktop\ZHPDiag.txt
2016-09-04 12:08 - 2016-09-04 12:10 - 00000000 ____D C:\Users\meoua\AppData\Roaming\ZHP
2016-09-04 12:08 - 2016-09-04 12:08 - 00000865 _____ C:\Users\meoua\Desktop\ZHPDiag.lnk
2016-09-04 12:06 - 2016-09-04 12:08 - 02314752 _____ C:\Users\meoua\Downloads\ZHPDiag3.exe
2016-09-03 19:51 - 2016-09-03 19:51 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-03 19:51 - 2016-09-03 19:51 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-03 19:48 - 2016-09-05 17:23 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-03 19:48 - 2016-09-03 19:54 - 00004166 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-03 19:48 - 2016-09-03 19:54 - 00003934 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-03 19:48 - 2016-09-03 19:54 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-03 19:47 - 2016-09-04 01:54 - 00000000 ____D C:\Users\meoua\AppData\Local\Google
2016-09-03 19:47 - 2016-09-03 19:50 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-03 19:47 - 2016-09-03 19:47 - 00819144 _____ (Google Inc.) C:\Users\meoua\Downloads\chrome_installer.exe
2016-09-03 19:37 - 2016-09-03 19:39 - 00000000 ___HD C:\_acestream_cache_
2016-09-03 19:33 - 2016-09-03 19:33 - 00000000 ____D C:\Users\meoua\AppData\LocalLow\.ACEStream
2016-09-03 19:21 - 2016-09-03 19:30 - 81395336 _____ C:\Users\meoua\Downloads\Ace_Stream_Media_3.1.7.exe
2016-09-03 19:17 - 2016-09-03 19:17 - 00003986 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1472926636
2016-09-03 19:17 - 2016-09-03 19:17 - 00001204 _____ C:\Users\Public\Desktop\Opera.lnk
2016-09-03 19:17 - 2016-09-03 19:17 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-03 19:17 - 2016-09-03 19:17 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Opera Software
2016-09-03 19:17 - 2016-09-03 19:17 - 00000000 ____D C:\Users\meoua\AppData\Local\Opera Software
2016-09-03 19:14 - 2016-09-05 17:28 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-03 19:14 - 2016-09-03 19:14 - 00963016 _____ (Opera Software) C:\Users\meoua\Downloads\OperaSetup.exe
2016-09-03 19:07 - 2016-09-03 19:11 - 00000000 ____D C:\Users\meoua\AppData\Local\midori
2016-09-03 19:07 - 2016-09-03 19:11 - 00000000 ____D C:\Users\meoua\.dbus-keyrings
2016-09-03 19:07 - 2016-09-03 19:07 - 00000000 ____D C:\Users\meoua\AppData\Local\webkit
2016-09-03 13:13 - 2016-09-03 13:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-03 12:07 - 2016-09-03 12:58 - 00000000 ____D C:\Users\meoua\Desktop\Nouveau dossier
2016-09-02 19:27 - 2016-09-02 19:27 - 00000000 ____D C:\Users\meoua\AppData\Local\PeerDistRepub
2016-09-02 15:07 - 2016-09-02 15:17 - 00000000 ____D C:\Users\meoua\AppData\Roaming\concept design
2016-09-02 15:06 - 2016-09-02 15:06 - 00000000 ____D C:\Program Files (x86)\concept design
2016-09-02 14:43 - 2016-09-02 14:43 - 00000000 ____D C:\Users\meoua\AppData\Local\NetworkTiles
2016-09-01 22:40 - 2016-09-05 17:30 - 01848398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-01 22:38 - 2016-09-01 22:38 - 00000000 ____D C:\ProgramData\USOShared
2016-09-01 22:35 - 2016-07-01 06:05 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-01 22:33 - 2016-09-05 17:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Modèles
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Mes documents
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default User
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\All Users
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Modèles
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Bureau
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Program Files\Fichiers communs
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Documents and Settings
2016-09-01 22:25 - 2016-09-01 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-01 22:25 - 2016-09-01 22:25 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-01 22:24 - 2016-09-01 22:25 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-01 22:23 - 2016-09-01 22:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-01 22:22 - 2016-09-01 22:22 - 00000000 ____D C:\AMD
2016-09-01 22:22 - 2016-09-01 22:22 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-01 22:21 - 2016-09-01 22:21 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-01 22:21 - 2016-09-01 22:21 - 00000000 ____D C:\Program Files\AMD
2016-09-01 22:17 - 2016-09-01 22:17 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-01 22:16 - 2016-09-05 17:23 - 00359912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-01 18:00 - 2016-09-01 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-09-01 18:00 - 2016-09-01 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-01 17:58 - 2016-09-01 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-09-01 17:57 - 2016-09-01 17:57 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-09-01 17:57 - 2016-09-01 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-09-01 17:57 - 2016-09-01 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-09-01 17:55 - 2016-09-01 17:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-09-01 17:54 - 2016-09-01 17:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-09-01 17:53 - 2016-09-01 17:53 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-01 17:53 - 2016-09-01 17:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-01 17:52 - 2016-09-01 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-01 17:52 - 2016-09-01 17:52 - 00000000 ____D C:\Users\meoua\AppData\Local\Microsoft Help
2016-09-01 17:51 - 2016-09-01 17:51 - 00000000 __RHD C:\MSOCache
2016-09-01 17:46 - 2016-09-01 17:47 - 00000000 ____D C:\Users\meoua\Downloads\licence WinRAR 531
2016-09-01 17:45 - 2016-09-01 17:45 - 00000000 ____D C:\Users\meoua\AppData\Roaming\WinRAR
2016-09-01 17:45 - 2016-09-01 17:45 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-01 17:45 - 2016-09-01 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-01 17:44 - 2016-09-01 17:46 - 00000000 ____D C:\Program Files\WinRAR
2016-09-01 17:38 - 2016-09-01 17:39 - 00000000 ____D C:\Program Files\CCleaner
2016-09-01 17:38 - 2016-09-01 17:38 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-01 17:38 - 2016-09-01 17:38 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-01 17:38 - 2016-09-01 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-01 17:36 - 2016-09-01 17:37 - 08228024 _____ (Piriform Ltd) C:\Users\meoua\Downloads\ccsetup521pro.exe
2016-09-01 17:21 - 2016-09-01 17:21 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Macromedia
2016-09-01 17:00 - 2016-09-01 17:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-09-01 16:53 - 2016-09-01 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-01 16:35 - 2016-09-01 16:35 - 00000000 ____D C:\Program Files\CMAK
2016-09-01 16:35 - 2016-09-01 16:35 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-09-01 16:23 - 2016-07-27 20:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-01 16:17 - 2016-09-01 16:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-01 16:16 - 2016-09-01 16:16 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-01 15:10 - 2016-09-01 15:08 - 20738752 _____ (Microsoft Corporation) C:\Users\meoua\Downloads\OneDriveSetup (1).exe
2016-09-01 15:10 - 2016-06-15 16:17 - 00001004 _____ C:\Users\meoua\OneDrive\Documents\Résultats1.spv
2016-09-01 15:08 - 2016-09-01 15:10 - 00000000 ____D C:\Users\meoua\OneDrive\Documents\Notes
2016-09-01 15:08 - 2016-09-01 15:08 - 00000000 ____D C:\Users\meoua\OneDrive\Documents\Sound recordings
2016-09-01 15:08 - 2016-09-01 15:08 - 00000000 ____D C:\Users\meoua\OneDrive\Documents\MEGA
2016-09-01 15:07 - 2016-09-01 15:10 - 00003346 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-01 15:05 - 2016-09-01 15:05 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Skype
2016-09-01 15:03 - 2016-09-01 17:25 - 00000000 ____D C:\Users\meoua\AppData\Local\MicrosoftEdge
2016-09-01 15:01 - 2016-09-05 17:25 - 00000000 ___RD C:\Users\meoua\OneDrive
2016-09-01 15:01 - 2016-09-01 15:10 - 00002407 _____ C:\Users\meoua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\Users\meoua\AppData\Roaming\ATI
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\Users\meoua\AppData\Local\ATI
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\ProgramData\ATI
2016-09-01 14:58 - 2016-09-01 14:58 - 00000000 ____D C:\Users\meoua\AppData\Local\Publishers
2016-09-01 14:55 - 2016-09-01 15:17 - 00000000 ____D C:\Users\meoua\AppData\Local\PackageStaging
2016-09-01 14:54 - 2016-09-01 14:54 - 00000000 ____D C:\Users\meoua\AppData\Local\Comms
2016-09-01 14:54 - 2016-09-01 14:54 - 00000000 ____D C:\Users\meoua\AppData\Local\ActiveSync
2016-09-01 14:53 - 2016-09-01 16:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-01 14:53 - 2016-09-01 14:53 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Adobe
2016-09-01 14:52 - 2016-09-01 17:15 - 00000000 ____D C:\Users\meoua\AppData\Local\Packages
2016-09-01 14:52 - 2016-09-01 14:52 - 00000000 ____D C:\Users\meoua\AppData\Local\VirtualStore
2016-09-01 14:52 - 2016-09-01 14:52 - 00000000 ____D C:\Users\meoua\AppData\Local\TileDataLayer
2016-09-01 14:50 - 2016-09-03 19:07 - 00000000 ____D C:\Users\meoua
2016-09-01 14:50 - 2016-09-01 14:50 - 00000020 ___SH C:\Users\meoua\ntuser.ini
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Voisinage réseau
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Voisinage d'impression
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Modèles
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Mes documents
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Menu Démarrer
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\AppData\Local\Historique
2016-09-01 14:09 - 2016-09-01 18:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-01 14:09 - 2016-09-01 14:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-01 14:09 - 2016-09-01 14:09 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-09-01 14:06 - 2016-09-01 14:06 - 00000000 ____D C:\WINDOWS\Setup
2016-09-01 13:59 - 2016-09-01 17:59 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\OCR
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\Program Files\MSBuild
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-01 13:56 - 2016-09-05 17:30 - 00825500 _____ C:\WINDOWS\system32\perfh00C.dat
2016-09-01 13:56 - 2016-09-05 17:30 - 00155764 _____ C:\WINDOWS\system32\perfc00C.dat
2016-09-01 13:56 - 2016-09-01 13:54 - 00350774 _____ C:\WINDOWS\system32\perfi00C.dat
2016-09-01 13:56 - 2016-09-01 13:54 - 00040528 _____ C:\WINDOWS\system32\perfd00C.dat
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\fr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\fr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\0409
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-09-01 13:44 - 2016-07-02 05:37 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-01 13:44 - 2016-07-02 05:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-01 13:38 - 2016-09-01 16:31 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-09-01 13:38 - 2016-09-01 14:14 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-01 13:38 - 2016-09-01 13:27 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-09-01 13:38 - 2016-09-01 13:27 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-09-01 13:38 - 2016-09-01 13:27 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-09-01 13:38 - 2016-09-01 13:27 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-09-01 13:38 - 2016-09-01 13:27 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-09-01 13:38 - 2016-09-01 13:27 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-09-01 13:38 - 2016-09-01 13:27 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-09-01 13:38 - 2016-09-01 13:27 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-09-01 13:38 - 2016-09-01 13:27 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-09-01 13:38 - 2016-09-01 13:27 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-09-01 13:38 - 2016-09-01 13:27 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-09-01 13:37 - 2016-09-04 15:17 - 00000000 ____D C:\WINDOWS\rescache
2016-09-01 13:37 - 2016-09-04 13:44 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-01 13:37 - 2016-09-03 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-01 13:37 - 2016-09-03 11:57 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-01 13:37 - 2016-09-01 22:38 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-01 13:37 - 2016-09-01 22:36 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-01 13:37 - 2016-09-01 22:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-01 13:37 - 2016-09-01 22:32 - 00000000 ____D C:\WINDOWS\CSC
2016-09-01 13:37 - 2016-09-01 22:32 - 00000000 ____D C:\Program Files\Windows NT
2016-09-01 13:37 - 2016-09-01 22:29 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-01 13:37 - 2016-09-01 17:59 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-01 13:37 - 2016-09-01 17:55 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-01 13:37 - 2016-09-01 17:53 - 00000167 _____ C:\WINDOWS\win.ini
2016-09-01 13:37 - 2016-09-01 17:02 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 13:37 - 2016-09-01 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-01 13:37 - 2016-09-01 16:41 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 13:37 - 2016-09-01 16:41 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 __RSD C:\WINDOWS\Media
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Journal
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-01 13:37 - 2016-09-01 16:22 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-09-01 13:37 - 2016-09-01 14:54 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-01 13:37 - 2016-09-01 14:50 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-01 13:37 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-01 13:37 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\Com
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\IME
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\Help
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\Program Files\Common Files\System
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\ias
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Web
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Vss
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\tracing
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\TAPI
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SystemResources
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SystemApps
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\ras
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\IME
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\System
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SKB
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\security
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\schemas
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SchCache
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Resources
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Registration
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\PLA
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Performance
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\InputMethod
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Globalization
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Cursors
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Branding
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\addins
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\ProgramData\Comms
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\Program Files\Common Files\Services
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-09-01 13:37 - 2016-09-01 13:27 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-09-01 13:37 - 2016-09-01 13:27 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-09-01 13:37 - 2016-09-01 13:27 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-09-01 13:37 - 2016-09-01 13:27 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-09-01 13:37 - 2016-09-01 13:27 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-09-01 13:37 - 2016-09-01 13:26 - 00000219 _____ C:\WINDOWS\system.ini
2016-09-01 13:31 - 2016-09-05 17:30 - 00000000 ____D C:\WINDOWS\INF
2016-09-01 13:00 - 2016-09-01 17:02 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 12:45 - 2016-09-01 22:36 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-01 12:45 - 2016-09-01 16:51 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-01 12:45 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\servicing
2016-09-01 12:45 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-09-01 12:45 - 2015-10-30 07:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-09-01 12:37 - 2016-09-01 14:15 - 00000000 ___HD C:\$SysReset
2016-08-19 20:16 - 2016-08-03 12:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-19 20:16 - 2016-08-03 12:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-19 20:16 - 2016-08-03 12:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-19 20:16 - 2016-08-03 11:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-19 20:16 - 2016-08-03 11:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-19 20:16 - 2016-08-03 11:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-19 20:16 - 2016-08-03 11:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-19 20:16 - 2016-08-03 11:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-19 20:16 - 2016-08-03 11:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-19 20:16 - 2016-08-03 11:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-19 20:16 - 2016-08-03 11:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-19 20:16 - 2016-08-03 11:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-19 20:16 - 2016-08-03 11:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-19 20:16 - 2016-08-03 11:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-19 20:16 - 2016-08-03 11:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-19 20:16 - 2016-08-03 11:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-19 20:16 - 2016-08-03 11:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-19 20:16 - 2016-08-03 11:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-19 20:16 - 2016-08-03 11:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-19 20:16 - 2016-08-03 11:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-19 20:16 - 2016-08-03 11:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-19 20:16 - 2016-08-03 11:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-19 20:16 - 2016-08-03 11:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-19 20:16 - 2016-08-03 11:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-19 20:16 - 2016-08-03 11:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-19 20:16 - 2016-08-03 11:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-19 20:16 - 2016-08-03 10:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-19 20:16 - 2016-08-03 10:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-19 20:16 - 2016-08-03 10:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-19 20:16 - 2016-08-03 10:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-19 20:16 - 2016-08-03 10:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-19 20:16 - 2016-08-03 10:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-19 20:16 - 2016-08-03 10:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-19 20:16 - 2016-08-03 10:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-19 20:16 - 2016-08-03 10:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-19 20:16 - 2016-08-03 10:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-19 20:16 - 2016-08-03 10:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-19 20:16 - 2016-08-03 10:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-19 20:16 - 2016-08-03 10:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-19 20:16 - 2016-08-03 10:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-19 20:16 - 2016-08-03 10:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-19 20:16 - 2016-08-03 10:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-19 20:16 - 2016-08-03 10:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-19 20:16 - 2016-08-03 10:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-19 20:16 - 2016-08-03 10:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-19 20:16 - 2016-08-03 10:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-19 20:16 - 2016-08-03 10:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-19 20:16 - 2016-08-03 10:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-19 20:16 - 2016-08-03 10:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-19 20:16 - 2016-08-03 10:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-19 20:16 - 2016-08-03 10:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-19 20:16 - 2016-08-03 10:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-19 20:16 - 2016-08-03 10:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-19 20:16 - 2016-08-03 10:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-19 20:16 - 2016-08-03 10:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-19 20:16 - 2016-08-03 10:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-19 20:16 - 2016-08-03 10:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-19 20:16 - 2016-08-03 10:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 10:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-19 20:16 - 2016-08-03 10:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-19 20:16 - 2016-08-03 10:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-19 20:16 - 2016-08-03 10:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-19 20:16 - 2016-08-03 10:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-19 20:16 - 2016-08-03 10:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-19 20:16 - 2016-08-03 10:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-19 20:16 - 2016-08-03 10:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-19 20:16 - 2016-08-03 10:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-19 20:16 - 2016-08-03 10:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-19 20:16 - 2016-08-03 10:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-19 20:16 - 2016-08-03 10:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-19 20:16 - 2016-08-03 10:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-19 20:16 - 2016-08-03 10:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-19 20:16 - 2016-08-03 10:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-19 20:16 - 2016-08-03 10:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-19 20:16 - 2016-08-03 10:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-19 20:16 - 2016-08-03 10:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-19 20:16 - 2016-08-03 10:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-19 20:16 - 2016-08-03 10:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 10:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-19 20:16 - 2016-08-03 10:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-19 20:16 - 2016-08-03 10:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-19 20:16 - 2016-08-03 10:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-19 20:16 - 2016-08-03 06:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-19 20:16 - 2016-08-03 06:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-19 20:16 - 2016-08-03 06:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-19 20:16 - 2016-08-03 06:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-19 20:16 - 2016-08-03 06:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-19 20:16 - 2016-08-03 06:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-19 20:16 - 2016-08-03 06:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-19 20:16 - 2016-08-03 06:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-19 20:16 - 2016-08-03 06:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-19 20:16 - 2016-08-03 06:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-19 20:16 - 2016-08-03 05:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-19 20:16 - 2016-08-03 05:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-19 20:16 - 2016-08-03 05:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-19 20:16 - 2016-08-03 05:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-19 20:16 - 2016-08-03 05:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-19 20:16 - 2016-08-03 05:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-19 20:16 - 2016-08-03 05:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-19 20:16 - 2016-08-03 05:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-19 20:16 - 2016-08-03 05:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-19 20:16 - 2016-08-03 05:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-19 20:16 - 2016-08-03 05:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-19 20:16 - 2016-08-03 05:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-19 20:16 - 2016-08-03 05:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-19 20:16 - 2016-08-03 05:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 05:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-19 20:16 - 2016-08-03 05:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-19 20:16 - 2016-08-03 05:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-19 20:16 - 2016-08-03 05:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-19 20:16 - 2016-08-03 05:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-19 20:16 - 2016-08-03 05:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-19 20:16 - 2016-08-03 05:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-19 20:16 - 2016-08-03 05:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-19 20:16 - 2016-08-03 05:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-19 20:16 - 2016-08-03 05:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-19 20:16 - 2016-08-03 05:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-19 20:16 - 2016-08-03 05:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-19 20:16 - 2016-08-03 05:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-19 20:16 - 2016-08-03 05:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 05:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-09-01 13:18 - 2015-10-30 08:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
Certains fichiers dans TEMP:
====================
C:\Users\meoua\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-09-01 22:16
==================== Fin de FRST.txt ============================
Exécuté par meoua (administrateur) sur DESKTOP-H4HRTLA (05-09-2016 19:28:25)
Exécuté depuis C:\Users\meoua\Desktop
Profils chargés: meoua (Profils disponibles: meoua)
Platform: Windows 10 Pro Version 1511 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-1430271797-4064762032-962017862-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{6655bd78-10f8-408d-9cc1-fadb3a556c74}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-03] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-03]
CHR Extension: (Google Docs) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-03]
CHR Extension: (Google Drive) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-03]
CHR Extension: (YouTube) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-03]
CHR Extension: (Google Sheets) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-03]
CHR Extension: (Google Docs Offline) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-03]
CHR Extension: (Gmail) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\meoua\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-03]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (QUALCOMM Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-09-04] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-09-05 19:28 - 2016-09-05 19:29 - 00007523 _____ C:\Users\meoua\Desktop\FRST.txt
2016-09-05 19:25 - 2016-09-05 19:28 - 00000000 ____D C:\FRST
2016-09-05 17:54 - 2016-09-05 19:25 - 02397696 _____ (Farbar) C:\Users\meoua\Desktop\FRST64.exe
2016-09-05 17:25 - 2016-09-05 17:25 - 00000000 ___HD C:\OneDriveTemp
2016-09-04 19:10 - 2016-09-04 19:10 - 00020480 _____ C:\Users\meoua\Desktop\rk_36F5.tmp.txt
2016-09-04 19:07 - 2016-09-04 19:07 - 00005296 _____ C:\Users\meoua\Desktop\rk_209C.tmp.txt
2016-09-04 17:47 - 2016-09-04 17:47 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-09-04 17:44 - 2016-09-04 17:44 - 00000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-09-04 17:44 - 2016-09-04 17:44 - 00000000 ____D C:\ProgramData\RogueKiller
2016-09-04 17:44 - 2016-09-04 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-09-04 17:44 - 2016-09-04 17:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-09-04 17:42 - 2016-09-04 17:43 - 31930936 _____ (Adlice Software ) C:\Users\meoua\Downloads\setup.exe
2016-09-04 17:28 - 2016-09-04 17:31 - 20832328 _____ C:\Users\meoua\Downloads\RogueKiller.exe
2016-09-04 12:19 - 2016-09-04 12:19 - 00062745 _____ C:\Users\meoua\Desktop\ZHPDiag.txt
2016-09-04 12:08 - 2016-09-04 12:10 - 00000000 ____D C:\Users\meoua\AppData\Roaming\ZHP
2016-09-04 12:08 - 2016-09-04 12:08 - 00000865 _____ C:\Users\meoua\Desktop\ZHPDiag.lnk
2016-09-04 12:06 - 2016-09-04 12:08 - 02314752 _____ C:\Users\meoua\Downloads\ZHPDiag3.exe
2016-09-03 19:51 - 2016-09-03 19:51 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-03 19:51 - 2016-09-03 19:51 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-03 19:48 - 2016-09-05 17:23 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-03 19:48 - 2016-09-03 19:54 - 00004166 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-03 19:48 - 2016-09-03 19:54 - 00003934 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-03 19:48 - 2016-09-03 19:54 - 00001108 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-03 19:47 - 2016-09-04 01:54 - 00000000 ____D C:\Users\meoua\AppData\Local\Google
2016-09-03 19:47 - 2016-09-03 19:50 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-03 19:47 - 2016-09-03 19:47 - 00819144 _____ (Google Inc.) C:\Users\meoua\Downloads\chrome_installer.exe
2016-09-03 19:37 - 2016-09-03 19:39 - 00000000 ___HD C:\_acestream_cache_
2016-09-03 19:33 - 2016-09-03 19:33 - 00000000 ____D C:\Users\meoua\AppData\LocalLow\.ACEStream
2016-09-03 19:21 - 2016-09-03 19:30 - 81395336 _____ C:\Users\meoua\Downloads\Ace_Stream_Media_3.1.7.exe
2016-09-03 19:17 - 2016-09-03 19:17 - 00003986 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1472926636
2016-09-03 19:17 - 2016-09-03 19:17 - 00001204 _____ C:\Users\Public\Desktop\Opera.lnk
2016-09-03 19:17 - 2016-09-03 19:17 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-03 19:17 - 2016-09-03 19:17 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Opera Software
2016-09-03 19:17 - 2016-09-03 19:17 - 00000000 ____D C:\Users\meoua\AppData\Local\Opera Software
2016-09-03 19:14 - 2016-09-05 17:28 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-03 19:14 - 2016-09-03 19:14 - 00963016 _____ (Opera Software) C:\Users\meoua\Downloads\OperaSetup.exe
2016-09-03 19:07 - 2016-09-03 19:11 - 00000000 ____D C:\Users\meoua\AppData\Local\midori
2016-09-03 19:07 - 2016-09-03 19:11 - 00000000 ____D C:\Users\meoua\.dbus-keyrings
2016-09-03 19:07 - 2016-09-03 19:07 - 00000000 ____D C:\Users\meoua\AppData\Local\webkit
2016-09-03 13:13 - 2016-09-03 13:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-03 12:07 - 2016-09-03 12:58 - 00000000 ____D C:\Users\meoua\Desktop\Nouveau dossier
2016-09-02 19:27 - 2016-09-02 19:27 - 00000000 ____D C:\Users\meoua\AppData\Local\PeerDistRepub
2016-09-02 15:07 - 2016-09-02 15:17 - 00000000 ____D C:\Users\meoua\AppData\Roaming\concept design
2016-09-02 15:06 - 2016-09-02 15:06 - 00000000 ____D C:\Program Files (x86)\concept design
2016-09-02 14:43 - 2016-09-02 14:43 - 00000000 ____D C:\Users\meoua\AppData\Local\NetworkTiles
2016-09-01 22:40 - 2016-09-05 17:30 - 01848398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-01 22:38 - 2016-09-01 22:38 - 00000000 ____D C:\ProgramData\USOShared
2016-09-01 22:35 - 2016-07-01 06:05 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-01 22:33 - 2016-09-05 17:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Modèles
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Mes documents
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\Default User
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Users\All Users
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Modèles
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\ProgramData\Bureau
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Program Files\Fichiers communs
2016-09-01 22:32 - 2016-09-01 22:32 - 00000000 _SHDL C:\Documents and Settings
2016-09-01 22:25 - 2016-09-01 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-01 22:25 - 2016-09-01 22:25 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-01 22:24 - 2016-09-01 22:25 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-01 22:23 - 2016-09-01 22:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-01 22:22 - 2016-09-01 22:22 - 00000000 ____D C:\AMD
2016-09-01 22:22 - 2016-09-01 22:22 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-01 22:21 - 2016-09-01 22:21 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-01 22:21 - 2016-09-01 22:21 - 00000000 ____D C:\Program Files\AMD
2016-09-01 22:17 - 2016-09-01 22:17 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-01 22:16 - 2016-09-05 17:23 - 00359912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-01 18:00 - 2016-09-01 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-09-01 18:00 - 2016-09-01 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-01 17:58 - 2016-09-01 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-09-01 17:57 - 2016-09-01 17:57 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-09-01 17:57 - 2016-09-01 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-09-01 17:57 - 2016-09-01 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-09-01 17:55 - 2016-09-01 17:55 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-09-01 17:54 - 2016-09-01 17:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-09-01 17:53 - 2016-09-01 17:53 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-01 17:53 - 2016-09-01 17:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-01 17:52 - 2016-09-01 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-01 17:52 - 2016-09-01 17:52 - 00000000 ____D C:\Users\meoua\AppData\Local\Microsoft Help
2016-09-01 17:51 - 2016-09-01 17:51 - 00000000 __RHD C:\MSOCache
2016-09-01 17:46 - 2016-09-01 17:47 - 00000000 ____D C:\Users\meoua\Downloads\licence WinRAR 531
2016-09-01 17:45 - 2016-09-01 17:45 - 00000000 ____D C:\Users\meoua\AppData\Roaming\WinRAR
2016-09-01 17:45 - 2016-09-01 17:45 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-01 17:45 - 2016-09-01 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-01 17:44 - 2016-09-01 17:46 - 00000000 ____D C:\Program Files\WinRAR
2016-09-01 17:38 - 2016-09-01 17:39 - 00000000 ____D C:\Program Files\CCleaner
2016-09-01 17:38 - 2016-09-01 17:38 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-01 17:38 - 2016-09-01 17:38 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-01 17:38 - 2016-09-01 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-01 17:36 - 2016-09-01 17:37 - 08228024 _____ (Piriform Ltd) C:\Users\meoua\Downloads\ccsetup521pro.exe
2016-09-01 17:21 - 2016-09-01 17:21 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Macromedia
2016-09-01 17:00 - 2016-09-01 17:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-09-01 16:53 - 2016-09-01 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-01 16:35 - 2016-09-01 16:35 - 00000000 ____D C:\Program Files\CMAK
2016-09-01 16:35 - 2016-09-01 16:35 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-09-01 16:23 - 2016-07-27 20:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-01 16:17 - 2016-09-01 16:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-01 16:16 - 2016-09-01 16:16 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-01 15:10 - 2016-09-01 15:08 - 20738752 _____ (Microsoft Corporation) C:\Users\meoua\Downloads\OneDriveSetup (1).exe
2016-09-01 15:10 - 2016-06-15 16:17 - 00001004 _____ C:\Users\meoua\OneDrive\Documents\Résultats1.spv
2016-09-01 15:08 - 2016-09-01 15:10 - 00000000 ____D C:\Users\meoua\OneDrive\Documents\Notes
2016-09-01 15:08 - 2016-09-01 15:08 - 00000000 ____D C:\Users\meoua\OneDrive\Documents\Sound recordings
2016-09-01 15:08 - 2016-09-01 15:08 - 00000000 ____D C:\Users\meoua\OneDrive\Documents\MEGA
2016-09-01 15:07 - 2016-09-01 15:10 - 00003346 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-01 15:05 - 2016-09-01 15:05 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Skype
2016-09-01 15:03 - 2016-09-01 17:25 - 00000000 ____D C:\Users\meoua\AppData\Local\MicrosoftEdge
2016-09-01 15:01 - 2016-09-05 17:25 - 00000000 ___RD C:\Users\meoua\OneDrive
2016-09-01 15:01 - 2016-09-01 15:10 - 00002407 _____ C:\Users\meoua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\Users\meoua\AppData\Roaming\ATI
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\Users\meoua\AppData\Local\ATI
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-01 14:59 - 2016-09-01 14:59 - 00000000 ____D C:\ProgramData\ATI
2016-09-01 14:58 - 2016-09-01 14:58 - 00000000 ____D C:\Users\meoua\AppData\Local\Publishers
2016-09-01 14:55 - 2016-09-01 15:17 - 00000000 ____D C:\Users\meoua\AppData\Local\PackageStaging
2016-09-01 14:54 - 2016-09-01 14:54 - 00000000 ____D C:\Users\meoua\AppData\Local\Comms
2016-09-01 14:54 - 2016-09-01 14:54 - 00000000 ____D C:\Users\meoua\AppData\Local\ActiveSync
2016-09-01 14:53 - 2016-09-01 16:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-01 14:53 - 2016-09-01 14:53 - 00000000 ____D C:\Users\meoua\AppData\Roaming\Adobe
2016-09-01 14:52 - 2016-09-01 17:15 - 00000000 ____D C:\Users\meoua\AppData\Local\Packages
2016-09-01 14:52 - 2016-09-01 14:52 - 00000000 ____D C:\Users\meoua\AppData\Local\VirtualStore
2016-09-01 14:52 - 2016-09-01 14:52 - 00000000 ____D C:\Users\meoua\AppData\Local\TileDataLayer
2016-09-01 14:50 - 2016-09-03 19:07 - 00000000 ____D C:\Users\meoua
2016-09-01 14:50 - 2016-09-01 14:50 - 00000020 ___SH C:\Users\meoua\ntuser.ini
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Voisinage réseau
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Voisinage d'impression
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Modèles
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Mes documents
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\Menu Démarrer
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2016-09-01 14:50 - 2016-09-01 14:50 - 00000000 _SHDL C:\Users\meoua\AppData\Local\Historique
2016-09-01 14:09 - 2016-09-01 18:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-01 14:09 - 2016-09-01 14:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-01 14:09 - 2016-09-01 14:09 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-09-01 14:06 - 2016-09-01 14:06 - 00000000 ____D C:\WINDOWS\Setup
2016-09-01 13:59 - 2016-09-01 17:59 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\OCR
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\Program Files\MSBuild
2016-09-01 13:59 - 2016-09-01 13:59 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-01 13:56 - 2016-09-05 17:30 - 00825500 _____ C:\WINDOWS\system32\perfh00C.dat
2016-09-01 13:56 - 2016-09-05 17:30 - 00155764 _____ C:\WINDOWS\system32\perfc00C.dat
2016-09-01 13:56 - 2016-09-01 13:54 - 00350774 _____ C:\WINDOWS\system32\perfi00C.dat
2016-09-01 13:56 - 2016-09-01 13:54 - 00040528 _____ C:\WINDOWS\system32\perfd00C.dat
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\fr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\fr
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\0409
2016-09-01 13:55 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-09-01 13:44 - 2016-07-02 05:37 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-01 13:44 - 2016-07-02 05:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-01 13:38 - 2016-09-01 16:31 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-09-01 13:38 - 2016-09-01 14:14 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-01 13:38 - 2016-09-01 13:27 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-09-01 13:38 - 2016-09-01 13:27 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-09-01 13:38 - 2016-09-01 13:27 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-09-01 13:38 - 2016-09-01 13:27 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-09-01 13:38 - 2016-09-01 13:27 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-09-01 13:38 - 2016-09-01 13:27 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-09-01 13:38 - 2016-09-01 13:27 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-09-01 13:38 - 2016-09-01 13:27 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-09-01 13:38 - 2016-09-01 13:27 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-09-01 13:38 - 2016-09-01 13:27 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-09-01 13:38 - 2016-09-01 13:27 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-09-01 13:37 - 2016-09-04 15:17 - 00000000 ____D C:\WINDOWS\rescache
2016-09-01 13:37 - 2016-09-04 13:44 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-01 13:37 - 2016-09-03 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-01 13:37 - 2016-09-03 11:57 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-01 13:37 - 2016-09-01 22:38 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-01 13:37 - 2016-09-01 22:36 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-01 13:37 - 2016-09-01 22:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-01 13:37 - 2016-09-01 22:32 - 00000000 ____D C:\WINDOWS\CSC
2016-09-01 13:37 - 2016-09-01 22:32 - 00000000 ____D C:\Program Files\Windows NT
2016-09-01 13:37 - 2016-09-01 22:29 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-01 13:37 - 2016-09-01 17:59 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-01 13:37 - 2016-09-01 17:55 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-01 13:37 - 2016-09-01 17:53 - 00000167 _____ C:\WINDOWS\win.ini
2016-09-01 13:37 - 2016-09-01 17:02 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 13:37 - 2016-09-01 16:43 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-01 13:37 - 2016-09-01 16:41 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 13:37 - 2016-09-01 16:41 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-01 13:37 - 2016-09-01 16:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-01 13:37 - 2016-09-01 16:37 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 __RSD C:\WINDOWS\Media
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Journal
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-09-01 13:37 - 2016-09-01 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-01 13:37 - 2016-09-01 16:22 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-09-01 13:37 - 2016-09-01 14:54 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-01 13:37 - 2016-09-01 14:50 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-01 13:37 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-01 13:37 - 2016-09-01 13:59 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\system32\Com
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\IME
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\Help
2016-09-01 13:37 - 2016-09-01 13:55 - 00000000 ____D C:\Program Files\Common Files\System
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\ias
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-09-01 13:37 - 2016-09-01 13:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Web
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Vss
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\tracing
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\TAPI
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SystemResources
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SystemApps
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\ras
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\IME
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\System
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SKB
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\security
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\schemas
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\SchCache
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Resources
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Registration
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\PLA
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Performance
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\InputMethod
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Globalization
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Cursors
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\Branding
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\addins
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\ProgramData\Comms
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\Program Files\Common Files\Services
2016-09-01 13:37 - 2016-09-01 13:37 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-09-01 13:37 - 2016-09-01 13:27 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-09-01 13:37 - 2016-09-01 13:27 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-09-01 13:37 - 2016-09-01 13:27 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-09-01 13:37 - 2016-09-01 13:27 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-09-01 13:37 - 2016-09-01 13:27 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-09-01 13:37 - 2016-09-01 13:26 - 00000219 _____ C:\WINDOWS\system.ini
2016-09-01 13:31 - 2016-09-05 17:30 - 00000000 ____D C:\WINDOWS\INF
2016-09-01 13:00 - 2016-09-01 17:02 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 12:45 - 2016-09-01 22:36 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-01 12:45 - 2016-09-01 16:51 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-01 12:45 - 2016-09-01 13:55 - 00000000 ____D C:\WINDOWS\servicing
2016-09-01 12:45 - 2016-09-01 13:37 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-09-01 12:45 - 2015-10-30 07:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-09-01 12:37 - 2016-09-01 14:15 - 00000000 ___HD C:\$SysReset
2016-08-19 20:16 - 2016-08-03 12:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-19 20:16 - 2016-08-03 12:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-19 20:16 - 2016-08-03 12:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-19 20:16 - 2016-08-03 11:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-19 20:16 - 2016-08-03 11:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-19 20:16 - 2016-08-03 11:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-19 20:16 - 2016-08-03 11:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-19 20:16 - 2016-08-03 11:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-19 20:16 - 2016-08-03 11:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-19 20:16 - 2016-08-03 11:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-19 20:16 - 2016-08-03 11:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-19 20:16 - 2016-08-03 11:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-19 20:16 - 2016-08-03 11:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-19 20:16 - 2016-08-03 11:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-19 20:16 - 2016-08-03 11:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-19 20:16 - 2016-08-03 11:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-19 20:16 - 2016-08-03 11:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-19 20:16 - 2016-08-03 11:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-19 20:16 - 2016-08-03 11:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-19 20:16 - 2016-08-03 11:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-19 20:16 - 2016-08-03 11:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-19 20:16 - 2016-08-03 11:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-19 20:16 - 2016-08-03 11:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-19 20:16 - 2016-08-03 11:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-19 20:16 - 2016-08-03 11:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-19 20:16 - 2016-08-03 11:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-19 20:16 - 2016-08-03 10:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-19 20:16 - 2016-08-03 10:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-19 20:16 - 2016-08-03 10:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-19 20:16 - 2016-08-03 10:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-19 20:16 - 2016-08-03 10:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-19 20:16 - 2016-08-03 10:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-19 20:16 - 2016-08-03 10:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-19 20:16 - 2016-08-03 10:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-19 20:16 - 2016-08-03 10:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-19 20:16 - 2016-08-03 10:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-19 20:16 - 2016-08-03 10:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-19 20:16 - 2016-08-03 10:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-19 20:16 - 2016-08-03 10:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-19 20:16 - 2016-08-03 10:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-19 20:16 - 2016-08-03 10:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-19 20:16 - 2016-08-03 10:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-19 20:16 - 2016-08-03 10:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-19 20:16 - 2016-08-03 10:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-19 20:16 - 2016-08-03 10:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-19 20:16 - 2016-08-03 10:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-19 20:16 - 2016-08-03 10:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-19 20:16 - 2016-08-03 10:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-19 20:16 - 2016-08-03 10:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-19 20:16 - 2016-08-03 10:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-19 20:16 - 2016-08-03 10:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-19 20:16 - 2016-08-03 10:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-19 20:16 - 2016-08-03 10:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-19 20:16 - 2016-08-03 10:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-19 20:16 - 2016-08-03 10:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-19 20:16 - 2016-08-03 10:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-19 20:16 - 2016-08-03 10:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-19 20:16 - 2016-08-03 10:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 10:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-19 20:16 - 2016-08-03 10:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-19 20:16 - 2016-08-03 10:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-19 20:16 - 2016-08-03 10:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-19 20:16 - 2016-08-03 10:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-19 20:16 - 2016-08-03 10:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-19 20:16 - 2016-08-03 10:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-19 20:16 - 2016-08-03 10:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-19 20:16 - 2016-08-03 10:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-19 20:16 - 2016-08-03 10:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-19 20:16 - 2016-08-03 10:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-19 20:16 - 2016-08-03 10:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-19 20:16 - 2016-08-03 10:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-19 20:16 - 2016-08-03 10:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-19 20:16 - 2016-08-03 10:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-19 20:16 - 2016-08-03 10:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-19 20:16 - 2016-08-03 10:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-19 20:16 - 2016-08-03 10:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-19 20:16 - 2016-08-03 10:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-19 20:16 - 2016-08-03 10:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-19 20:16 - 2016-08-03 10:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 10:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-19 20:16 - 2016-08-03 10:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-19 20:16 - 2016-08-03 10:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-19 20:16 - 2016-08-03 10:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-19 20:16 - 2016-08-03 06:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-19 20:16 - 2016-08-03 06:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-19 20:16 - 2016-08-03 06:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-19 20:16 - 2016-08-03 06:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-19 20:16 - 2016-08-03 06:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-19 20:16 - 2016-08-03 06:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-19 20:16 - 2016-08-03 06:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-19 20:16 - 2016-08-03 06:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-19 20:16 - 2016-08-03 06:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-19 20:16 - 2016-08-03 06:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-19 20:16 - 2016-08-03 05:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-19 20:16 - 2016-08-03 05:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-19 20:16 - 2016-08-03 05:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-19 20:16 - 2016-08-03 05:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-19 20:16 - 2016-08-03 05:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-19 20:16 - 2016-08-03 05:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-19 20:16 - 2016-08-03 05:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-19 20:16 - 2016-08-03 05:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-19 20:16 - 2016-08-03 05:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-19 20:16 - 2016-08-03 05:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-19 20:16 - 2016-08-03 05:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-19 20:16 - 2016-08-03 05:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-19 20:16 - 2016-08-03 05:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-19 20:16 - 2016-08-03 05:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 05:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-19 20:16 - 2016-08-03 05:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-19 20:16 - 2016-08-03 05:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-19 20:16 - 2016-08-03 05:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-19 20:16 - 2016-08-03 05:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-19 20:16 - 2016-08-03 05:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-19 20:16 - 2016-08-03 05:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-19 20:16 - 2016-08-03 05:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-19 20:16 - 2016-08-03 05:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-19 20:16 - 2016-08-03 05:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-19 20:16 - 2016-08-03 05:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-19 20:16 - 2016-08-03 05:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-19 20:16 - 2016-08-03 05:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-19 20:16 - 2016-08-03 05:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-19 20:16 - 2016-08-03 05:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-19 20:16 - 2016-08-03 05:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-09-01 13:18 - 2015-10-30 08:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
Certains fichiers dans TEMP:
====================
C:\Users\meoua\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2016-09-01 22:16
==================== Fin de FRST.txt ============================