1. #1
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Win10 : administrator's account impossible to connect (viruses, hacked, trojans??)

    Hi, (sorry for my bad english...)

    Here is my big issue :

    First of all, I have to say that's all my fault. I was looking for a software crack and, despite of my knowledge and carefullness, I did something realy stupid this time.
    Now, I can't access to my administrator's local account. When I'm in the account & password Window's page (even my fingerprint access...), it says that my password changed and I Have to connect with "the other computer" to change it.

    I have already scanned with Malwarebytes and it removed 5 malwares. (I unfortunately erased those...I can't tell you which ones they were)

    I can connect with an other local account (but with restrictive access, of course...)
    I would like, if possible, rediscover my administrator access with my files I don't want to lose.

    Thank you !!!


    Cheers,
    GensoD.


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,310

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Hi, GensoD.

    First off, we do not support the use of illegal software. So, I suggest you begin by uninstalling anything on your system that does not have a valid license. Hopefully, your limited account will have sufficient permission to do so.

    Logs are needed in order to see what is on your computer. Please follow the Malware Removal Posting Instructions.

    In addition, please post the Malwarebytes log. Click on History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  3. #3
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Hi again,

    I'm aware about the use of illegal software, I only wanted to help my wife and I assure you that I'm not a lammer or anything else.

    With my Administrator issues I can't run any software with this option. So I did the scans anyway, even with Malwarebytes (which find many issues itself).

    Thanks for your help Corrine.

    Logs in next replies.

    EDIT : The logs will be in french...
    And Audrey is my wife's local account I'm using.

  4. #4
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x86) Version: 23-11-2016
    Exécuté par Audrey (24-11-2016 01:12:17)
    Exécuté depuis C:\Users\Audrey\Desktop\Sysnative tools
    Microsoft Windows 10 Famille Version 1607 (X86) (2016-11-21 00:40:54)
    Mode d'amorçage: Normal
    ==========================================================




    ==================== Comptes: =============================


    Administrateur (S-1-5-21-3249230889-3245914959-1979252567-500 - Administrator - Disabled) => C:\Users\Administrateur
    Audrey (S-1-5-21-3249230889-3245914959-1979252567-1018 - Limited - Enabled) => C:\Users\Audrey
    DamienG (S-1-5-21-3249230889-3245914959-1979252567-1000 - Administrator - Enabled) => C:\Users\Ralek Bibi
    DefaultAccount (S-1-5-21-3249230889-3245914959-1979252567-503 - Limited - Disabled)
    Invité (S-1-5-21-3249230889-3245914959-1979252567-501 - Limited - Disabled)


    ==================== Centre de sécurité ========================


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)


    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


    ==================== Programmes installés ======================


    (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)


    Adobe Acrobat Reader DC - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
    Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
    Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
    Adobe Photoshop CS5 (HKLM\...\{3EB745BA-194F-4475-9164-B20BB2172395}) (Version: 12.0 - Adobe Systems Incorporated)
    Apple Application Support (32 bits) (HKLM\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{D9F3D66A-9885-4DDD-A800-9DDF488359A1}) (Version: 10.0.1.3 - Apple Inc.)
    Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
    Contenu supplémentaire de Vita 2 (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)
    DriversCloud.com (HKLM\...\{26BC1A02-834F-4E12-ABB2-E55484C6DFA0}) (Version: 8.0.4.0 - Cybelsoft)
    Dropbox (HKLM\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
    Dropbox Update Helper (Version: 1.3.57.1 - Dropbox, Inc.) Hidden
    FFmpeg (Windows) for Audacity version 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
    Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
    Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
    iCloud (HKLM\...\{C3867553-D9F8-416E-8F14-EFF234A48577}) (Version: 5.1.0.34 - Apple Inc.)
    IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 6.1.0.20 - IObit)
    iTunes (HKLM\...\{B1EA304B-D216-4D5D-A720-D94C623EA880}) (Version: 12.5.2.36 - Apple Inc.)
    Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
    Java SE Development Kit 8 Update 73 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
    Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
    Kaspersky Internet Security (Version: 16.0.0.614 - Kaspersky Lab) Hidden
    LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
    Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
    MAGIX Analogue Modelling Suite Plus (HKLM\...\MX.{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX AG)
    MAGIX Analogue Modelling Suite Plus (Version: 1.0.0.0 - MAGIX AG) Hidden
    MAGIX Contenu et Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
    MAGIX essentialFX Suite (HKLM\...\MX.{CB7B17F4-3833-4699-890B-52C5D0AB926D}) (Version: 1.0.0.0 - MAGIX AG)
    MAGIX essentialFX Suite (Version: 1.0.0.0 - MAGIX AG) Hidden
    MAGIX Samplitude Music Studio 2016 (HKLM\...\MX.{F9873ACF-DB28-41C3-9AD0-A378FA95E0A5}) (Version: 22.0.1.20 - MAGIX Software GmbH)
    MAGIX Samplitude Music Studio 2016 (Object synthesizers) (HKLM\...\MX.{B94FCCBE-6FB0-4E9F-8B35-966E987D0CBB}) (Version: 1.0.0.0 - MAGIX Software GmbH)
    MAGIX Samplitude Music Studio 2016 (Object synthesizers) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
    MAGIX Samplitude Music Studio 2016 (Version: 22.0.1.20 - MAGIX Software GmbH) Hidden
    MAGIX Soundpools 2016 (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
    MAGIX Speed burnR (MSI) (HKLM\...\MX.{4820118E-F7B6-4D70-9B38-6B8C3EB85BC1}) (Version: 7.0.1.27 - MAGIX Software GmbH)
    MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
    MAGIX Vandal VST-PlugIn (HKLM\...\MX.{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX AG)
    MAGIX Vandal VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
    MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX AG)
    MAGIX VariVerb II VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office Famille et Etudiant 2013 - fr-fr (HKLM\...\HomeStudentRetail - fr-fr) (Version: 15.0.4875.1001 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
    Mises à jour NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
    Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 50.0 (x86 fr) (HKLM\...\Mozilla Firefox 50.0 (x86 fr)) (Version: 50.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
    MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MuseScore 2 (HKLM\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
    NoteWorthy Composer 2 Demo (HKLM\...\NoteWorthy Composer 2 Demo) (Version: Demo Version 2.75 - Noteworthy Software, Inc.)
    NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
    NVIDIA Logiciel système PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA Pilote 3D Vision 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
    NVIDIA Pilote graphique 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (Version: 15.0.4875.1001 - Microsoft Corporation) Hidden
    Panneau de configuration NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
    PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
    PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
    Pianissimo (HKLM\...\Pianissimo) (Version: - Acoustica)
    QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Samplitude Music Studio 2016 Update (Version: 22.0.2.24 - MAGIX Software GmbH) Hidden
    SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
    Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
    UM-ONE Driver (HKLM\...\RolandRDID0115) (Version: - Roland Corporation)
    Vita Accordion (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Century Guitar (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Century Keys (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Choir (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Cinematic Synth (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Drum Engine (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Electric Bass (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Electric Piano (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Folk (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Power Guitar (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Rock Drums (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita Space Pad (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    Vita String Ensemble (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
    WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)


    ==================== Personnalisé CLSID (Avec liste blanche): ==========================


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)




    ==================== Tâches planifiées (Avec liste blanche) =============


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)




    (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job =>
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => <==== ATTENTION
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => <==== ATTENTION
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => <==== ATTENTION
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => <==== ATTENTION
    Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_DamienG.job =>


    ==================== Raccourcis =============================


    (Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)


    ==================== Modules chargés (Avec liste blanche) ==============


    2016-11-21 15:43 - 2016-09-15 18:32 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-11-21 15:43 - 2016-09-15 18:32 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
    2016-11-23 15:20 - 2016-11-23 15:20 - 01244360 _____ () C:\Users\Audrey\AppData\Local\Microsoft\OneDrive\17.3.6674.1021_1\ClientTelemetry.dll
    2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
    2016-11-21 15:41 - 2016-11-02 11:46 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
    2016-11-23 15:22 - 2016-11-23 15:22 - 00129216 _____ () C:\Users\Audrey\AppData\Local\Microsoft\OneDrive\17.3.6674.1021_1\FileSyncViews.dll
    2016-11-21 16:11 - 2016-11-21 16:15 - 00062464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkypeHost.exe
    2016-11-21 16:11 - 2016-11-21 16:15 - 00151552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2016-11-21 16:11 - 2016-11-21 16:15 - 29915136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkyWrap.dll
    2016-11-21 15:43 - 2016-11-02 11:31 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-11-21 15:43 - 2016-11-02 11:24 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-11-21 15:43 - 2016-08-06 04:21 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
    2016-11-21 15:43 - 2016-11-02 11:24 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2016-11-21 15:43 - 2016-11-02 11:24 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-11-21 15:43 - 2016-11-02 11:26 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-11-15 04:24 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
    2016-11-15 04:24 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files\Google\Chrome\Application\54.0.2840.99\libegl.dll
    2016-11-21 15:45 - 2016-09-15 18:42 - 02261856 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll


    ==================== Alternate Data Streams (Avec liste blanche) =========


    (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


    AlternateDataStreams: C:\lame:Roxio EMC Stream [38]
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]


    ==================== Mode sans échec (Avec liste blanche) ===================


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)


    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"


    ==================== Association (Avec liste blanche) ===============


    (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)




    ==================== Internet Explorer sites de confiance/sensibles ===============


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)




    ==================== Hosts contenu: ==========================


    (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)


    2015-09-28 17:23 - 2016-11-20 19:38 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    127.0.0.1 down.baidu2016.com
    127.0.0.1 123.sogou.com
    127.0.0.1 www.czzsyzgm.com
    127.0.0.1 www.czzsyzxl.com
    127.0.0.1 union.baidu2019.com


    ==================== Autres zones ============================


    (Actuellement, il n'y a pas de correction automatique pour cette section.)


    HKU\S-1-5-21-3249230889-3245914959-1979252567-1018\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
    DNS Servers: 192.168.0.254
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Le Pare-feu is disabled.


    ==================== MSCONFIG/TASK MANAGER éléments désactivés ==


    MSCONFIG\Services: XboxNetApiSvc => 3
    MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "c:\program files\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
    MSCONFIG\startupreg: AdobeCS5ServiceManager => "c:\program files\common files\adobe\cs5servicemanager\cs5servicemanager.exe" -launchedbylogin
    MSCONFIG\startupreg: iTunesHelper => "c:\program files\itunes\ituneshelper.exe"
    MSCONFIG\startupreg: ShadowPlay => c:\windows\system32\rundll32.exe c:\windows\system32\nvspcap.dll,shadowplayonsystemstart


    ==================== RèglesPare-feu (Avec liste blanche) ===============


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{091BFE71-FD7D-4C63-8747-FD03561FB0A5}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{341A83C0-C03C-41D6-83AE-E1FA24A86239}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{AA2AA141-A546-4E9C-B603-BF203A48F851}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{FE9FA84F-8527-49CD-B843-AE7706A254D8}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{D7DD7D3C-9AF1-4740-959D-C84ED76051A9}] => (Allow) C:\WINDOWS\system32\rundll32.exe
    FirewallRules: [{14B4551F-F5CF-427C-BDD4-4D7A4C58C31B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
    FirewallRules: [{95C8339F-B4B8-409E-A50F-8C575CFA46C5}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
    FirewallRules: [{6146710A-14AB-4331-AF24-C19D9D178DAE}] => (Allow) %systemroot%\system32\alg.exe
    FirewallRules: [{93DBA1A4-1198-47B5-95BC-680D24328CAD}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [{FDF879E6-40D9-4654-9C51-C91B0D977880}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{1F8673E2-118D-4581-AC2C-8773A9ACD632}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{56F13253-F435-4E80-9989-C97BAC8F4120}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{47529514-3EA4-4E90-86C8-9C65EA422C51}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{6701AFCE-9C75-4C2D-A251-47788599C3EA}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{296E8584-3B5A-4A12-9F7B-12D7300E11F1}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{89110892-AD4C-4E64-BC3D-634819F30E1B}] => (Allow) C:\Users\Ralek Bibi\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{660235FB-93AC-4162-A31D-C4D490A8C761}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
    FirewallRules: [{0DFE9A17-6A67-4F3B-A3DC-F9DBD2CA4DEA}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
    FirewallRules: [UDP Query User{8ACE6D29-6BF2-41BB-8A3A-282236E71D83}C:\program files\java\jdk1.8.0_73\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\jmc.exe
    FirewallRules: [TCP Query User{D5C1213F-BA4F-4EA6-992E-112F648B2655}C:\program files\java\jdk1.8.0_73\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\jmc.exe
    FirewallRules: [{636A41F6-CA71-4349-B8DB-2B1A285C12BB}] => (Allow) C:\Program Files\MAGIX\Samplitude Music Studio 2016\MusicStudio.exe
    FirewallRules: [{D12ECB71-4271-4545-995E-0ED6790A9219}] => (Allow) LPort=48113
    FirewallRules: [{B8D48B7C-B242-4478-B14F-A64AB1BC53C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{4171D462-3C23-491E-B05F-651F2AA7F9F7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{C6A3B1E0-B381-4AD0-9964-34190FC5C0DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{8277E31C-F9B3-4C5C-A6E8-2597D57CCEC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{39668261-FDAD-4341-AF4F-186693318177}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{C30DA3E3-F106-40EE-87C8-FFE92908E434}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{76858E19-B081-47EC-8771-0F824BD54BCD}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{260BEEC2-832A-47BF-B125-91F135A4DD93}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{52A691AD-8154-41F9-AC37-10D931E0AA71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{703C1641-EF6A-43C7-B932-343043BC531B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{F596A669-13D8-4488-A2CF-A00168D13D63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{B5EFF708-0950-4EE6-A705-3EB250903E10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe


    ==================== Points de restauration =========================


    ATTENTION: La Restauration système est désactivée
    Vérifiez le service "winmgmt" ou réparez WMI.




    ==================== Éléments en erreur du Gestionnaire de périphériques =============




    ==================== Erreurs du Journal des événements: =========================


    Erreurs Application:
    ==================
    Error: (11/24/2016 12:53:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GENSOD)
    Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue.


    Error: (11/23/2016 11:46:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_OFF (erreur %3).


    Error: (11/23/2016 11:46:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_OFF (erreur %3).


    Error: (11/23/2016 11:46:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_OFF (erreur %3).


    Error: (11/23/2016 08:14:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GENSOD)
    Description: Échec de l’activation de l’application windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel avec l’erreur : -2147023170 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.


    Error: (11/23/2016 08:14:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: GENSOD)
    Description: Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel a été interrompu, car sa suspension a été trop longue.


    Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_ON (erreur %3).


    Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_ON (erreur %3).


    Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_ON (erreur %3).


    Error: (11/23/2016 06:24:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Erreur lors de la mise à jour de l’état vers SECURITY_PRODUCT_STATE_SNOOZED (erreur %3).




    Erreurs système:
    =============
    Error: (11/23/2016 06:21:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    et l’APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 06:21:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    et l’APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 06:21:10 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
    et l’APPID
    {F72671A9-012C-4725-9D2F-2A4D32D65169}
    au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 05:45:38 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
    et l’APPID
    {F72671A9-012C-4725-9D2F-2A4D32D65169}
    au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 05:28:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    et l’APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 05:28:16 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    et l’APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 05:28:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
    et l’APPID
    {F72671A9-012C-4725-9D2F-2A4D32D65169}
    au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 04:50:32 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
    et l’APPID
    {F72671A9-012C-4725-9D2F-2A4D32D65169}
    au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 04:40:14 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
    Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
    {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
    et l’APPID
    {F72671A9-012C-4725-9D2F-2A4D32D65169}
    au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


    Error: (11/23/2016 04:21:44 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: L’arrêt système précédant à 16:05:57 le ‎23/‎11/‎2016 n’était pas prévu.




    ==================== Infos Mémoire ===========================


    Processeur: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
    Pourcentage de mémoire utilisée: 50%
    Mémoire physique - RAM - totale: 3070.06 MB
    Mémoire physique - RAM - disponible: 1533.82 MB
    Mémoire virtuelle totale: 4350.06 MB
    Mémoire virtuelle disponible: 2287.07 MB


    ==================== Lecteurs ================================


    Drive c: (Lecteur) (Fixed) (Total:198.04 GB) (Free:31.44 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
    Drive d: (Stockage) (Fixed) (Total:10 GB) (Free:5.59 GB) NTFS


    ==================== MBR & Table des partitions ==================


    ==================== Fin de Addition.txt ============================

  5. #5
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2016
    Exécuté par Audrey (ATTENTION: L'utilisateur n'est pas administrateur) sur GENSOD (24-11-2016 01:00:37)
    Exécuté depuis C:\Users\Audrey\Desktop\Sysnative tools
    Profils chargés: Audrey (Profils disponibles: DamienG & Audrey & Administrateur)
    Platform: Microsoft Windows 10 Famille Version 1607 (X86) Langue: Français (France)
    Internet Explorer Version 11 (Navigateur par défaut: Chrome)
    Mode d'amorçage: Normal
    Tutoriel pour Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials


    ==================== Processus (Avec liste blanche) =================


    (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)


    Impossible d'accéder au processus -> smss.exe
    Impossible d'accéder au processus -> csrss.exe
    Impossible d'accéder au processus -> wininit.exe
    Impossible d'accéder au processus -> csrss.exe
    Impossible d'accéder au processus -> winlogon.exe
    Impossible d'accéder au processus -> services.exe
    Impossible d'accéder au processus -> lsass.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> dwm.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> nvSCPAPISvr.exe
    Impossible d'accéder au processus -> nvvsvc.exe
    Impossible d'accéder au processus -> nvxdsync.exe
    Impossible d'accéder au processus -> nvvsvc.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> rundll32.exe
    Impossible d'accéder au processus -> rundll32.exe
    Impossible d'accéder au processus -> WUDFHost.exe
    Impossible d'accéder au processus -> dasHost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> spoolsv.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> DbxSvc.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> AppleMobileDeviceService.exe
    Impossible d'accéder au processus -> mDNSResponder.exe
    Impossible d'accéder au processus -> GfExperienceService.exe
    Impossible d'accéder au processus -> armsvc.exe
    Impossible d'accéder au processus -> BtwRSupportService.exe
    Impossible d'accéder au processus -> AEstSrv.exe
    Impossible d'accéder au processus -> officeclicktorun.exe
    Impossible d'accéder au processus -> IUService.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> NvNetworkService.exe
    Impossible d'accéder au processus -> nvstreamsvc.exe
    Impossible d'accéder au processus -> stacsv.exe
    Impossible d'accéder au processus -> MsMpEng.exe
    Impossible d'accéder au processus -> SearchIndexer.exe
    Impossible d'accéder au processus -> nvstreamsvc.exe
    Impossible d'accéder au processus -> conhost.exe
    Impossible d'accéder au processus -> wmpnetwk.exe
    Impossible d'accéder au processus -> NisSrv.exe
    Impossible d'accéder au processus -> nvstreamsvc.exe
    Impossible d'accéder au processus -> conhost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
    (IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x86__kzf8qxf38zg5c\SkypeHost.exe
    (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
    (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.10.0_x86__8wekyb3d8bbwe\WinStore.App.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    Impossible d'accéder au processus -> fontdrvhost.exe
    Impossible d'accéder au processus -> svchost.exe
    (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    Impossible d'accéder au processus -> svchost.exe
    Impossible d'accéder au processus -> WmiPrvSE.exe




    ==================== Registre (Avec liste blanche) ====================


    (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)


    HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-07] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-28] (IDT, Inc.)
    HKLM\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
    HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
    Winlogon\Notify\ScCertProp: wlnotify.dll [X]
    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
    HKU\S-1-5-21-3249230889-3245914959-1979252567-1018\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7045848 2016-11-15] (Piriform Ltd)
    ShellExecuteHooks: - {2BA2613E-A5BE-11E6-BD30-64006A5CFC23} - C:\Users\Ralek Bibi\AppData\Roaming\Atogey\Fimokgrzition.dll Pas de fichier [ ]
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)


    ==================== Internet (Avec liste blanche) ====================


    (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)


    Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
    Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
    Tcpip\..\Interfaces\{4302391a-7a41-4bd9-b96a-f99196402d8a}: [DhcpNameServer] 192.168.0.254
    Tcpip\..\Interfaces\{e25976d3-ee75-485d-a365-f405a76d1aae}: [DhcpNameServer] 192.168.0.254


    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-3249230889-3245914959-1979252567-1018\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-21] (Oracle Corporation)
    BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-10-25] (AO Kaspersky Lab)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-21] (Oracle Corporation)
    Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-10-25] (AO Kaspersky Lab)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)


    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
    FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-10-25]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-16] ()
    FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-21] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-21] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-29] (Microsoft Corporation)
    FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
    FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-10-13]


    Chrome:
    =======
    CHR Profile: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
    CHR Extension: (Google Slides) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-07]
    CHR Extension: (Google Docs) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-07]
    CHR Extension: (Google Drive) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-07]
    CHR Extension: (YouTube) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-07]
    CHR Extension: (Adblock Plus) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-07]
    CHR Extension: (Google Sheets) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-07]
    CHR Extension: (Google Docs hors connexion) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-07]
    CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-07]
    CHR Extension: (Gmail) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-07]
    CHR Extension: (Chrome Media Router) - C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-07]
    CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka


    ==================== Services (Avec liste blanche) ====================


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


    S2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-29] (Kaspersky Lab ZAO)
    R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1680088 2015-09-19] (Broadcom Corporation.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2041584 2016-10-04] (Microsoft Corporation)
    S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [35440 2016-11-07] (Dropbox, Inc.)
    R2 Dergesyghujase; C:\Program Files\Deringchederse\absegrermughtlnc.dll [276480 2016-11-20] () [Fichier non signé]
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
    R2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
    R3 lmhosts; C:\WINDOWS\System32\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
    R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
    R2 nsi; C:\WINDOWS\system32\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
    R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2016-01-29] (NVIDIA Corporation)
    S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)


    ===================== Pilotes (Avec liste blanche) ======================


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


    S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [175320 2015-09-19] (Broadcom Corporation.)
    S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [144600 2015-09-19] (Broadcom Corporation.)
    S3 CLEDX; C:\WINDOWS\System32\drivers\cledx.sys [33792 2005-05-09] (Team H2O) [Fichier non signé]
    R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [201912 2015-07-05] (Kaspersky Lab ZAO)
    R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
    S3 jumi; C:\WINDOWS\System32\drivers\jumi.sys [13112 2010-06-03] (Windows (R) Win 7 DDK provider)
    R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
    R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
    R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [57712 2015-06-27] (Kaspersky Lab ZAO)
    R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [66976 2016-03-01] (AO Kaspersky Lab)
    S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [25208 2015-06-24] (Kaspersky Lab)
    R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [147336 2015-10-21] (AO Kaspersky Lab)
    R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [53160 2016-05-25] (AO Kaspersky Lab)
    R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [764848 2016-05-25] (AO Kaspersky Lab)
    R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [44632 2016-11-21] (AO Kaspersky Lab)
    R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
    R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [37560 2015-06-07] (Kaspersky Lab ZAO)
    R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [39304 2015-09-29] (AO Kaspersky Lab)
    R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [74160 2016-05-25] (AO Kaspersky Lab)
    R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [87736 2015-06-16] (Kaspersky Lab ZAO)
    R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
    R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22F1DE39-4901-4A31-9FD8-4AA5B124D710}\MpKslDrv.sys [39168 2016-11-23] (Microsoft Corporation)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
    R3 netwlv32; C:\WINDOWS\System32\drivers\netwlv32.sys [6637056 2016-07-16] (Intel Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2016-01-29] (NVIDIA Corporation)
    S3 NvStUSB; C:\WINDOWS\System32\drivers\nvstusb.sys [435416 2014-07-01] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2015-10-13] (NVIDIA Corporation)
    S3 RDID1115; C:\WINDOWS\system32\Drivers\RDWM1115.SYS [71168 2015-07-23] (Roland Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
    R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2016-07-16] (Marvell)


    ==================== NetSvcs (Avec liste blanche) ===================


    (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)




    ==================== Un mois - Créés - fichiers et dossiers ========


    (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)


    2016-11-24 01:00 - 2016-11-24 01:00 - 00000000 ____D C:\FRST
    2016-11-24 00:34 - 2016-11-24 01:00 - 00000000 ____D C:\Users\Audrey\Desktop\Sysnative tools
    2016-11-23 22:37 - 2016-11-23 22:37 - 00000000 ____D C:\Users\Audrey\AppData\LocalLow\Apple Computer
    2016-11-23 22:32 - 2016-11-23 22:32 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\NVIDIA
    2016-11-23 16:35 - 2016-11-23 16:35 - 00000391 _____ C:\Users\Audrey\Desktop\Panneau de configuration - Raccourci.lnk
    2016-11-23 16:20 - 2016-11-23 16:20 - 00014000 ____N C:\bootsqm.dat
    2016-11-23 16:19 - 2016-11-23 16:19 - 00000000 __SHD C:\found.001
    2016-11-23 15:14 - 2016-11-23 16:40 - 00000000 ____D C:\Users\Audrey\AppData\Local\ConnectedDevicesPlatform
    2016-11-23 15:14 - 2016-11-23 15:14 - 00000020 ___SH C:\Users\Audrey\ntuser.ini
    2016-11-23 13:13 - 2016-11-23 13:50 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2016-11-22 13:45 - 2016-11-22 13:46 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Optimisation Firefox
    2016-11-21 15:45 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2016-11-21 15:45 - 2016-11-02 12:22 - 06020448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-11-21 15:45 - 2016-11-02 12:21 - 00570720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2016-11-21 15:45 - 2016-11-02 12:05 - 00313088 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2016-11-21 15:45 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
    2016-11-21 15:45 - 2016-11-02 11:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
    2016-11-21 15:45 - 2016-11-02 11:44 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
    2016-11-21 15:45 - 2016-11-02 11:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2016-11-21 15:45 - 2016-11-02 11:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
    2016-11-21 15:45 - 2016-11-02 11:41 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2016-11-21 15:45 - 2016-11-02 11:32 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-11-21 15:45 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2016-11-21 15:45 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
    2016-11-21 15:45 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-11-21 15:45 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2016-11-21 15:45 - 2016-10-28 04:11 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
    2016-11-21 15:45 - 2016-10-15 05:40 - 01126496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2016-11-21 15:45 - 2016-10-15 05:36 - 04970224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2016-11-21 15:45 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2016-11-21 15:45 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
    2016-11-21 15:45 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2016-11-21 15:45 - 2016-10-15 05:18 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2016-11-21 15:45 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
    2016-11-21 15:45 - 2016-10-15 05:18 - 00067424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
    2016-11-21 15:45 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2016-11-21 15:45 - 2016-10-15 05:14 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2016-11-21 15:45 - 2016-10-15 05:14 - 00802600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2016-11-21 15:45 - 2016-10-15 05:14 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2016-11-21 15:45 - 2016-10-15 05:10 - 01968992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2016-11-21 15:45 - 2016-10-15 05:10 - 00781664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2016-11-21 15:45 - 2016-10-15 05:10 - 00482656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2016-11-21 15:45 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
    2016-11-21 15:45 - 2016-10-15 04:58 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-11-21 15:45 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
    2016-11-21 15:45 - 2016-10-15 04:55 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2016-11-21 15:45 - 2016-10-15 04:48 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2016-11-21 15:45 - 2016-10-15 04:48 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2016-11-21 15:45 - 2016-10-15 04:48 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
    2016-11-21 15:45 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2016-11-21 15:45 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2016-11-21 15:45 - 2016-10-15 04:43 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2016-11-21 15:45 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
    2016-11-21 15:45 - 2016-10-15 04:37 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2016-11-21 15:45 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
    2016-11-21 15:45 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2016-11-21 15:45 - 2016-10-05 10:59 - 00949600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2016-11-21 15:45 - 2016-10-05 10:54 - 01097568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2016-11-21 15:45 - 2016-10-05 10:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2016-11-21 15:45 - 2016-10-05 10:24 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
    2016-11-21 15:45 - 2016-10-05 10:23 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2016-11-21 15:45 - 2016-10-05 10:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
    2016-11-21 15:45 - 2016-10-05 10:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
    2016-11-21 15:45 - 2016-10-05 10:22 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2016-11-21 15:45 - 2016-10-05 10:20 - 00303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2016-11-21 15:45 - 2016-10-05 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
    2016-11-21 15:45 - 2016-10-05 10:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
    2016-11-21 15:45 - 2016-10-05 10:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2016-11-21 15:45 - 2016-09-15 18:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2016-11-21 15:45 - 2016-09-15 18:35 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
    2016-11-21 15:45 - 2016-09-15 18:35 - 00356704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2016-11-21 15:45 - 2016-09-15 18:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2016-11-21 15:45 - 2016-09-15 18:22 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
    2016-11-21 15:45 - 2016-09-15 18:21 - 00557920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2016-11-21 15:45 - 2016-09-15 18:21 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2016-11-21 15:45 - 2016-09-15 18:21 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2016-11-21 15:45 - 2016-09-15 18:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
    2016-11-21 15:45 - 2016-09-15 18:16 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
    2016-11-21 15:45 - 2016-09-15 18:00 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2016-11-21 15:45 - 2016-09-15 18:00 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
    2016-11-21 15:45 - 2016-09-15 17:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
    2016-11-21 15:45 - 2016-09-15 17:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
    2016-11-21 15:45 - 2016-09-15 17:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
    2016-11-21 15:45 - 2016-09-15 17:56 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2016-11-21 15:45 - 2016-09-15 17:54 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
    2016-11-21 15:45 - 2016-09-15 17:53 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2016-11-21 15:45 - 2016-09-15 17:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
    2016-11-21 15:45 - 2016-09-15 17:53 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2016-11-21 15:45 - 2016-09-15 17:52 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
    2016-11-21 15:45 - 2016-09-15 17:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
    2016-11-21 15:45 - 2016-09-15 17:47 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2016-11-21 15:45 - 2016-09-15 17:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
    2016-11-21 15:45 - 2016-09-15 17:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
    2016-11-21 15:45 - 2016-09-15 17:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
    2016-11-21 15:45 - 2016-09-15 17:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2016-11-21 15:45 - 2016-09-15 17:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2016-11-21 15:45 - 2016-09-15 17:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
    2016-11-21 15:45 - 2016-09-15 17:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
    2016-11-21 15:45 - 2016-09-15 17:38 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2016-11-21 15:45 - 2016-09-15 17:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
    2016-11-21 15:45 - 2016-09-15 17:35 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
    2016-11-21 15:45 - 2016-09-07 06:33 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2016-11-21 15:45 - 2016-09-07 06:25 - 00133296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2016-11-21 15:45 - 2016-09-07 06:16 - 00589144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
    2016-11-21 15:45 - 2016-09-07 06:16 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2016-11-21 15:45 - 2016-09-07 06:07 - 00043944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
    2016-11-21 15:45 - 2016-09-07 05:52 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2016-11-21 15:45 - 2016-09-07 05:51 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2016-11-21 15:45 - 2016-09-07 05:44 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2016-11-21 15:45 - 2016-09-07 05:34 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
    2016-11-21 15:45 - 2016-09-07 05:34 - 01885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-11-21 15:45 - 2016-08-27 05:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
    2016-11-21 15:45 - 2016-08-20 06:49 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2016-11-21 15:45 - 2016-08-20 06:08 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2016-11-21 15:45 - 2016-08-06 05:16 - 00798504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2016-11-21 15:45 - 2016-08-06 05:15 - 00292184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2016-11-21 15:45 - 2016-08-06 05:06 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-11-21 15:45 - 2016-08-06 04:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
    2016-11-21 15:45 - 2016-08-06 04:37 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
    2016-11-21 15:45 - 2016-08-06 04:23 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
    2016-11-21 15:45 - 2016-08-05 10:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
    2016-11-21 15:45 - 2016-08-05 09:54 - 00564488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
    2016-11-21 15:45 - 2016-07-22 02:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
    2016-11-21 15:44 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2016-11-21 15:44 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-11-21 15:44 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-11-21 15:44 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-11-21 15:44 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2016-11-21 15:44 - 2016-11-02 12:01 - 01413664 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2016-11-21 15:44 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2016-11-21 15:44 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-11-21 15:44 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-11-21 15:44 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
    2016-11-21 15:44 - 2016-11-02 11:42 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2016-11-21 15:44 - 2016-11-02 11:40 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2016-11-21 15:44 - 2016-11-02 11:38 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-11-21 15:44 - 2016-11-02 11:38 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-11-21 15:44 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-11-21 15:44 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-11-21 15:44 - 2016-11-02 11:33 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
    2016-11-21 15:44 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2016-11-21 15:44 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2016-11-21 15:44 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-11-21 15:44 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2016-11-21 15:44 - 2016-11-02 11:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2016-11-21 15:44 - 2016-11-02 11:28 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-11-21 15:44 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2016-11-21 15:44 - 2016-11-02 11:26 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-11-21 15:44 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-11-21 15:44 - 2016-10-15 06:11 - 00224608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2016-11-21 15:44 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2016-11-21 15:44 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2016-11-21 15:44 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2016-11-21 15:44 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2016-11-21 15:44 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2016-11-21 15:44 - 2016-10-15 05:11 - 01345504 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2016-11-21 15:44 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-11-21 15:44 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2016-11-21 15:44 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
    2016-11-21 15:44 - 2016-10-15 04:55 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2016-11-21 15:44 - 2016-10-15 04:52 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2016-11-21 15:44 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
    2016-11-21 15:44 - 2016-10-15 04:50 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-11-21 15:44 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
    2016-11-21 15:44 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2016-11-21 15:44 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-11-21 15:44 - 2016-10-15 04:43 - 00500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2016-11-21 15:44 - 2016-10-15 04:41 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
    2016-11-21 15:44 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2016-11-21 15:44 - 2016-10-05 10:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2016-11-21 15:44 - 2016-10-05 10:46 - 00056672 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
    2016-11-21 15:44 - 2016-10-05 10:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
    2016-11-21 15:44 - 2016-10-05 10:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
    2016-11-21 15:44 - 2016-10-05 10:25 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2016-11-21 15:44 - 2016-10-05 10:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2016-11-21 15:44 - 2016-10-05 10:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2016-11-21 15:44 - 2016-10-05 10:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2016-11-21 15:44 - 2016-10-05 10:09 - 01700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
    2016-11-21 15:44 - 2016-10-05 10:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-11-21 15:44 - 2016-10-05 10:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2016-11-21 15:44 - 2016-10-05 10:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2016-11-21 15:44 - 2016-09-15 18:26 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2016-11-21 15:44 - 2016-09-15 18:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2016-11-21 15:44 - 2016-09-15 18:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2016-11-21 15:44 - 2016-09-15 18:01 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
    2016-11-21 15:44 - 2016-09-15 17:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
    2016-11-21 15:44 - 2016-09-15 17:57 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
    2016-11-21 15:44 - 2016-09-15 17:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2016-11-21 15:44 - 2016-09-15 17:56 - 00823808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2016-11-21 15:44 - 2016-09-15 17:56 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2016-11-21 15:44 - 2016-09-15 17:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
    2016-11-21 15:44 - 2016-09-15 17:55 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
    2016-11-21 15:44 - 2016-09-15 17:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2016-11-21 15:44 - 2016-09-15 17:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2016-11-21 15:44 - 2016-09-15 17:52 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2016-11-21 15:44 - 2016-09-15 17:49 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2016-11-21 15:44 - 2016-09-15 17:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2016-11-21 15:44 - 2016-09-15 17:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2016-11-21 15:44 - 2016-09-15 17:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
    2016-11-21 15:44 - 2016-09-15 17:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2016-11-21 15:44 - 2016-09-15 17:44 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2016-11-21 15:44 - 2016-09-15 17:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2016-11-21 15:44 - 2016-09-15 17:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2016-11-21 15:44 - 2016-09-15 17:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2016-11-21 15:44 - 2016-09-07 06:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2016-11-21 15:44 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
    2016-11-21 15:44 - 2016-09-07 05:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2016-11-21 15:44 - 2016-09-07 05:40 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2016-11-21 15:44 - 2016-09-07 05:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2016-11-21 15:44 - 2016-09-07 05:31 - 00461312 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
    2016-11-21 15:44 - 2016-08-20 06:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
    2016-11-21 15:44 - 2016-08-20 06:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
    2016-11-21 15:44 - 2016-08-20 06:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
    2016-11-21 15:44 - 2016-08-20 05:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
    2016-11-21 15:44 - 2016-08-20 05:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
    2016-11-21 15:44 - 2016-08-09 03:13 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
    2016-11-21 15:44 - 2016-08-06 04:48 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2016-11-21 15:44 - 2016-08-06 04:47 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
    2016-11-21 15:44 - 2016-08-06 04:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
    2016-11-21 15:44 - 2016-08-06 04:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
    2016-11-21 15:44 - 2016-08-06 04:39 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
    2016-11-21 15:44 - 2016-08-06 04:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
    2016-11-21 15:44 - 2016-08-06 04:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
    2016-11-21 15:44 - 2016-08-05 09:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
    2016-11-21 15:44 - 2016-08-05 09:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
    2016-11-21 15:44 - 2016-08-05 09:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
    2016-11-21 15:43 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-11-21 15:43 - 2016-11-02 12:24 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-11-21 15:43 - 2016-11-02 12:24 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-11-21 15:43 - 2016-11-02 12:23 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-11-21 15:43 - 2016-11-02 12:23 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-11-21 15:43 - 2016-11-02 12:21 - 00276320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2016-11-21 15:43 - 2016-11-02 12:09 - 00544088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2016-11-21 15:43 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
    2016-11-21 15:43 - 2016-11-02 12:00 - 00042336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
    2016-11-21 15:43 - 2016-11-02 11:51 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
    2016-11-21 15:43 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2016-11-21 15:43 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-11-21 15:43 - 2016-11-02 11:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2016-11-21 15:43 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
    2016-11-21 15:43 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
    2016-11-21 15:43 - 2016-11-02 11:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
    2016-11-21 15:43 - 2016-11-02 11:45 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-11-21 15:43 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2016-11-21 15:43 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-11-21 15:43 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8.dll
    2016-11-21 15:43 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-11-21 15:43 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2016-11-21 15:43 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2016-11-21 15:43 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
    2016-11-21 15:43 - 2016-11-02 11:37 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2016-11-21 15:43 - 2016-11-02 11:36 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
    2016-11-21 15:43 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
    2016-11-21 15:43 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
    2016-11-21 15:43 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
    2016-11-21 15:43 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
    2016-11-21 15:43 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2016-11-21 15:43 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
    2016-11-21 15:43 - 2016-10-15 05:26 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2016-11-21 15:43 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2016-11-21 15:43 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
    2016-11-21 15:43 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2016-11-21 15:43 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
    2016-11-21 15:43 - 2016-10-15 04:58 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2016-11-21 15:43 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
    2016-11-21 15:43 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
    2016-11-21 15:43 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
    2016-11-21 15:43 - 2016-10-15 04:54 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-11-21 15:43 - 2016-10-15 04:54 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
    2016-11-21 15:43 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
    2016-11-21 15:43 - 2016-10-15 04:54 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
    2016-11-21 15:43 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2016-11-21 15:43 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2016-11-21 15:43 - 2016-10-15 04:51 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2016-11-21 15:43 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-11-21 15:43 - 2016-10-15 04:49 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-11-21 15:43 - 2016-10-15 04:48 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
    2016-11-21 15:43 - 2016-10-15 04:46 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
    2016-11-21 15:43 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
    2016-11-21 15:43 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2016-11-21 15:43 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
    2016-11-21 15:43 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2016-11-21 15:43 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2016-11-21 15:43 - 2016-10-15 04:36 - 00528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2016-11-21 15:43 - 2016-10-15 04:33 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
    2016-11-21 15:43 - 2016-10-05 11:05 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
    2016-11-21 15:43 - 2016-10-05 10:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2016-11-21 15:43 - 2016-10-05 10:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2016-11-21 15:43 - 2016-10-05 10:45 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2016-11-21 15:43 - 2016-10-05 10:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2016-11-21 15:43 - 2016-10-05 10:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
    2016-11-21 15:43 - 2016-10-05 10:28 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
    2016-11-21 15:43 - 2016-10-05 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
    2016-11-21 15:43 - 2016-10-05 10:25 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2016-11-21 15:43 - 2016-10-05 10:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
    2016-11-21 15:43 - 2016-10-05 10:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
    2016-11-21 15:43 - 2016-10-05 10:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2016-11-21 15:43 - 2016-10-05 10:18 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
    2016-11-21 15:43 - 2016-10-05 10:09 - 00608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2016-11-21 15:43 - 2016-10-05 10:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
    2016-11-21 15:43 - 2016-10-05 10:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
    2016-11-21 15:43 - 2016-10-05 10:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
    2016-11-21 15:43 - 2016-09-15 18:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2016-11-21 15:43 - 2016-09-15 18:32 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2016-11-21 15:43 - 2016-09-15 18:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
    2016-11-21 15:43 - 2016-09-15 18:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2016-11-21 15:43 - 2016-09-15 18:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2016-11-21 15:43 - 2016-09-15 18:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
    2016-11-21 15:43 - 2016-09-15 18:17 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
    2016-11-21 15:43 - 2016-09-15 18:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
    2016-11-21 15:43 - 2016-09-15 18:06 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
    2016-11-21 15:43 - 2016-09-15 18:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
    2016-11-21 15:43 - 2016-09-15 18:02 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2016-11-21 15:43 - 2016-09-15 18:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
    2016-11-21 15:43 - 2016-09-15 18:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
    2016-11-21 15:43 - 2016-09-15 18:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2016-11-21 15:43 - 2016-09-15 17:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
    2016-11-21 15:43 - 2016-09-15 17:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
    2016-11-21 15:43 - 2016-09-15 17:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2016-11-21 15:43 - 2016-09-15 17:58 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2016-11-21 15:43 - 2016-09-15 17:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
    2016-11-21 15:43 - 2016-09-15 17:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
    2016-11-21 15:43 - 2016-09-15 17:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2016-11-21 15:43 - 2016-09-15 17:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
    2016-11-21 15:43 - 2016-09-15 17:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
    2016-11-21 15:43 - 2016-09-15 17:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
    2016-11-21 15:43 - 2016-09-15 17:56 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
    2016-11-21 15:43 - 2016-09-15 17:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
    2016-11-21 15:43 - 2016-09-15 17:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
    2016-11-21 15:43 - 2016-09-15 17:55 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2016-11-21 15:43 - 2016-09-15 17:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
    2016-11-21 15:43 - 2016-09-15 17:55 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
    2016-11-21 15:43 - 2016-09-15 17:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
    2016-11-21 15:43 - 2016-09-15 17:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
    2016-11-21 15:43 - 2016-09-15 17:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
    2016-11-21 15:43 - 2016-09-15 17:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
    2016-11-21 15:43 - 2016-09-15 17:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
    2016-11-21 15:43 - 2016-09-15 17:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
    2016-11-21 15:43 - 2016-09-15 17:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
    2016-11-21 15:43 - 2016-09-15 17:54 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
    2016-11-21 15:43 - 2016-09-15 17:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
    2016-11-21 15:43 - 2016-09-15 17:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
    2016-11-21 15:43 - 2016-09-15 17:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2016-11-21 15:43 - 2016-09-15 17:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
    2016-11-21 15:43 - 2016-09-15 17:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
    2016-11-21 15:43 - 2016-09-15 17:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
    2016-11-21 15:43 - 2016-09-15 17:48 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-11-21 15:43 - 2016-09-15 17:45 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
    2016-11-21 15:43 - 2016-09-15 17:43 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
    2016-11-21 15:43 - 2016-09-15 17:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
    2016-11-21 15:43 - 2016-09-15 17:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
    2016-11-21 15:43 - 2016-09-15 17:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
    2016-11-21 15:43 - 2016-09-15 17:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2016-11-21 15:43 - 2016-09-15 17:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2016-11-21 15:43 - 2016-09-15 17:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
    2016-11-21 15:43 - 2016-09-15 17:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
    2016-11-21 15:43 - 2016-09-15 17:39 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2016-11-21 15:43 - 2016-09-15 17:39 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
    2016-11-21 15:43 - 2016-09-15 17:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2016-11-21 15:43 - 2016-09-15 17:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2016-11-21 15:43 - 2016-09-15 17:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2016-11-21 15:43 - 2016-09-15 17:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
    2016-11-21 15:43 - 2016-09-15 17:35 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2016-11-21 15:43 - 2016-09-07 05:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2016-11-21 15:43 - 2016-09-07 05:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
    2016-11-21 15:43 - 2016-09-07 05:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2016-11-21 15:43 - 2016-09-07 05:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2016-11-21 15:43 - 2016-09-07 05:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2016-11-21 15:43 - 2016-09-07 05:43 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2016-11-21 15:43 - 2016-09-07 05:43 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2016-11-21 15:43 - 2016-09-07 05:39 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2016-11-21 15:43 - 2016-09-07 05:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2016-11-21 15:43 - 2016-08-27 05:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2016-11-21 15:43 - 2016-08-20 06:15 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
    2016-11-21 15:43 - 2016-08-20 06:14 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
    2016-11-21 15:43 - 2016-08-20 06:14 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2016-11-21 15:43 - 2016-08-20 06:14 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
    2016-11-21 15:43 - 2016-08-20 06:14 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
    2016-11-21 15:43 - 2016-08-20 06:12 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2016-11-21 15:43 - 2016-08-20 06:12 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2016-11-21 15:43 - 2016-08-20 06:12 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2016-11-21 15:43 - 2016-08-20 06:11 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2016-11-21 15:43 - 2016-08-20 06:11 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2016-11-21 15:43 - 2016-08-20 06:11 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
    2016-11-21 15:43 - 2016-08-20 06:09 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2016-11-21 15:43 - 2016-08-20 06:09 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2016-11-21 15:43 - 2016-08-20 06:09 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2016-11-21 15:43 - 2016-08-20 06:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2016-11-21 15:43 - 2016-08-20 06:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2016-11-21 15:43 - 2016-08-20 06:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
    2016-11-21 15:43 - 2016-08-06 05:14 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-11-21 15:43 - 2016-08-06 05:07 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-11-21 15:43 - 2016-08-06 05:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2016-11-21 15:43 - 2016-08-06 04:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
    2016-11-21 15:43 - 2016-08-06 04:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
    2016-11-21 15:43 - 2016-08-06 04:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
    2016-11-21 15:43 - 2016-08-06 04:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
    2016-11-21 15:43 - 2016-08-06 04:47 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
    2016-11-21 15:43 - 2016-08-06 04:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
    2016-11-21 15:43 - 2016-08-06 04:46 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
    2016-11-21 15:43 - 2016-08-06 04:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
    2016-11-21 15:43 - 2016-08-06 04:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
    2016-11-21 15:43 - 2016-08-06 04:40 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2016-11-21 15:43 - 2016-08-06 04:39 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2016-11-21 15:43 - 2016-08-06 04:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2016-11-21 15:43 - 2016-08-06 04:32 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2016-11-21 15:43 - 2016-08-06 04:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2016-11-21 15:43 - 2016-08-06 04:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2016-11-21 15:43 - 2016-08-02 05:47 - 00094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2016-11-21 15:42 - 2016-11-02 12:22 - 01583112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-11-21 15:42 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2016-11-21 15:42 - 2016-11-02 12:21 - 01957216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2016-11-21 15:42 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-11-21 15:42 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-11-21 15:42 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-11-21 15:42 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-11-21 15:42 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2016-11-21 15:42 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-11-21 15:42 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-11-21 15:42 - 2016-11-02 11:42 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2016-11-21 15:42 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
    2016-11-21 15:42 - 2016-11-02 11:42 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
    2016-11-21 15:42 - 2016-11-02 11:40 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2016-11-21 15:42 - 2016-11-02 11:39 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
    2016-11-21 15:42 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2016-11-21 15:42 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
    2016-11-21 15:42 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-11-21 15:42 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-11-21 15:42 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-11-21 15:42 - 2016-11-02 11:36 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2016-11-21 15:42 - 2016-11-02 11:32 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-11-21 15:42 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-11-21 15:42 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-11-21 15:42 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-11-21 15:42 - 2016-11-02 11:27 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2016-11-21 15:42 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
    2016-11-21 15:42 - 2016-11-02 11:26 - 03595776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2016-11-21 15:42 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2016-11-21 15:42 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-11-21 15:42 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-11-21 15:42 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-11-21 15:42 - 2016-11-02 11:26 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-11-21 15:42 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2016-11-21 15:42 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2016-11-21 15:42 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-11-21 15:42 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-11-21 15:42 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 01415520 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 01026400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 00496992 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 00486752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 00115552 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-11-21 15:42 - 2016-10-15 06:11 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-11-21 15:42 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
    2016-11-21 15:42 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2016-11-21 15:42 - 2016-10-15 05:27 - 00421216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2016-11-21 15:42 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2016-11-21 15:42 - 2016-10-15 05:20 - 01898336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-11-21 15:42 - 2016-10-15 05:20 - 00550752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-11-21 15:42 - 2016-10-15 05:20 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2016-11-21 15:42 - 2016-10-15 05:18 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2016-11-21 15:42 - 2016-10-15 05:18 - 00261984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-11-21 15:42 - 2016-10-15 04:56 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
    2016-11-21 15:42 - 2016-10-15 04:56 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-11-21 15:42 - 2016-10-15 04:55 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-11-21 15:42 - 2016-10-15 04:55 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
    2016-11-21 15:42 - 2016-10-15 04:54 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
    2016-11-21 15:42 - 2016-10-15 04:51 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2016-11-21 15:42 - 2016-10-15 04:50 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
    2016-11-21 15:42 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2016-11-21 15:42 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-11-21 15:42 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
    2016-11-21 15:42 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2016-11-21 15:42 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2016-11-21 15:42 - 2016-10-15 04:47 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2016-11-21 15:42 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
    2016-11-21 15:42 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
    2016-11-21 15:42 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-11-21 15:42 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
    2016-11-21 15:42 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-11-21 15:42 - 2016-10-15 04:40 - 01135616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2016-11-21 15:42 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
    2016-11-21 15:42 - 2016-10-15 04:37 - 01485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2016-11-21 15:42 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-11-21 15:42 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2016-11-21 15:42 - 2016-10-15 04:37 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-11-21 15:42 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2016-11-21 15:42 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-11-21 15:42 - 2016-10-05 11:10 - 00231776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2016-11-21 15:42 - 2016-10-05 11:03 - 01724584 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2016-11-21 15:42 - 2016-10-05 10:53 - 00154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2016-11-21 15:42 - 2016-10-05 10:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-11-21 15:42 - 2016-10-05 10:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2016-11-21 15:42 - 2016-10-05 10:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
    2016-11-21 15:42 - 2016-10-05 10:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2016-11-21 15:42 - 2016-10-05 10:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
    2016-11-21 15:42 - 2016-10-05 10:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-11-21 15:42 - 2016-10-05 10:10 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2016-11-21 15:42 - 2016-10-05 10:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2016-11-21 15:42 - 2016-10-05 10:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2016-11-21 15:42 - 2016-10-05 10:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
    2016-11-21 15:42 - 2016-09-15 18:42 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2016-11-21 15:42 - 2016-09-15 18:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
    2016-11-21 15:42 - 2016-09-15 18:36 - 00021344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
    2016-11-21 15:42 - 2016-09-15 18:31 - 00583648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2016-11-21 15:42 - 2016-09-15 18:27 - 00868704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2016-11-21 15:42 - 2016-09-15 18:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2016-11-21 15:42 - 2016-09-15 18:23 - 00170448 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-11-21 15:42 - 2016-09-15 18:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2016-11-21 15:42 - 2016-09-15 18:21 - 00175968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-11-21 15:42 - 2016-09-15 18:20 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2016-11-21 15:42 - 2016-09-15 18:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2016-11-21 15:42 - 2016-09-15 18:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
    2016-11-21 15:42 - 2016-09-15 18:00 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
    2016-11-21 15:42 - 2016-09-15 18:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
    2016-11-21 15:42 - 2016-09-15 17:58 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
    2016-11-21 15:42 - 2016-09-15 17:58 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2016-11-21 15:42 - 2016-09-15 17:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
    2016-11-21 15:42 - 2016-09-15 17:57 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
    2016-11-21 15:42 - 2016-09-15 17:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-11-21 15:42 - 2016-09-15 17:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
    2016-11-21 15:42 - 2016-09-15 17:56 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
    2016-11-21 15:42 - 2016-09-15 17:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2016-11-21 15:42 - 2016-09-15 17:55 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2016-11-21 15:42 - 2016-09-15 17:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2016-11-21 15:42 - 2016-09-15 17:55 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
    2016-11-21 15:42 - 2016-09-15 17:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
    2016-11-21 15:42 - 2016-09-15 17:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
    2016-11-21 15:42 - 2016-09-15 17:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2016-11-21 15:42 - 2016-09-15 17:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
    2016-11-21 15:42 - 2016-09-15 17:52 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-11-21 15:42 - 2016-09-15 17:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
    2016-11-21 15:42 - 2016-09-15 17:52 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2016-11-21 15:42 - 2016-09-15 17:52 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2016-11-21 15:42 - 2016-09-15 17:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2016-11-21 15:42 - 2016-09-15 17:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
    2016-11-21 15:42 - 2016-09-15 17:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
    2016-11-21 15:42 - 2016-09-15 17:51 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2016-11-21 15:42 - 2016-09-15 17:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
    2016-11-21 15:42 - 2016-09-15 17:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2016-11-21 15:42 - 2016-09-15 17:48 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2016-11-21 15:42 - 2016-09-15 17:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
    2016-11-21 15:42 - 2016-09-15 17:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2016-11-21 15:42 - 2016-09-15 17:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2016-11-21 15:42 - 2016-09-15 17:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
    2016-11-21 15:42 - 2016-09-15 17:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
    2016-11-21 15:42 - 2016-09-15 17:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
    2016-11-21 15:42 - 2016-09-15 17:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
    2016-11-21 15:42 - 2016-09-15 17:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
    2016-11-21 15:42 - 2016-09-15 17:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2016-11-21 15:42 - 2016-09-15 17:35 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2016-11-21 15:42 - 2016-09-07 06:35 - 00315736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2016-11-21 15:42 - 2016-09-07 06:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2016-11-21 15:42 - 2016-09-07 06:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-11-21 15:42 - 2016-09-07 06:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2016-11-21 15:42 - 2016-09-07 06:13 - 00432328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
    2016-11-21 15:42 - 2016-09-07 06:13 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
    2016-11-21 15:42 - 2016-09-07 06:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-11-21 15:42 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
    2016-11-21 15:42 - 2016-09-07 05:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2016-11-21 15:42 - 2016-09-07 05:56 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
    2016-11-21 15:42 - 2016-09-07 05:55 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
    2016-11-21 15:42 - 2016-09-07 05:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
    2016-11-21 15:42 - 2016-09-07 05:50 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
    2016-11-21 15:42 - 2016-09-07 05:50 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
    2016-11-21 15:42 - 2016-09-07 05:46 - 01774080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-11-21 15:42 - 2016-09-07 05:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
    2016-11-21 15:42 - 2016-09-07 05:44 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
    2016-11-21 15:42 - 2016-09-07 05:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2016-11-21 15:42 - 2016-09-07 05:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2016-11-21 15:42 - 2016-09-07 05:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
    2016-11-21 15:42 - 2016-09-07 05:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2016-11-21 15:42 - 2016-09-07 05:34 - 00920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2016-11-21 15:42 - 2016-08-20 06:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2016-11-21 15:42 - 2016-08-20 05:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
    2016-11-21 15:42 - 2016-08-06 05:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2016-11-21 15:42 - 2016-08-06 04:47 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
    2016-11-21 15:42 - 2016-08-06 04:47 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
    2016-11-21 15:42 - 2016-08-06 04:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
    2016-11-21 15:42 - 2016-08-06 04:45 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
    2016-11-21 15:42 - 2016-08-06 04:37 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2016-11-21 15:42 - 2016-08-06 04:30 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
    2016-11-21 15:42 - 2016-08-06 04:25 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2016-11-21 15:41 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-11-21 15:41 - 2016-11-02 12:06 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2016-11-21 15:41 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
    2016-11-21 15:41 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2016-11-21 15:41 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2016-11-21 15:41 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
    2016-11-21 15:41 - 2016-11-02 11:46 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
    2016-11-21 15:41 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-11-21 15:41 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
    2016-11-21 15:41 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthExt.dll
    2016-11-21 15:41 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2016-11-21 15:41 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2016-11-21 15:41 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
    2016-11-21 15:41 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2016-11-21 15:41 - 2016-11-02 11:42 - 00384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2016-11-21 15:41 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2016-11-21 15:41 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2016-11-21 15:41 - 2016-11-02 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
    2016-11-21 15:41 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
    2016-11-21 15:41 - 2016-11-02 11:40 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2016-11-21 15:41 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
    2016-11-21 15:41 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
    2016-11-21 15:41 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
    2016-11-21 15:41 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
    2016-11-21 15:41 - 2016-11-02 11:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-11-21 15:41 - 2016-10-15 05:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2016-11-21 15:41 - 2016-10-15 04:59 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
    2016-11-21 15:41 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2016-11-21 15:41 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
    2016-11-21 15:41 - 2016-10-15 04:54 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-11-21 15:41 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
    2016-11-21 15:41 - 2016-10-15 04:53 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
    2016-11-21 15:41 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
    2016-11-21 15:41 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
    2016-11-21 15:41 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
    2016-11-21 15:41 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
    2016-11-21 15:41 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
    2016-11-21 15:41 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2016-11-21 15:41 - 2016-10-15 04:36 - 01523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2016-11-21 15:41 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
    2016-11-21 15:41 - 2016-10-05 10:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2016-11-21 15:41 - 2016-10-05 10:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
    2016-11-21 15:41 - 2016-10-05 10:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
    2016-11-21 15:41 - 2016-10-05 10:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
    2016-11-21 15:41 - 2016-10-05 10:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
    2016-11-21 15:41 - 2016-10-05 10:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
    2016-11-21 15:41 - 2016-10-05 10:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
    2016-11-21 15:41 - 2016-10-05 10:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
    2016-11-21 15:41 - 2016-10-05 10:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
    2016-11-21 15:41 - 2016-10-05 10:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
    2016-11-21 15:41 - 2016-10-05 10:11 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2016-11-21 15:41 - 2016-10-05 10:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2016-11-21 15:41 - 2016-10-05 10:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
    2016-11-21 15:41 - 2016-10-05 10:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
    2016-11-21 15:41 - 2016-09-15 18:37 - 00320152 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2016-11-21 15:41 - 2016-09-15 18:34 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-11-21 15:41 - 2016-09-15 18:32 - 00279416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
    2016-11-21 15:41 - 2016-09-15 18:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-11-21 15:41 - 2016-09-15 18:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2016-11-21 15:41 - 2016-09-15 18:00 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
    2016-11-21 15:41 - 2016-09-15 17:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
    2016-11-21 15:41 - 2016-09-15 17:58 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
    2016-11-21 15:41 - 2016-09-15 17:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
    2016-11-21 15:41 - 2016-09-15 17:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
    2016-11-21 15:41 - 2016-09-15 17:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
    2016-11-21 15:41 - 2016-09-15 17:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
    2016-11-21 15:41 - 2016-09-15 17:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
    2016-11-21 15:41 - 2016-09-15 17:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2016-11-21 15:41 - 2016-09-15 17:48 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
    2016-11-21 15:41 - 2016-09-15 17:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
    2016-11-21 15:41 - 2016-09-15 17:47 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
    2016-11-21 15:41 - 2016-09-15 17:46 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2016-11-21 15:41 - 2016-09-15 17:46 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
    2016-11-21 15:41 - 2016-09-15 17:45 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
    2016-11-21 15:41 - 2016-09-15 17:44 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
    2016-11-21 15:41 - 2016-09-15 17:44 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
    2016-11-21 15:41 - 2016-09-15 17:44 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
    2016-11-21 15:41 - 2016-09-15 17:44 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
    2016-11-21 15:41 - 2016-09-15 17:44 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
    2016-11-21 15:41 - 2016-09-15 17:43 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
    2016-11-21 15:41 - 2016-09-15 17:42 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
    2016-11-21 15:41 - 2016-09-15 17:42 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
    2016-11-21 15:41 - 2016-09-15 17:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2016-11-21 15:41 - 2016-09-15 17:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
    2016-11-21 15:41 - 2016-09-07 06:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2016-11-21 15:41 - 2016-09-07 06:29 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
    2016-11-21 15:41 - 2016-09-07 06:18 - 00290264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2016-11-21 15:41 - 2016-09-07 06:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
    2016-11-21 15:41 - 2016-09-07 06:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
    2016-11-21 15:41 - 2016-09-07 05:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
    2016-11-21 15:41 - 2016-09-07 05:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
    2016-11-21 15:41 - 2016-09-07 05:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
    2016-11-21 15:41 - 2016-09-07 05:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
    2016-11-21 15:41 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
    2016-11-21 15:41 - 2016-09-07 05:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
    2016-11-21 15:41 - 2016-09-07 05:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-11-21 15:41 - 2016-09-07 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
    2016-11-21 15:41 - 2016-09-07 05:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
    2016-11-21 15:41 - 2016-09-07 05:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-11-21 15:41 - 2016-09-07 05:55 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-11-21 15:41 - 2016-09-07 05:54 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2016-11-21 15:41 - 2016-09-07 05:54 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-11-21 15:41 - 2016-09-07 05:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
    2016-11-21 15:41 - 2016-09-07 05:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
    2016-11-21 15:41 - 2016-09-07 05:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
    2016-11-21 15:41 - 2016-09-07 05:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
    2016-11-21 15:41 - 2016-09-07 05:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-11-21 15:41 - 2016-09-07 05:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
    2016-11-21 15:41 - 2016-09-07 05:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
    2016-11-21 15:41 - 2016-09-07 05:47 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-11-21 15:41 - 2016-09-07 05:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
    2016-11-21 15:41 - 2016-09-07 05:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
    2016-11-21 15:41 - 2016-09-07 05:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
    2016-11-21 15:41 - 2016-09-07 05:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
    2016-11-21 15:41 - 2016-08-20 06:15 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
    2016-11-21 15:41 - 2016-08-20 06:10 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2016-11-21 15:41 - 2016-08-20 06:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2016-11-21 15:41 - 2016-08-06 05:26 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
    2016-11-21 15:41 - 2016-08-06 05:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2016-11-21 15:41 - 2016-08-06 04:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2016-11-21 15:41 - 2016-08-06 04:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
    2016-11-21 15:41 - 2016-08-06 04:48 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2016-11-21 15:41 - 2016-08-06 04:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
    2016-11-21 15:41 - 2016-08-06 04:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2016-11-21 15:41 - 2016-08-06 04:45 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
    2016-11-21 15:41 - 2016-08-06 04:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2016-11-21 15:41 - 2016-08-06 04:43 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2016-11-21 15:41 - 2016-08-06 04:43 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
    2016-11-21 15:41 - 2016-08-06 04:40 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-11-21 15:41 - 2016-08-06 04:25 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2016-11-21 15:41 - 2016-08-02 05:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2016-11-21 15:41 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-11-21 02:03 - 2016-11-21 02:03 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2016-11-21 02:00 - 2016-11-21 02:00 - 00000000 ____D C:\ProgramData\USOShared
    2016-11-21 01:59 - 2016-11-21 01:59 - 00000020 ___SH C:\Users\Ralek Bibi\ntuser.ini
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Modèles
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Mes documents
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
    2016-11-21 01:40 - 2016-11-21 01:40 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
    2016-11-21 01:33 - 2016-11-21 01:38 - 00015243 _____ C:\WINDOWS\diagwrn.xml
    2016-11-21 01:33 - 2016-11-21 01:38 - 00015243 _____ C:\WINDOWS\diagerr.xml
    2016-11-21 01:19 - 2016-11-23 18:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-11-21 01:04 - 2016-11-21 01:04 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2016-11-21 01:04 - 2016-11-21 01:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
    2016-11-21 01:04 - 2016-11-21 01:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
    2016-11-21 00:53 - 2016-11-23 15:17 - 00000000 ____D C:\Users\Audrey
    2016-11-21 00:53 - 2016-11-23 13:53 - 00000000 ____D C:\Users\Administrateur
    2016-11-21 00:53 - 2016-11-22 15:44 - 00000000 ____D C:\Users\Ralek Bibi
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Voisinage réseau
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Voisinage d'impression
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Modèles
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Mes documents
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Ralek Bibi\Menu Démarrer
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Voisinage réseau
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Voisinage d'impression
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Modèles
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Mes documents
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Menu Démarrer
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Documents\Mes vidéos
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Documents\Mes images
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\Documents\Ma musique
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
    2016-11-21 00:53 - 2016-11-21 00:53 - 00000000 _SHDL C:\Users\Audrey\AppData\Local\Historique
    2016-11-21 00:49 - 2016-11-23 18:18 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-11-21 00:49 - 2016-11-21 00:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
    2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
    2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
    2016-11-21 00:49 - 2016-11-21 00:49 - 00000000 ____D C:\Program Files\AuthenTec
    2016-11-21 00:49 - 2016-01-29 11:14 - 04397624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2016-11-21 00:49 - 2016-01-29 11:14 - 03068864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
    2016-11-21 00:49 - 2016-01-29 11:14 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2016-11-21 00:49 - 2016-01-29 11:14 - 00678968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
    2016-11-21 00:49 - 2016-01-29 11:14 - 00381888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2016-11-21 00:49 - 2016-01-29 11:14 - 00070200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2016-11-21 00:49 - 2016-01-28 17:18 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
    2016-11-21 00:48 - 2016-11-21 00:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-11-21 00:48 - 2016-11-21 00:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01005.Wdf
    2016-11-21 00:48 - 2016-11-21 00:48 - 00000000 ____D C:\Program Files\Sigmatel
    2016-11-21 00:48 - 2016-11-21 00:48 - 00000000 ____D C:\Program Files\DellTPad
    2016-11-21 00:48 - 2007-09-28 06:56 - 04947968 _____ (IDT, Inc.) C:\WINDOWS\system32\stacgui.cpl
    2016-11-21 00:48 - 2007-09-28 06:56 - 01601536 _____ (SigmaTel, Inc.) C:\WINDOWS\system32\stlang.dll
    2016-11-21 00:48 - 2007-09-28 06:56 - 00643072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\aestecap.dll
    2016-11-21 00:48 - 2007-09-28 06:56 - 00131072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\aestacap.dll
    2016-11-21 00:48 - 2007-09-28 06:56 - 00102400 _____ (IDT, Inc.) C:\WINDOWS\system32\stacsv.exe
    2016-11-21 00:48 - 2007-09-28 06:56 - 00073728 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AEstSrv.exe
    2016-11-21 00:48 - 2007-09-28 06:56 - 00053248 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\aestaren.dll
    2016-11-21 00:44 - 2016-11-24 00:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2016-11-21 00:43 - 2016-11-21 20:12 - 03564504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-11-21 00:41 - 2016-11-23 15:01 - 00000000 ___DC C:\WINDOWS\Panther
    2016-11-21 00:31 - 2016-11-21 00:32 - 00000000 ____D C:\Windows.old
    2016-11-21 00:22 - 2016-11-21 00:44 - 00000000 ____D C:\WINDOWS\ServiceProfiles
    2016-11-21 00:12 - 2016-11-21 00:12 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
    2016-11-21 00:12 - 2016-11-21 00:12 - 00000000 ____D C:\Program Files\Reference Assemblies
    2016-11-21 00:12 - 2016-11-21 00:12 - 00000000 ____D C:\Program Files\MSBuild
    2016-11-21 00:11 - 2016-11-21 00:11 - 03716096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
    2016-11-21 00:11 - 2016-11-21 00:11 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
    2016-11-21 00:11 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2016-11-21 00:11 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2016-11-21 00:11 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2016-11-20 20:33 - 2016-11-20 20:33 - 00032768 _____ C:\WINDOWS\system32\persistent_q.db-shm
    2016-11-20 20:33 - 2016-11-20 20:33 - 00001080 _____ C:\WINDOWS\system32\persistent_q.db-wal
    2016-11-20 20:33 - 2016-11-20 20:33 - 00001024 _____ C:\WINDOWS\system32\persistent_q.db
    2016-11-20 19:41 - 2016-11-20 20:02 - 00000000 ____D C:\Program Files\Tolackcebersh_
    2016-11-20 19:41 - 2016-11-20 20:02 - 00000000 ____D C:\Program Files\Deringchederse
    2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\Users\Public\Thunder Network
    2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\ProgramData\Avira
    2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\ProgramData\Avg
    2016-11-20 19:41 - 2016-11-20 19:41 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-11-20 19:40 - 2016-11-20 20:02 - 00000000 ____D C:\Program Files\Tolackcebersh
    2016-11-20 19:39 - 2016-11-20 19:39 - 00000000 _____ C:\TOSTACK
    2016-11-20 19:37 - 2016-11-20 20:08 - 00000000 ___HD C:\ProgramData\52231.69108
    2016-11-20 19:29 - 2016-11-20 19:53 - 00000000 ___HD C:\ProgramData\62972.21804
    2016-11-20 19:18 - 2016-11-20 21:15 - 00000000 ____D C:\Program Files\Microsoft Toolkit Final
    2016-11-20 19:08 - 2016-11-20 19:08 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
    2016-11-17 12:16 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\Foxit Software
    2016-11-16 14:39 - 2016-11-16 14:41 - 03910208 _____ C:\Users\Ralek Bibi\Desktop\adwcleaner_6.030.exe
    2016-11-16 13:52 - 2016-11-16 13:52 - 00000000 ____D C:\ProgramData\FileOpen
    2016-11-16 13:51 - 2016-11-16 13:51 - 00000000 ____D C:\ProgramData\Nitro
    2016-11-15 20:12 - 2016-11-21 00:58 - 00000000 ____D C:\WINDOWS\system32\BestPractices
    2016-11-15 18:49 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-11-15 03:34 - 2016-11-15 03:34 - 00000000 ____D C:\Users\Audrey\AppData\Local\Apple
    2016-11-14 11:55 - 2016-11-14 11:55 - 00118820 _____ C:\Users\Audrey\Downloads\Notice sécurité incendie.pdf
    2016-11-14 11:55 - 2016-11-14 11:55 - 00118820 _____ C:\Users\Audrey\Desktop\Notice sécurité incendie.pdf
    2016-11-14 11:49 - 2016-11-14 11:49 - 00118820 _____ C:\Users\Audrey\Downloads\5- jarzuel thieme charlotte-gerard.thieme@neuf.fr.pdf
    2016-11-14 11:49 - 2016-11-14 11:49 - 00118820 _____ C:\Users\Audrey\Desktop\notice incendie.pdf
    2016-11-14 11:39 - 2016-11-14 11:39 - 00205165 _____ C:\Users\Audrey\Downloads\5-jarzuelthiemecharlotte-gerard.thiemeneuf.fr.pdf
    2016-11-14 11:33 - 2016-11-14 11:33 - 00000000 ____D C:\Users\Audrey\AppData\Local\CEF
    2016-11-14 11:32 - 2016-11-23 22:31 - 00000000 ____D C:\Users\Audrey\AppData\Local\Adobe
    2016-11-14 11:32 - 2016-11-14 11:32 - 00000000 ____D C:\Users\Audrey\AppData\LocalLow\Adobe
    2016-11-14 11:16 - 2016-11-14 11:16 - 00000000 ____D C:\Users\Audrey\AppData\LocalLow\Temp
    2016-11-14 11:07 - 2016-11-14 11:02 - 00543310 _____ C:\Users\Audrey\Desktop\5 - NOTICE DESCRIPTIVE DE SECURITE AKERIA - Copie.pdf
    2016-11-14 11:02 - 2016-11-14 11:02 - 00543310 _____ C:\Users\Audrey\Desktop\5 - NOTICE DESCRIPTIVE DE SECURITE AKERIA.pdf
    2016-11-14 11:01 - 2016-11-14 11:01 - 00543310 _____ C:\Users\Audrey\Downloads\5 - NOTICE DESCRIPTIVE DE SECURITE AKERIA.pdf
    2016-11-12 00:11 - 2016-11-21 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2016-11-10 16:53 - 2016-11-10 16:53 - 00248323 _____ C:\Users\Audrey\Desktop\synthese SAFRIOUINE Linda - CABINET ADROT & LS - CABINET.ADROT.LS@ORANGE.FR.pdf
    2016-11-10 15:43 - 2016-11-10 15:43 - 00131951 _____ C:\Users\Audrey\Desktop\Synthese Laurent Malassis - ouest equipement hotelier - cpta.eco@orange.fr.pdf
    2016-11-10 12:42 - 2016-11-10 12:42 - 00000000 ____D C:\Users\Audrey\AppData\Local\Microsoft Help
    2016-11-10 12:03 - 2016-11-10 12:03 - 00327342 _____ C:\Users\Audrey\Desktop\Synthese TECHNORD FRANCE.pdf
    2016-11-10 11:50 - 2016-11-10 11:50 - 00340193 _____ C:\Users\Audrey\Desktop\SYNTHESE BARGAIN.pdf
    2016-11-10 11:04 - 2016-11-10 11:48 - 00158039 _____ C:\Users\Audrey\Desktop\6- BARGAIN NICOLE - HOTEL DU PARC - hotelduparc.md@wanadoo.fr.pdf
    2016-11-10 10:06 - 2016-11-10 10:06 - 00131951 _____ C:\Users\Audrey\Desktop\6- Corgie Patrice - MEUBLES CORGIE - patrice@corgie.fr.pdf
    2016-11-10 09:51 - 2016-11-10 09:51 - 00809741 _____ C:\Users\Audrey\Desktop\3- cerfa erp.pdf
    2016-11-10 09:48 - 2016-11-10 09:48 - 00000000 ____D C:\Users\Audrey\Documents\Modèles Office personnalisés
    2016-11-10 09:47 - 2016-11-10 09:47 - 00809741 _____ C:\Users\Audrey\Downloads\3- Jarzuel thieme Charlotte - gerard.thieme@neuf.fr.pdf
    2016-11-08 19:35 - 2015-09-29 13:40 - 00002506 _____ C:\Users\Audrey\Desktop\PowerPoint 2013.lnk
    2016-11-08 19:35 - 2015-09-29 13:40 - 00002489 _____ C:\Users\Audrey\Desktop\Word 2013.lnk
    2016-11-08 19:35 - 2015-09-29 13:40 - 00002479 _____ C:\Users\Audrey\Desktop\OneNote 2013.lnk
    2016-11-08 19:35 - 2015-09-29 13:40 - 00002479 _____ C:\Users\Audrey\Desktop\Excel 2013.lnk
    2016-11-08 19:32 - 2016-11-08 19:33 - 00000000 ____D C:\Users\Audrey\Desktop\Projet Audrey
    2016-11-08 13:30 - 2016-11-08 13:30 - 00310705 _____ C:\Users\Audrey\Desktop\synthese_1478608151 (1).pdf
    2016-11-08 11:45 - 2016-11-10 21:31 - 00113152 ___SH C:\Users\Audrey\Desktop\Thumbs.db
    2016-11-08 11:25 - 2016-11-08 11:25 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\WinRAR
    2016-11-08 11:25 - 2016-11-08 11:25 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Apple Computer
    2016-11-08 11:11 - 2016-11-08 11:11 - 00000000 ____D C:\Users\Audrey\AppData\Local\MicrosoftEdge
    2016-11-08 10:55 - 2016-11-08 10:55 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\ProductData
    2016-11-07 23:49 - 2016-11-07 23:49 - 00063600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2016-11-07 23:49 - 2016-11-07 23:49 - 00063600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2016-11-07 23:49 - 2016-11-07 23:49 - 00063600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2016-11-07 23:49 - 2016-11-07 23:49 - 00035440 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2016-11-07 18:10 - 2016-11-20 20:34 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
    2016-11-07 17:41 - 2016-11-15 19:08 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\EODOM
    2016-11-07 17:41 - 2016-11-07 17:42 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Audrey
    2016-11-07 17:36 - 2016-11-09 14:22 - 00000000 ____D C:\Users\Audrey\Desktop\Audrey_ERP
    2016-11-07 15:21 - 2016-11-07 15:21 - 00000000 ____D C:\Users\Audrey\AppData\Local\Comms
    2016-11-07 15:13 - 2016-11-07 15:13 - 01065376 _____ (Google Inc.) C:\Users\Audrey\Downloads\ChromeSetup.exe
    2016-11-07 15:12 - 2016-11-14 15:41 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Skype
    2016-11-07 15:12 - 2016-11-07 15:12 - 00000000 ____D C:\Users\Audrey\Tracing
    2016-11-07 15:10 - 2016-11-07 15:10 - 00000424 _____ C:\Users\Audrey\Desktop\Ce PC.lnk
    2016-11-07 15:07 - 2016-11-23 15:23 - 00002458 _____ C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2016-11-07 15:07 - 2016-11-23 15:23 - 00000000 ___RD C:\Users\Audrey\OneDrive
    2016-11-07 15:04 - 2016-11-07 15:05 - 00000000 ____D C:\Users\Audrey\AppData\Local\Dropbox
    2016-11-07 15:04 - 2016-11-07 15:04 - 00000000 ____D C:\Users\Audrey\AppData\Local\ActiveSync
    2016-11-07 15:03 - 2016-11-07 16:43 - 00000000 ____D C:\Users\Audrey\AppData\Local\Google
    2016-11-07 15:03 - 2016-11-07 15:12 - 00002318 _____ C:\Users\Audrey\Desktop\Chrome.lnk
    2016-11-07 15:03 - 2016-11-07 15:03 - 00000000 ____D C:\Users\Audrey\AppData\Local\Publishers
    2016-11-07 15:02 - 2016-11-23 22:31 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Adobe
    2016-11-07 15:02 - 2016-11-23 15:35 - 00000000 ____D C:\Users\Audrey\AppData\Local\Packages
    2016-11-07 15:02 - 2016-11-07 15:02 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\IObit
    2016-11-07 15:02 - 2016-11-07 15:02 - 00000000 ____D C:\Users\Audrey\AppData\Local\VirtualStore
    2016-11-07 15:02 - 2016-11-07 15:02 - 00000000 ____D C:\Users\Audrey\AppData\Local\TileDataLayer
    2016-11-07 15:02 - 2016-03-08 20:01 - 00000000 ____D C:\Users\Audrey\AppData\Roaming\Macromedia
    2016-11-02 14:25 - 2016-11-21 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-11-02 14:25 - 2016-11-20 19:41 - 00000000 ___RD C:\Program Files\Skype
    2016-11-02 14:25 - 2016-11-07 15:12 - 00002628 _____ C:\Users\Public\Desktop\Skype.lnk
    2016-11-02 14:25 - 2016-11-07 15:12 - 00000000 ____D C:\ProgramData\Skype
    2016-11-02 14:25 - 2016-11-02 14:25 - 00000000 ____D C:\Program Files\Common Files\Skype
    2016-11-02 09:39 - 2016-11-02 09:39 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-10-29 18:59 - 2016-11-21 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2016-10-29 18:58 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\iTunes
    2016-10-29 18:58 - 2016-11-20 19:41 - 00000000 ____D C:\Program Files\iPod


    ==================== Un mois - Modifiés - fichiers et dossiers ========


    (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)


    2016-11-23 22:29 - 2015-09-29 21:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab
    2016-11-23 17:40 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
    2016-11-23 16:41 - 2015-07-30 11:52 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-11-23 15:54 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-11-23 15:54 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-11-23 15:05 - 2015-09-10 17:14 - 00000000 ____D C:\AdwCleaner
    2016-11-23 15:01 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-11-23 13:51 - 2015-10-19 12:52 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-11-23 13:13 - 2015-10-19 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-11-23 12:50 - 2015-09-29 19:24 - 00000000 ____D C:\Program Files\PeerBlock
    2016-11-23 12:38 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-11-23 12:34 - 2016-07-16 18:15 - 00477288 _____ C:\WINDOWS\system32\perfh00C.dat
    2016-11-23 12:34 - 2016-07-16 18:15 - 00076450 _____ C:\WINDOWS\system32\perfc00C.dat
    2016-11-23 12:34 - 2015-09-28 17:21 - 01446522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-11-21 22:54 - 2015-10-05 14:09 - 00000000 ____D C:\Program Files\VideoLAN
    2016-11-21 17:18 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ___SD C:\WINDOWS\system32\F12
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ___SD C:\WINDOWS\system32\dsc
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\setup
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\migwiz
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\lv-LV
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\lt-LT
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\et-EE
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\es-MX
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\en-GB
    2016-11-21 17:17 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2016-11-21 17:17 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2016-11-21 17:17 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\system32\Dism
    2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ___RD C:\Program Files\Windows Defender
    2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
    2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Provisioning
    2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-11-21 17:16 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
    2016-11-21 17:14 - 2016-07-16 09:30 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
    2016-11-21 16:02 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-11-21 15:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\appcompat
    2016-11-21 02:29 - 2015-07-30 11:58 - 00000000 ___RD C:\Users\Ralek Bibi\OneDrive
    2016-11-21 02:11 - 2015-09-28 19:39 - 00407720 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2016-11-21 02:00 - 2016-07-16 09:29 - 00000000 ____D C:\ProgramData\USOPrivate
    2016-11-21 01:46 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
    2016-11-21 01:40 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows NT
    2016-11-21 01:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2016-11-21 01:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Registration
    2016-11-21 01:31 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2016-11-21 01:26 - 2015-06-11 18:35 - 00044632 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
    2016-11-21 01:19 - 2015-11-15 14:04 - 00021780 _____ C:\WINDOWS\system32\emptyregdb.dat
    2016-11-21 01:18 - 2016-07-16 09:29 - 00000000 __RHD C:\Users\Public\Libraries
    2016-11-21 01:05 - 2016-07-16 09:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-11-21 01:05 - 2016-06-29 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6200 series
    2016-11-21 01:05 - 2016-04-13 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CounterPath X-Lite
    2016-11-21 01:05 - 2016-04-04 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-11-21 01:05 - 2016-03-21 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
    2016-11-21 01:05 - 2016-03-08 20:07 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
    2016-11-21 01:05 - 2016-03-01 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-11-21 01:05 - 2016-03-01 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
    2016-11-21 01:05 - 2015-12-14 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2016-11-21 01:05 - 2015-12-14 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    2016-11-21 01:05 - 2015-11-15 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
    2016-11-21 01:05 - 2015-11-10 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2016-11-21 01:05 - 2015-10-07 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2016-11-21 01:05 - 2015-10-06 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-11-21 01:05 - 2015-10-05 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2016-11-21 01:05 - 2015-09-29 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
    2016-11-21 01:05 - 2015-09-29 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2016-11-21 01:04 - 2015-10-30 06:13 - 00000000 ____D C:\Users\Default.migrated
    2016-11-21 01:00 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\spool
    2016-11-21 01:00 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2016-11-21 00:58 - 2016-07-16 18:16 - 00000000 ____D C:\WINDOWS\OCR
    2016-11-21 00:58 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Cursors
    2016-11-21 00:58 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-11-21 00:58 - 2015-11-17 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland
    2016-11-21 00:58 - 2015-11-15 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
    2016-11-21 00:58 - 2009-07-14 10:00 - 00000000 ___RD C:\Users\Public\Recorded TV
    2016-11-21 00:50 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
    2016-11-21 00:50 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\MiracastView
    2016-11-21 00:49 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\Help
    2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\winrm
    2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\WCN
    2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\slmgr
    2016-11-21 00:31 - 2016-07-16 18:15 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
    2016-11-21 00:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2016-11-21 00:31 - 2016-07-16 03:22 - 00000000 ____D C:\WINDOWS\servicing
    2016-11-21 00:12 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\MUI
    2016-11-21 00:00 - 2015-09-11 21:58 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
    2016-11-20 23:55 - 2016-09-14 15:37 - 00001190 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2016-11-20 23:55 - 2006-11-13 09:42 - 00008192 __RSH C:\BOOTSECT.BAK
    2016-11-20 23:46 - 2016-07-16 18:44 - 00000000 ___HD C:\$WINDOWS.~BT
    2016-11-20 23:19 - 2016-03-01 14:04 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-11-20 20:34 - 2016-09-14 15:37 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2016-11-20 20:34 - 2016-03-01 14:04 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-11-20 20:31 - 2016-03-01 14:06 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-11-20 20:24 - 2015-09-21 15:21 - 00032256 ___SH C:\Users\Ralek Bibi\Desktop\Thumbs.db
    2016-11-20 20:00 - 2015-11-15 14:32 - 00000284 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_DamienG.job
    2016-11-20 19:58 - 2015-09-29 12:46 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-11-20 19:41 - 2016-10-05 13:42 - 00000000 ____D C:\Program Files\MuseScore 2
    2016-11-20 19:41 - 2016-09-14 15:37 - 00000000 ____D C:\Program Files\Dropbox
    2016-11-20 19:41 - 2016-05-07 20:14 - 00000000 ____D C:\Program Files\FFmpeg for Audacity
    2016-11-20 19:41 - 2016-05-07 20:08 - 00000000 ____D C:\Program Files\Lame For Audacity
    2016-11-20 19:41 - 2016-05-07 19:06 - 00000000 ____D C:\Program Files\Audacity
    2016-11-20 19:41 - 2016-04-13 10:15 - 00000000 ____D C:\Program Files\CounterPath
    2016-11-20 19:41 - 2016-04-04 15:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2016-11-20 19:41 - 2016-03-17 12:47 - 00000000 ____D C:\Program Files\Apple Software Update
    2016-11-20 19:41 - 2016-03-11 16:23 - 00000000 ____D C:\Program Files\AdwCleaner
    2016-11-20 19:41 - 2016-03-11 15:22 - 00000000 ____D C:\Program Files\Pianissimo
    2016-11-20 19:41 - 2016-03-01 14:04 - 00000000 ____D C:\Program Files\Google
    2016-11-20 19:41 - 2015-12-14 12:06 - 00000000 ____D C:\Program Files\QuickTime
    2016-11-20 19:41 - 2015-11-17 17:28 - 00000000 ____D C:\Program Files\Roland
    2016-11-20 19:41 - 2015-11-16 09:08 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
    2016-11-20 19:41 - 2015-11-15 18:16 - 00000000 ____D C:\Program Files\VSTPlugins
    2016-11-20 19:41 - 2015-11-15 15:53 - 00000000 ____D C:\Program Files\MAGIX
    2016-11-20 19:41 - 2015-11-15 14:32 - 00000000 ____D C:\Program Files\IObit
    2016-11-20 19:41 - 2015-11-14 13:53 - 00000000 ____D C:\Program Files\MSXML 4.0
    2016-11-20 19:41 - 2015-11-10 17:24 - 00000000 ____D C:\Program Files\AGEIA Technologies
    2016-11-20 19:41 - 2015-10-27 16:50 - 00000000 ____D C:\Program Files\WinRar Password Remover Installer
    2016-11-20 19:41 - 2015-10-16 13:44 - 00000000 ____D C:\Program Files\Noteworthy Software
    2016-11-20 19:41 - 2015-10-14 16:14 - 00000000 ____D C:\Program Files\Java
    2016-11-20 19:41 - 2015-10-07 13:22 - 00000000 ____D C:\Program Files\WinRAR
    2016-11-20 19:41 - 2015-10-07 12:57 - 00000000 ____D C:\Program Files\7-Zip
    2016-11-20 19:41 - 2015-10-06 14:23 - 00000000 ____D C:\Program Files\paint.net
    2016-11-20 19:41 - 2015-10-06 12:54 - 00000000 ____D C:\Program Files\CCleaner
    2016-11-20 19:41 - 2015-09-29 21:41 - 00000000 ____D C:\Program Files\Kaspersky Lab
    2016-11-20 19:41 - 2015-09-29 14:18 - 00000000 ____D C:\Program Files\Adobe
    2016-11-20 19:41 - 2015-09-29 14:07 - 00000000 ____D C:\Program Files\Bonjour
    2016-11-20 19:41 - 2015-09-29 13:38 - 00000000 ____D C:\Program Files\Microsoft Office
    2016-11-20 19:41 - 2015-09-29 13:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2016-11-20 19:41 - 2015-09-29 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2016-11-20 19:41 - 2015-09-28 19:24 - 00000000 ____D C:\Program Files\DriversCloud.com
    2016-11-20 16:29 - 2010-06-09 10:28 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Partitions diverses
    2016-11-16 16:19 - 2012-04-15 19:59 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Magix compo
    2016-11-16 14:23 - 2016-09-26 14:32 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\Allegro Musique
    2016-11-16 13:16 - 2015-11-15 14:32 - 00000000 ____D C:\ProgramData\ProductData
    2016-11-15 18:44 - 2015-11-15 14:32 - 00000000 ____D C:\ProgramData\IObit
    2016-11-14 11:32 - 2016-07-20 11:42 - 05610688 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
    2016-11-10 10:46 - 2015-09-28 19:38 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-11-10 10:30 - 2015-09-28 19:38 - 138444440 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-11-08 20:17 - 2010-09-07 21:43 - 00000000 ____D C:\Users\Ralek Bibi\Desktop\sounds pr IPhone
    2016-11-08 19:58 - 2016-09-14 15:42 - 00000000 ___RD C:\Users\Ralek Bibi\Dropbox
    2016-11-07 17:38 - 2014-03-30 13:24 - 00000000 ____D C:\Users\Audrey\Desktop\Audrey
    2016-11-07 08:49 - 2015-09-29 14:18 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-11-02 16:56 - 2006-11-13 09:42 - 00389408 __RSH C:\bootmgr
    2016-10-29 18:58 - 2015-09-29 14:07 - 00000000 ____D C:\Program Files\Common Files\Apple
    2016-10-29 00:56 - 2016-07-16 09:31 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2016-10-29 00:56 - 2016-07-16 09:31 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl


    Fichiers à déplacer ou supprimer:
    ====================
    C:\Users\Ralek Bibi\UNINSTALL.EXE




    ==================== Bamital & volsnap ======================


    (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


    C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
    C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
    C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
    C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
    C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
    C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
    C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
    C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
    C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
    C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement




    ATTENTION: ==> Impossible d'accéder au BCD. L'utilisateur n'est pas administrateur


    ==================== Fin de FRST.txt ============================

  6. #6
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    EDIT #2: Despite your advice and steps, I'm not able to run the RGSA software. It says :"this software cannot be run (executed) on your PC".
    Even with others OS versions compatibility.

    I will post the malwarebytes log tomorrow 24/11/16, with many issues on a first sight.


    Regards,
    ​GensoD.

  7. #7
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,310

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    It seems that my brain was slow to engage! This is Windows 10. Are you using a Microsoft Account as your Administrator account (Hotmail/Live, etc.)? If so, can you log on to that email account (Hotmail, Live, etc.)? If not, go to Outlook.com - Microsoft free personal email and follow the instructions to change the password. Even though you didn't "forget" the password, it having been changed amounts to the same thing. (Images with instructions at How-to Geek: How to Reset Your Forgotten Password in Windows 10).


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  8. #8
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Hello !

    Here is the Malwarebytes log
    :


    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software


    Date de l'analyse: 23/11/2016
    Heure de l'analyse: 23:45
    Fichier journal:
    Administrateur: Non


    Version: 2.2.1.1043
    Base de données de programmes malveillants: v2016.11.23.18
    Base de données de rootkits: v2016.11.20.01
    Licence: Gratuit
    Protection contre les programmes malveillants: Désactivé
    Protection contre les sites Web malveillants: Désactivé
    Autoprotection: Désactivé


    Système d'exploitation: Windows 10
    Processeur: x86
    Système de fichiers: NTFS
    Utilisateur: Audrey


    Type d'analyse: Analyse personnalisée
    Résultat: Terminé
    Objets analysés: 514496
    Temps écoulé: 24 h, 19 min, 37 s


    Mémoire: Activé
    Démarrage: Activé
    Système de fichiers: Activé
    Archives: Activé
    Rootkits: Activé
    Heuristique: Activé
    PUP: Activé
    PUM: Activé


    Processus: 0
    (Aucun élément malveillant détecté)


    Modules: 0
    (Aucun élément malveillant détecté)


    Clés du Registre: 1
    Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Dergesyghujase, , [f0ce2f945f3b1620752f04d7679c5aa6],


    Valeurs du Registre: 0
    (Aucun élément malveillant détecté)


    Données du Registre: 0
    (Aucun élément malveillant détecté)


    Dossiers: 1
    Adware.Elex, C:\Program Files\Tolackcebersh, , [9628a023a9f11b1beeae815a7c8730d0],


    Fichiers: 16
    Adware.Elex.Generic, C:\Program Files\Deringchederse\absegrermughtlnc.dll, , [c3fbb90a4c4e3ef8ea62865614ef4db3],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\bzkuyfptffoxggdcfgvfobzqfyczlyia.back, , [c3fb893ac7d365d1b91952c13cc57b85],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\xqrhlgbswtexhaugvrvzzolsqfxgmdmw.back, , [7b432e9563379e981db48f84669bb947],
    PUP.Optional.NoteUp, C:\AdwCleaner\Quarantine\files\dkxpzwlxnccucuqagyqsewknlwluipip\Note-up.exe, , [efcf7c4766341224855e03d53ec27a86],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdengine.dll, , [e8d62c97f7a371c5fad78e8517ea29d7],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdengine.exe, , [3f7fd3f0a3f7290d19b829ea05fc0af6],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdengine64.dll, , [912d3c87d4c60036f1e020f354ad57a9],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdenginecert.dll, , [5e6018ab4d4d0a2c4a8758bb827f5aa6],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdinstaller.exe, , [05b9cdf6d0ca1e18ad2519faef129f61],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdwfp.sys, , [546a17ac1981cd69d3ff60b3d32e629e],
    PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\files\dlkeflyhpiefcfuyajdktppqcohfduzh\zdwfp64.sys, , [7c42843faeec88ae90424ec58c75f808],
    PUP.Optional.Elex, C:\Program Files\Deringchederse\launcher_41.dll, , [229cd7ecb3e7f54146cbdfe7c63d1fe1],
    PUP.Optional.Elex.WnskRST, C:\Program Files\Deringchederse\Proxy32.dll, , [6658dfe4a7f395a13c7102d257acd32d],
    Adware.Elex.Generic, C:\Program Files\Tolackcebersh_\absegrermughtlnc.dll, , [833ba81bc0dab77fb19b9e3e43c0827e],
    PUP.Optional.Elex, C:\Program Files\Tolackcebersh_\launcher_41.dll, , [b905bf0401996bcbed24a521669dac54],
    Adware.Elex, C:\Program Files\Tolackcebersh\qaqersp.exe, , [9628a023a9f11b1beeae815a7c8730d0],


    Secteurs physiques: 0
    (Aucun élément malveillant détecté)




    (end)

  9. #9
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Hi again,

    My administrator user account is local, not a Microsoft one. (It was a Microsoft account at the begining but I changed it into a local admin).

    So, I tried the instructions at How-to Geek: How to Reset Your Forgotten Password in Windows 10, but the step "create a new user to save account files" is unsuccessful for now (First, start by booting your Windows 10 installation into the setup by changing the boot order in your BIOS to take priority with the CD, or use the ISO as a startup disk instead. Once the setup begins, hit Shift+F10).
    I have not a CD or ISO to startup my laptop.
    My hard drive has a partition win10 and Ubuntu.

    Help...

  10. #10
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,310

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Your issue does not appear to be a result of an infection. Looking over your two previous requests for assistance, I suggest you use the Windows10 x64 ISO that you indicated you have and follow the instructions in the Hot-To Geek article to create a new Admin account and remove the account you lost access to. Based on the history ([SOLVED] Windows 10 issue (error : 0x800f081f) and [SOLVED] Windows 10 issues), I suggest you maintain a good offline backup, particularly of any important, irreplaceable documents.
    GensoD says thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  11. #11
    GensoD's Avatar
    Join Date
    Sep 2015
    Location
    France
    Posts
    51

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Hi !

    I resolved the issue thanks to a microsoft's tool named "DaRT" (Microsoft Diagnostics and Recovery Toolset).

    I downloaded the *.iso file of it (you can choose between x64 or x86 version, depends of your OS of course), and, thanks to DaemonTool, I could mount the file and then put it (copy and past all the files) in an USB key.

    After that, I rebooted Windows(10) by the USB key ; to make sure you reboot on USB device, don't forget to go in the Boot Menu (just hit F12 or ESC key when your system is rebooting, depends of your PC brand) and change the Boot sequence.

    And follow the steps.

    Here is a link of the *.iso file of DaRT and all the steps you have to do. It's a french web site. (I guess you can find an equivalent tuto in english)

    Microsoft Diagnostics and Recovery Toolset (DaRT) | malekal's site


    ps: here is the thread I opened after being here.
    Need Help and Advice with a problem with administrator account connexion

    Thanks for the help !


    Regards,
    GensoD.

  12. #12
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,310

    Re: Win10 : administrator's account impossible to connect (viruses, hacked, trojans??

    Since you had previously downloaded the *.iso, you were half-way there. :) Glad all is well now.
    GensoD says thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

Similar Threads

  1. Enable/ Disable the Hidden Administrator User Account (Windows 8.1 / 8 / 7 / Vista)
    By jcgriff2 in forum Windows 7 | Windows Vista Tutorials
    Replies: 4
    Last Post: 01-22-2014, 12:49 AM
  2. Enable/ Disable the Hidden Administrator User Account (Windows 8.1 / 8)
    By jcgriff2 in forum Windows 8 | Windows RT Tutorials
    Replies: 0
    Last Post: 03-23-2013, 02:22 AM
  3. Gizmodo sees Twitter account hacked
    By JMH in forum Social Media News
    Replies: 1
    Last Post: 08-05-2012, 08:45 PM

Log in

Log in