Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2022
Exécuté par Admin (administrateur) sur DESKTOP-SLSOEUS (ASUS System Product Name) (30-10-2022 06:08:41)
Exécuté depuis C:\Users\Admin\Desktop
Profils chargés: Admin
Plate-forme: Microsoft Windows 11 Pro Version 22H2 22621.755 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ACD Systems International Inc. -> ) [Fichier non signé] C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\ACDSeeCommanderUltimate16.exe
(Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\RocketDock\RocketDock.exe
(explorer.exe ->) (IP Izmaylov Artem Andreevich -> AIMP DevTeam) C:\Program Files\AIMP\AIMP.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3496424 2022-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [ACUW16FR] => C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\acdIDInTouch2.exe [3495472 2022-10-30] (ACD Systems International Inc. -> ACD Systems International Inc.) [Fichier non signé]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:maps;cortana-moredetails;cortana-language;cortana-notifications;cortana-permissions;cortana;cortana-talktocortana;holographic-audio
HKLM\...\Policies\Explorer: [AllowOnlineTips] 0
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [] => [X]
HKU\S-1-5-19\...\RunOnce: [Edge_DisableAskMeWhatToDoWithEachDownload] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Download" /F /V "EnableSavePrompt" /T R (l'élément de données a 22 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisableBlockPopup] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows" /F /V "PopupMgr" /T REG_SZ (l'élément de données a 8 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisableCortanaAssistant] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI" /F /V "EnableCortana" /T REG (l'élément de données a 20 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisablePagePrediction] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" /F /V "FPEnabled" /T REG_DWO (l'élément de données a 16 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisableSmartScreen] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /F /V "EnabledV9" /T RE (l'élément de données a 21 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_EnableSendDoNotTrackRequests] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "DoNotTrack" /T REG_DWORD / (l'élément de données a 12 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_ShowFavoritesBar] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LinksBar" /F /V "Enabled" /T REG_DWORD (l'élément de données a 13 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_UseDarkTheme] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "Theme" /T REG_DWORD /D "00 (l'élément de données a 7 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [UseDarkTheme_Apps] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "AppsUseLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [UseDarkTheme_System] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "SystemUsesLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Explorer_Privacy_WebsiteIDAccess_Disable] => REG ADD "HKCU\Control Panel\International\User Profile" /F /V "HttpAcceptLanguageOptOut" /T REG_DWORD /D "00000001" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [] => [X]
HKU\S-1-5-20\...\RunOnce: [Edge_DisableAskMeWhatToDoWithEachDownload] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Download" /F /V "EnableSavePrompt" /T R (l'élément de données a 22 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisableBlockPopup] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows" /F /V "PopupMgr" /T REG_SZ (l'élément de données a 8 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisableCortanaAssistant] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI" /F /V "EnableCortana" /T REG (l'élément de données a 20 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisablePagePrediction] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" /F /V "FPEnabled" /T REG_DWO (l'élément de données a 16 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisableSmartScreen] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /F /V "EnabledV9" /T RE (l'élément de données a 21 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_EnableSendDoNotTrackRequests] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "DoNotTrack" /T REG_DWORD / (l'élément de données a 12 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_ShowFavoritesBar] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LinksBar" /F /V "Enabled" /T REG_DWORD (l'élément de données a 13 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_UseDarkTheme] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "Theme" /T REG_DWORD /D "00 (l'élément de données a 7 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [UseDarkTheme_Apps] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "AppsUseLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [UseDarkTheme_System] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "SystemUsesLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Explorer_Privacy_WebsiteIDAccess_Disable] => REG ADD "HKCU\Control Panel\International\User Profile" /F /V "HttpAcceptLanguageOptOut" /T REG_DWORD /D "00000001" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Fichier non signé]
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Run: [ACDSeeCommanderUltimate16] => C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\ACDSeeCommanderUltimate16.exe [8188512 2022-10-30] (ACD Systems International Inc. -> ) [Fichier non signé]
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\MarineAquarium3.scr [7250944 2020-10-12] (SereneScreen) [Fichier non signé]
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [43520 2017-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-09-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\us005 Langmon: C:\Windows\system32\us005lm.dll [22528 2017-06-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us016 Langmon: C:\Windows\system32\us016lm.dll [40744 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> )
AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2022-10-12] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-816588136-875710598-2891341866-1000\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> Pas de fichier <==== ATTENTION
Task: {094E7D25-B68C-48EC-9E31-295B12216EF1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {20931B38-947C-49F6-9529-D18EE9635E51} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" n'a pas pu être déverrouillé. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {37261BE4-BF71-41B9-9259-856EFE84EF23} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055840 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AA6B52E-0528-4C0F-8AD1-56CE9E3F0949} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [738816 2022-05-23] () [Fichier non signé]
Task: {4738DE7A-BCC1-4E2D-B1B0-CADB044BFA81} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> Pas de fichier <==== ATTENTION
Task: {6FAC31FA-4A85-4E64-BFD5-2154FF4594B3} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> Pas de fichier <==== ATTENTION
Task: {977EA608-6942-4E45-B217-87C67E26F229} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-08-26] () [Fichier non signé]
Task: {9859F362-CC09-4E45-AF51-E994A92F733E} - System32\Tasks\R@1n\Office 21 ProPlus => wmic path SoftwareLicensingProduct where (ID="fbdb3e18-a8ef-4fb3-9183-dffd60bd0984") call Activate
Task: {9BFD5B3A-3AE7-48D5-A588-E32B5E2161EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055840 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\Windows\system32\CloudRestoreLauncher.dll [245760 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DD0ABB37-DCE2-445E-B92F-2C538E7EDFEB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\Windows\system32\SecureBootEncodeUEFI.exe [94208 2022-10-30] (Microsoft Windows -> )
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe (Pas de fichier)
Task: {EC9D60D7-1B32-44BF-927F-850C03F7080B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2E5B899-5898-48A6-A415-933C72D7ED6F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB934888-0201-4896-90C1-7AD00228B1B8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{bac2a043-b908-4356-9cbd-f637d653bf32}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{bac2a043-b908-4356-9cbd-f637d653bf32}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 0qe11bz2.default
FF DefaultProfile: 0yke827s.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default [2022-10-30]
FF Extension: (Dictionnaire français) - C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2022-10-12] []
FF Extension: (Cloud Service Providers for Postbox) - C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default\Extensions\pbfilelink@postbox-inc.com.xpi [2022-10-12] [] [non signé]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0yke827s.default [2022-10-12]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release [2022-10-30]
FF DownloadDir: L:\Toto + Disque I toto
FF Homepage: Mozilla\Firefox\Profiles\yees70hb.default-release -> hxxps://www.dealabs.com/nouveaux
FF Extension: (AdBlocker Ultimate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-10-12]
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-10-12]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-10-12]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2022-10-12] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9191816 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\Windows\system32\dcsvc.dll [806912 2022-10-30] (Microsoft Windows -> Microsoft Corporation)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [224680 2021-09-21] (DTS, Inc. -> DTS Inc.)
S3 InventorySvc; C:\Windows\system32\inventorysvc.dll [304480 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_4644c24027cfb2ed\RstMwService.exe [3901454 2022-10-30] () [Fichier non signé]
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 2018-06-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-02-07] (Samsung Electronics CO., LTD. -> )
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SgrmBroker; C:\Windows\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [193776 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [830503 2022-05-13] (DEVGURU Co., LTD.) [Fichier non signé]
S2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [999047 2022-05-13] (DEVGURU Co., LTD.) [Fichier non signé]
R3 TextInputManagementService; C:\Windows\System32\TabSvc.dll [266240 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658224 2021-08-26] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
S2 wuauserv; C:\Windows\system32\wuauserv.dll [137544 2022-10-30] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 bfs; C:\Windows\system32\drivers\bfs.sys [91480 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-06] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [165104 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 e2f68; C:\Windows\System32\drivers\e2f68.sys [526184 2021-01-20] (INTELEPGSW2022 -> Intel Corporation)
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_0f2d4ef9c63375f3\e2f.sys [527000 2022-10-30] (Intel Corporation -> Intel Corporation)
S3 e2fnexpress; C:\Windows\System32\DriverStore\FileRepository\e2fn.inf_amd64_c241fd785011b775\e2fn.sys [1364096 2022-10-12] (Intel Corporation -> Intel Corporation)
R3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29936 2022-10-30] (WDKTestCert v.kurilovich,130838452094803308 -> Evoluent)
S0 GenPass; C:\Windows\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R0 hswultpep; C:\Windows\System32\drivers\hswultpep.sys [62968 2022-10-30] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-23] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1ebed6f33a1c1014\iaLPSS2_I2C_ADL.sys [210600 2022-06-23] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1605296 2022-10-30] (Intel Corporation -> Intel Corporation)
S0 pvscsi; C:\Windows\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 RoutePolicy; C:\Windows\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [171768 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [48368 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [48536 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [438544 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [90384 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2022-10-12] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
R2 wtd; C:\Windows\System32\drivers\wtd.sys [118784 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
U4 DcpSvc; pas de ImagePath
U4 HomeGroupListener; pas de ImagePath
U4 HomeGroupProvider; pas de ImagePath
U4 xbgm; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-30 06:08 - 2022-10-30 06:08 - 000030024 _____ C:\Users\Admin\Desktop\FRST.txt
2022-10-30 06:08 - 2022-10-30 06:08 - 000000000 ____D C:\FRST
2022-10-30 06:08 - 2022-10-30 06:07 - 002374144 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2022-10-30 04:47 - 2022-10-30 04:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Wise Care 365
2022-10-30 04:32 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2022-10-30 04:32 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Local\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\Apple
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Program Files\ACD Systems
2022-10-30 04:29 - 2022-10-30 04:35 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-30 04:29 - 2022-10-30 04:35 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-30 04:15 - 2022-10-30 04:15 - 000806446 _____ C:\Windows\system32\perfh00C.dat
2022-10-30 04:15 - 2022-10-30 04:15 - 000156284 _____ C:\Windows\system32\perfc00C.dat
2022-10-30 04:09 - 2022-10-30 04:09 - 000062968 _____ (Intel Corporation) C:\Windows\system32\Drivers\hswultpep.sys
2022-10-30 02:53 - 2022-10-30 02:53 - 000000000 ___DL C:\Users\Admin\AppData\Roaming\brave
2022-10-30 02:16 - 2022-10-30 02:16 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-10-30 02:15 - 2022-10-30 02:15 - 015220312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 012541528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 007588408 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 006458416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 005907576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 005769856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 005429352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 003102320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 002246752 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001968496 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001968496 _____ C:\Windows\system32\vulkaninfo.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001653384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001525104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001525104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001523304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001472600 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001432944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001432944 _____ C:\Windows\system32\vulkan-1.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001261688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001214048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001186424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001146208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001146208 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000988296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000872056 _____ C:\Windows\system32\nvofapi64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000854168 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 000823400 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000709736 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 000694408 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000457848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 000095254 _____ C:\Windows\system32\nvinfo.pb
2022-10-30 02:14 - 2022-10-30 02:14 - 000129000 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2022-10-30 02:14 - 2022-10-30 02:14 - 000041984 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2022-10-30 02:13 - 2022-10-30 02:13 - 003901503 _____ C:\Windows\system32\RstMwEventLogMsg.dll
2022-10-30 02:13 - 2022-10-30 02:13 - 001605296 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorVD.sys
2022-10-30 02:13 - 2022-10-30 02:13 - 000029936 _____ (Evoluent) C:\Windows\system32\Drivers\EvoMouseDriverFilterHidUsb.sys
2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IObit
2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\ProgramData\IObit
2022-10-30 01:11 - 2022-10-30 01:11 - 000000000 ____D C:\Windows\system32\appraiser
2022-10-30 01:09 - 2022-10-30 01:09 - 000094208 _____ C:\Windows\system32\SecureBootEncodeUEFI.exe
2022-10-30 01:09 - 2022-10-30 01:09 - 000062832 _____ C:\Windows\system32\AppInstallerBackgroundUpdate.exe
2022-10-30 01:09 - 2022-10-30 01:09 - 000016521 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-10-30 01:05 - 2022-10-30 02:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-30 01:02 - 2022-10-30 04:10 - 000000000 ____D C:\Users\Admin\AppData\Local\LogiBolt
2022-10-23 12:17 - 2022-10-23 12:17 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2022-10-23 12:17 - 2022-10-23 12:17 - 000002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-23 12:16 - 2022-10-23 12:16 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WiseUpdate
2022-10-23 12:15 - 2022-10-23 12:15 - 000002216 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-23 12:15 - 2021-11-17 14:50 - 000038400 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2022-10-12 17:59 - 2022-10-30 05:11 - 000000000 ____D C:\Program Files (x86)\Postbox
2022-10-12 17:59 - 2022-10-23 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postbox
2022-10-12 17:59 - 2022-10-12 18:00 - 000000000 ____D C:\Users\Admin\AppData\Local\PostboxApp
2022-10-12 17:59 - 2022-10-12 17:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\PostboxApp
2022-10-12 17:58 - 2022-10-12 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2022-10-12 17:58 - 2022-10-12 17:58 - 000000000 ____D C:\Program Files (x86)\Auslogics
2022-10-12 17:57 - 2022-10-30 04:27 - 000000000 __SHD C:\ProgramData\Synaptics
2022-10-12 17:57 - 2022-10-12 17:57 - 000000000 ____D C:\ProgramData\Auslogics
2022-10-12 17:53 - 2022-10-12 17:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\MahJong Suite
2022-10-12 17:53 - 2022-10-12 17:55 - 000000000 ____D C:\Program Files (x86)\MahJong Suite
2022-10-12 17:53 - 2022-10-12 17:53 - 000001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite.lnk
2022-10-12 17:53 - 2022-10-12 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite
2022-10-12 17:46 - 2022-10-12 17:46 - 000000000 ____D C:\Program Files (x86)\Wise
2022-10-12 17:43 - 2022-10-12 17:53 - 000000000 ____D C:\ProgramData\TreeCardGames
2022-10-12 17:43 - 2022-10-12 17:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\SolSuite
2022-10-12 17:43 - 2022-10-12 17:43 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk
2022-10-12 17:43 - 2022-10-12 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
2022-10-12 17:43 - 2022-10-12 17:43 - 000000000 ____D C:\Program Files (x86)\SolSuite
2022-10-12 17:41 - 2022-10-23 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools.net Premium
2022-10-12 17:41 - 2022-10-12 17:41 - 000000000 ____D C:\Program Files (x86)\WinTools Software
2022-10-12 17:38 - 2022-10-12 17:38 - 000000000 ____D C:\Users\URET TEAM
2022-10-12 17:37 - 2022-10-23 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\Users\Admin\AppData\Local\VS Revo Group
2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\ProgramData\VS Revo Group
2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\Program Files\VS Revo Group
2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Marine Aquarium 3
2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SereneScreen
2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\Program Files (x86)\SereneScreen
2022-10-12 17:35 - 2020-10-12 23:57 - 007250944 _____ (SereneScreen) C:\Windows\SysWOW64\MarineAquarium3.scr
2022-10-12 17:35 - 2020-10-12 23:57 - 007250944 _____ (SereneScreen) C:\Windows\system32\MarineAquarium3.scr
2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\NVIDIA
2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2022-10-12 17:33 - 2022-10-12 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2022-10-12 17:33 - 2022-10-12 17:33 - 000000000 ____D C:\Program Files\Core Temp
2022-10-12 17:32 - 2022-10-12 17:34 - 000000000 ____D C:\ProgramData\Adobe
2022-10-12 17:32 - 2022-10-12 17:32 - 000003300 _____ C:\Windows\system32\Tasks\klcp_update
2022-10-12 17:32 - 2022-10-12 17:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-10-12 17:32 - 2022-10-12 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-10-12 17:32 - 2019-12-28 02:00 - 000784384 _____ C:\Windows\system32\xvidcore.dll
2022-10-12 17:32 - 2019-12-28 02:00 - 000681984 _____ C:\Windows\SysWOW64\xvidcore.dll
2022-10-12 17:32 - 2019-12-28 02:00 - 000310784 _____ C:\Windows\system32\xvidvfw.dll
2022-10-12 17:32 - 2019-12-28 02:00 - 000284160 _____ C:\Windows\SysWOW64\xvidvfw.dll
2022-10-12 17:32 - 2017-07-30 03:50 - 003850240 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2022-10-12 17:32 - 2017-07-30 03:50 - 003799552 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2022-10-12 17:32 - 2015-10-24 09:00 - 000112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2022-10-12 17:32 - 2015-02-25 09:27 - 000473088 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2022-10-12 17:32 - 2012-07-21 03:55 - 000180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2022-10-12 17:32 - 2012-07-21 03:54 - 000122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2022-10-12 17:32 - 2012-05-21 14:48 - 000000415 _____ C:\Windows\SysWOW64\lame_acm.xml
2022-10-12 17:32 - 2011-12-07 10:37 - 000148992 _____ ( ) C:\Windows\system32\lagarith.dll
2022-10-12 17:32 - 2011-12-07 10:32 - 000216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2022-10-12 17:32 - 2005-01-21 16:53 - 000055296 _____ C:\Windows\system32\huffyuv.dll
2022-10-12 17:32 - 2004-05-18 11:16 - 000039936 _____ (Disappearing Inc.) C:\Windows\SysWOW64\huffyuv.dll
2022-10-12 17:31 - 2022-10-12 17:32 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-10-12 17:24 - 2022-10-30 04:31 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-10-12 17:24 - 2022-10-30 02:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-12 17:24 - 2022-10-30 01:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-12 17:24 - 2022-10-12 17:24 - 000000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2022-10-12 17:22 - 2022-10-30 06:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AIMP
2022-10-12 17:22 - 2022-10-12 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2022-10-12 17:22 - 2022-10-12 17:22 - 000000000 ____D C:\Program Files\AIMP
2022-10-12 17:18 - 2022-10-12 17:18 - 000000000 ____D C:\Users\Admin\AppData\Local\DBG
2022-10-12 17:01 - 2022-10-12 17:01 - 051981582 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2022-10-12 17:01 - 2022-10-12 17:01 - 006304560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2022-10-12 17:01 - 2022-10-12 17:01 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000000000 ____D C:\Program Files (x86)\OpenAL
2022-10-12 17:01 - 2022-10-12 17:01 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Windows\IObit
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IObit_backup
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IObit_backup
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\Local\IObit
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\ProgramData\ProductData_backup
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\ProgramData\IObit_backup
2022-10-12 16:55 - 2022-10-30 05:04 - 000000000 ____D C:\ProgramData\Intel
2022-10-12 16:55 - 2022-10-12 17:06 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-12 16:54 - 2022-10-30 05:04 - 000000000 ____D C:\Users\Admin\Intel
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\Program Files (x86)\Intel
2022-10-12 16:44 - 2022-10-12 16:44 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms
2022-10-12 16:43 - 2022-10-12 16:43 - 000000000 ____D C:\Users\Admin\AppData\Local\OO Software
2022-10-12 16:42 - 2022-10-12 16:42 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Users\Public\Documents\Logishrd
2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Program Files\Common Files\LogiShrd
2022-10-12 16:39 - 2022-10-12 16:39 - 000000000 ____D C:\Windows\system32\DTS
2022-10-12 16:36 - 2022-10-12 16:36 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-12 16:36 - 2022-10-12 16:36 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-10-12 16:36 - 2021-09-29 11:41 - 000276832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2022-10-12 16:36 - 2021-09-29 11:41 - 000231280 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2022-10-12 16:36 - 2021-05-16 18:50 - 002875968 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2022-10-12 16:33 - 2022-10-12 17:48 - 000033864 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ADBDriverInstaller
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Program Files\DIFX
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
2022-10-12 16:28 - 2022-10-12 16:29 - 000000000 ____D C:\adb
2022-10-12 16:28 - 2022-10-12 16:28 - 000000000 ____D C:\Windows\system32\Samsung
2022-10-12 16:28 - 2022-10-12 16:28 - 000000000 ____D C:\Program Files\Samsung
2022-10-12 16:28 - 2022-05-13 00:06 - 000171768 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2022-10-12 16:28 - 2022-05-13 00:06 - 000165104 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-10-12 16:28 - 2022-05-13 00:06 - 000069120 _____ (Nokia) C:\Windows\system32\nmwcdclsx64.dll
2022-10-12 16:28 - 2022-05-13 00:06 - 000048368 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ss_conn_usb_driver2.sys
2022-10-12 16:25 - 2022-10-12 16:25 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-10-12 16:23 - 2022-10-30 03:05 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-10-12 16:23 - 2022-10-12 17:32 - 000000000 ____D C:\Program Files\Adobe
2022-10-12 16:23 - 2022-10-12 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2022-10-12 16:23 - 2022-10-12 16:23 - 000003510 _____ C:\Windows\system32\Tasks\EPM Preload
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\Documents\Scan
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Deployment
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2022-10-12 16:23 - 2018-08-28 14:25 - 000018636 ____N C:\Windows\SysWOW64\spddata.xml
2022-10-12 16:23 - 2018-06-24 10:38 - 000508488 ____N C:\Windows\SysWOW64\spdsvc.exe
2022-10-12 16:22 - 2022-10-12 16:42 - 000000000 ____D C:\Program Files\Logitech
2022-10-12 16:22 - 2017-06-14 14:57 - 000236295 _____ C:\Windows\system32\us005ci.exe
2022-10-12 16:22 - 2017-06-14 14:57 - 000089600 _____ (SS) C:\Windows\system32\us005ci.dll
2022-10-12 16:22 - 2017-06-14 14:57 - 000022528 _____ () C:\Windows\system32\us005lm.dll
2022-10-12 16:21 - 2022-10-12 16:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2022-10-12 16:21 - 2022-10-12 16:21 - 000000000 ____D C:\ProgramData\SSScan
2022-10-12 16:21 - 2022-02-23 20:08 - 000364416 _____ (Samsung Electronics) C:\Windows\system32\SnWIAMUI.dll
2022-10-12 16:21 - 2022-02-23 20:08 - 000261552 _____ (TODO:) C:\Windows\system32\SnAMPV.dll
2022-10-12 16:21 - 2022-02-23 20:08 - 000175288 _____ C:\Windows\wiainst64.exe
2022-10-12 16:21 - 2021-04-01 07:25 - 000014224 ____N (HP Inc) C:\Windows\system32\Drivers\SSPORT.SYS
2022-10-12 16:21 - 2016-11-21 17:11 - 000131580 _____ C:\Windows\system32\WIAEXSTR.loc
2022-10-12 16:21 - 2016-11-21 17:09 - 000586752 _____ C:\Windows\system32\SNWIAUI.dll
2022-10-12 16:21 - 2016-11-21 17:06 - 000756736 _____ C:\Windows\system32\SnMinDrv.dll
2022-10-12 16:21 - 2016-11-21 17:06 - 000155136 _____ C:\Windows\system32\SnImgFlt.dll
2022-10-12 16:21 - 2016-11-21 17:05 - 000068096 _____ C:\Windows\system32\SnErHdlr.dll
2022-10-12 16:21 - 2016-11-21 16:57 - 000420352 _____ C:\Windows\system32\SaMinDrv.dll
2022-10-12 16:21 - 2016-11-21 16:56 - 000151040 _____ C:\Windows\system32\SaImgFlt.dll
2022-10-12 16:21 - 2016-11-21 16:55 - 000068096 _____ C:\Windows\system32\SaErHdlr.dll
2022-10-12 16:21 - 2016-07-20 12:15 - 000169472 ____N C:\Windows\system32\StatusMessage.dll
2022-10-12 16:21 - 2016-07-20 12:15 - 000124928 ____N C:\Windows\SysWOW64\StatusMessage.dll
2022-10-12 16:21 - 2015-02-07 05:58 - 000143664 ____N C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2022-10-12 16:21 - 2015-02-07 05:58 - 000143664 ____N C:\Windows\system32\SecUPDUtilSvc.exe
2022-10-12 16:20 - 2022-10-12 16:28 - 000000000 ____D C:\ProgramData\Samsung
2022-10-12 16:20 - 2022-10-12 16:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2022-10-12 16:20 - 2022-10-12 16:23 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-10-12 16:20 - 2022-02-23 19:06 - 000251776 _____ C:\Windows\system32\SBuySupplies.exe
2022-10-12 16:20 - 2022-02-23 19:06 - 000184168 _____ C:\Windows\system32\us016ci.exe
2022-10-12 16:20 - 2022-02-23 19:06 - 000040744 _____ () C:\Windows\system32\us016lm.dll
2022-10-12 16:20 - 2022-02-23 19:05 - 000106776 _____ (SS) C:\Windows\system32\us016ci.dll
2022-10-12 16:20 - 2018-06-24 10:38 - 002095688 ____N C:\Windows\SysWOW64\DlgSearchEngine.dll
2022-10-12 16:20 - 2016-08-10 04:07 - 002847744 ____N C:\Windows\system32\DlgSearchEngine.dll
2022-10-12 16:14 - 2022-10-12 16:40 - 000000000 ____D C:\Program Files (x86)\RocketDock
2022-10-12 16:14 - 2022-10-12 16:14 - 000000000 ____D C:\Windows\Firmware
2022-10-12 16:14 - 2022-10-12 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2022-10-12 16:12 - 2022-10-12 16:12 - 000351124 _____ C:\Windows\system32\perfi00C.dat
2022-10-12 16:12 - 2022-10-12 16:12 - 000040728 _____ C:\Windows\system32\perfd00C.dat
2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\SysWOW64\fr
2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\system32\fr
2022-10-12 16:10 - 2022-10-12 16:40 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2022-10-12 16:07 - 2022-10-12 16:07 - 000019968 _____ C:\Windows\system32\SppExtComObjHook.dll
2022-10-12 16:07 - 2022-10-12 16:07 - 000000000 ____D C:\Windows\system32\Tasks\R@1n
2022-10-12 16:07 - 2022-10-12 16:07 - 000000000 ____D C:\Users\Admin\AppData\Local\mpress
2022-10-12 16:04 - 2022-10-12 16:12 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-12 16:04 - 2022-10-12 16:04 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-10-12 16:04 - 2022-10-12 16:04 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-10-12 16:04 - 2022-10-12 16:04 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Users\FC Portables
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-10-12 16:03 - 2022-10-30 01:02 - 000000000 ____D C:\ProgramData\Logishrd
2022-10-12 16:03 - 2022-10-23 12:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2022-10-12 16:03 - 2022-10-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-10-12 16:03 - 2022-10-12 16:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CEF
2022-10-12 16:03 - 2022-10-12 16:03 - 000000000 ____D C:\Program Files\Logi
2022-10-12 16:02 - 2022-10-30 04:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-12 16:02 - 2022-10-12 16:56 - 000000000 ____D C:\Program Files\Intel
2022-10-12 16:02 - 2022-10-12 16:04 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Windows\CSC
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-12 16:02 - 2022-07-19 17:26 - 000000936 ____N C:\Windows\system32\SetupBD.din
2022-10-12 16:02 - 2021-06-07 19:27 - 000433912 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2022-10-12 16:01 - 2022-10-12 16:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR
2022-10-12 16:01 - 2022-10-12 16:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-12 15:58 - 2022-10-12 15:59 - 000000000 ____D C:\Program Files\WinRAR
2022-10-12 15:58 - 2022-10-12 15:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-12 15:58 - 2022-10-12 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-12 15:56 - 2022-10-12 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-10-12 15:56 - 2022-10-12 15:56 - 000000000 ____D C:\Program Files\7-Zip
2022-10-12 15:52 - 2022-10-12 15:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-10-11 22:10 - 2022-10-11 22:10 - 000000000 ____D C:\ProgramData\WinaeroTweaker
2022-10-11 22:07 - 2022-10-30 04:15 - 001803994 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-11 22:03 - 2022-10-30 04:34 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2022-10-11 22:03 - 2022-10-30 03:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2022-10-11 22:03 - 2022-10-30 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2022-10-11 22:03 - 2022-10-12 16:54 - 000000000 ____D C:\Users\Admin
2022-10-11 22:03 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\Packages
2022-10-11 22:03 - 2022-10-11 22:03 - 000000020 ___SH C:\Users\Admin\ntuser.ini
2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 _SHDL C:\Documents and Settings
2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2022-10-11 22:03 - 2022-05-06 22:19 - 000001281 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-10-11 22:03 - 2022-05-06 22:19 - 000000407 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-10-11 22:02 - 2022-10-30 04:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-11 22:02 - 2022-10-11 22:02 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-11 22:02 - 2022-10-11 22:02 - 000000000 ____D C:\Windows\system32\config\BFS
2022-10-11 22:01 - 2022-10-30 04:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-11 22:01 - 2022-10-11 22:01 - 000000000 ____D C:\Windows\ServiceProfiles
2022-10-11 21:59 - 2022-10-11 21:59 - 000000000 ____D C:\Users\Admin\AppData\Local\PeerDistRepub
2022-10-11 21:49 - 2022-10-11 21:50 - 000000180 _____ C:\Users\Admin\Documents\systemtransparency.ini
2022-10-11 21:49 - 2022-10-11 21:49 - 000000000 ____D C:\Program Files (x86)\Clear
2022-10-11 17:56 - 2022-10-30 04:10 - 100925440 _____ C:\Windows\system32\config\SOFTWARE
2022-10-11 17:56 - 2022-10-30 04:10 - 014942208 _____ C:\Windows\system32\config\SYSTEM
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files\MSBuild
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-10-11 17:52 - 2022-10-11 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
2022-10-11 17:52 - 2022-10-11 21:35 - 000000000 ____D C:\ProgramData\PhoenixOS
2022-10-11 17:52 - 2022-04-12 13:57 - 000043254 _____ C:\Windows\system32\OEM.bmp
2022-10-11 17:45 - 2022-10-11 17:45 - 002088728 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000180224 _____ C:\Windows\system32\stordiag.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000157008 _____ C:\Windows\system32\HvsiManagementApi.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000133120 _____ C:\Windows\SysWOW64\stordiag.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000105312 _____ C:\Windows\SysWOW64\HvsiManagementApi.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000098304 _____ C:\Windows\system32\dplcsp.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000055144 _____ C:\Windows\system32\SFAPE.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000046888 _____ C:\Windows\system32\wow64base.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 002575632 _____ (The ICU Project) C:\Windows\system32\icu.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 000327680 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 000296448 _____ C:\Windows\system32\CloudIdWxhExtension.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 000192512 _____ C:\Windows\system32\CloudExperienceHostRedirection.dll
2022-10-11 15:23 - 2022-10-30 01:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-11 15:23 - 2022-10-12 16:12 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2022-10-11 15:23 - 2022-10-11 17:48 - 000000000 ___SD C:\Windows\system32\AppV
2022-10-11 15:23 - 2022-10-11 15:23 - 000000000 ____D C:\Windows\RemotePackages
2022-10-11 15:23 - 2022-10-11 15:23 - 000000000 ____D C:\Windows\InboxApps
2022-10-11 15:23 - 2022-05-06 22:21 - 000024935 _____ C:\Windows\Professional.xml
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-30 05:05 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemTemp
2022-10-30 05:05 - 2022-05-06 22:22 - 000000000 ____D C:\Windows\INF
2022-10-30 04:29 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-30 04:27 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-30 04:27 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-30 04:10 - 2022-05-06 22:17 - 000131072 _____ C:\Windows\system32\config\BBI
2022-10-30 04:09 - 2022-05-06 22:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-30 04:09 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\AppReadiness
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\UUS
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\InputMethod
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\IME
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemResources
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemApps
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Sgrm
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\InputMethod
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\IME
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\DDFs
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ShellExperiences
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ShellComponents
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Performance
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\IME
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\bcastdvr
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\appcompat
2022-10-30 01:10 - 2022-05-06 22:17 - 000000000 ____D C:\Windows\CbsTemp
2022-10-30 01:08 - 2022-05-06 22:17 - 000000000 ____D C:\Windows\servicing
2022-10-12 17:04 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Help
2022-10-12 16:52 - 2022-05-06 22:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2022-10-12 16:42 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-10-12 16:12 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-12 16:12 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\winrm
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\WCN
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\winrm
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\WCN
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\slmgr
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\F12
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\dsc
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\MUI
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\Com
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Sysprep
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\oobe
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\MUI
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\migwiz
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Dism
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Com
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\OCR
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-12 16:02 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\spool
2022-10-12 15:54 - 2022-05-06 22:28 - 000000000 ____D C:\Windows\Setup
2022-10-11 22:17 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-11 22:06 - 2022-05-06 22:24 - 000000000 ___RD C:\Windows\PrintDialog
2022-10-11 22:03 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-10-11 22:02 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ServiceState
2022-10-11 22:02 - 2022-05-06 22:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-10-11 17:56 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\InputMethod
2022-10-11 17:56 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Cursors
2022-10-11 17:55 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Resources
2022-10-11 17:52 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Web
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\UNP
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\setup
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Provisioning
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Globalization
2022-10-11 15:23 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\security
2022-10-11 15:23 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\schemas
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Admin (administrateur) sur DESKTOP-SLSOEUS (ASUS System Product Name) (30-10-2022 06:08:41)
Exécuté depuis C:\Users\Admin\Desktop
Profils chargés: Admin
Plate-forme: Microsoft Windows 11 Pro Version 22H2 22621.755 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ACD Systems International Inc. -> ) [Fichier non signé] C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\ACDSeeCommanderUltimate16.exe
(Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\RocketDock\RocketDock.exe
(explorer.exe ->) (IP Izmaylov Artem Andreevich -> AIMP DevTeam) C:\Program Files\AIMP\AIMP.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3496424 2022-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [ACUW16FR] => C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\acdIDInTouch2.exe [3495472 2022-10-30] (ACD Systems International Inc. -> ACD Systems International Inc.) [Fichier non signé]
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:maps;cortana-moredetails;cortana-language;cortana-notifications;cortana-permissions;cortana;cortana-talktocortana;holographic-audio
HKLM\...\Policies\Explorer: [AllowOnlineTips] 0
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [] => [X]
HKU\S-1-5-19\...\RunOnce: [Edge_DisableAskMeWhatToDoWithEachDownload] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Download" /F /V "EnableSavePrompt" /T R (l'élément de données a 22 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisableBlockPopup] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows" /F /V "PopupMgr" /T REG_SZ (l'élément de données a 8 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisableCortanaAssistant] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI" /F /V "EnableCortana" /T REG (l'élément de données a 20 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisablePagePrediction] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" /F /V "FPEnabled" /T REG_DWO (l'élément de données a 16 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_DisableSmartScreen] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /F /V "EnabledV9" /T RE (l'élément de données a 21 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_EnableSendDoNotTrackRequests] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "DoNotTrack" /T REG_DWORD / (l'élément de données a 12 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_ShowFavoritesBar] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LinksBar" /F /V "Enabled" /T REG_DWORD (l'élément de données a 13 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Edge_UseDarkTheme] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "Theme" /T REG_DWORD /D "00 (l'élément de données a 7 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [UseDarkTheme_Apps] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "AppsUseLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [UseDarkTheme_System] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "SystemUsesLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [Explorer_Privacy_WebsiteIDAccess_Disable] => REG ADD "HKCU\Control Panel\International\User Profile" /F /V "HttpAcceptLanguageOptOut" /T REG_DWORD /D "00000001" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-19\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [] => [X]
HKU\S-1-5-20\...\RunOnce: [Edge_DisableAskMeWhatToDoWithEachDownload] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Download" /F /V "EnableSavePrompt" /T R (l'élément de données a 22 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisableBlockPopup] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows" /F /V "PopupMgr" /T REG_SZ (l'élément de données a 8 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisableCortanaAssistant] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI" /F /V "EnableCortana" /T REG (l'élément de données a 20 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisablePagePrediction] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" /F /V "FPEnabled" /T REG_DWO (l'élément de données a 16 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_DisableSmartScreen] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /F /V "EnabledV9" /T RE (l'élément de données a 21 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_EnableSendDoNotTrackRequests] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "DoNotTrack" /T REG_DWORD / (l'élément de données a 12 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_ShowFavoritesBar] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LinksBar" /F /V "Enabled" /T REG_DWORD (l'élément de données a 13 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Edge_UseDarkTheme] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "Theme" /T REG_DWORD /D "00 (l'élément de données a 7 caractères en plus). (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [UseDarkTheme_Apps] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "AppsUseLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [UseDarkTheme_System] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "SystemUsesLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\RunOnce: [Explorer_Privacy_WebsiteIDAccess_Disable] => REG ADD "HKCU\Control Panel\International\User Profile" /F /V "HttpAcceptLanguageOptOut" /T REG_DWORD /D "00000001" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-20\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Fichier non signé]
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Run: [ACDSeeCommanderUltimate16] => C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\ACDSeeCommanderUltimate16.exe [8188512 2022-10-30] (ACD Systems International Inc. -> ) [Fichier non signé]
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-816588136-875710598-2891341866-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\MarineAquarium3.scr [7250944 2020-10-12] (SereneScreen) [Fichier non signé]
HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [43520 2017-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-09-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\us005 Langmon: C:\Windows\system32\us005lm.dll [22528 2017-06-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us016 Langmon: C:\Windows\system32\us016lm.dll [40744 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> )
AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2022-10-12] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-816588136-875710598-2891341866-1000\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> Pas de fichier <==== ATTENTION
Task: {094E7D25-B68C-48EC-9E31-295B12216EF1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {20931B38-947C-49F6-9529-D18EE9635E51} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" n'a pas pu être déverrouillé. <==== ATTENTION
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask
Task: {37261BE4-BF71-41B9-9259-856EFE84EF23} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055840 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AA6B52E-0528-4C0F-8AD1-56CE9E3F0949} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [738816 2022-05-23] () [Fichier non signé]
Task: {4738DE7A-BCC1-4E2D-B1B0-CADB044BFA81} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> Pas de fichier <==== ATTENTION
Task: {6FAC31FA-4A85-4E64-BFD5-2154FF4594B3} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> Pas de fichier <==== ATTENTION
Task: {977EA608-6942-4E45-B217-87C67E26F229} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-08-26] () [Fichier non signé]
Task: {9859F362-CC09-4E45-AF51-E994A92F733E} - System32\Tasks\R@1n\Office 21 ProPlus => wmic path SoftwareLicensingProduct where (ID="fbdb3e18-a8ef-4fb3-9183-dffd60bd0984") call Activate
Task: {9BFD5B3A-3AE7-48D5-A588-E32B5E2161EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055840 2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\Windows\system32\CloudRestoreLauncher.dll [245760 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DD0ABB37-DCE2-445E-B92F-2C538E7EDFEB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\Windows\system32\SecureBootEncodeUEFI.exe [94208 2022-10-30] (Microsoft Windows -> )
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe (Pas de fichier)
Task: {EC9D60D7-1B32-44BF-927F-850C03F7080B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2E5B899-5898-48A6-A415-933C72D7ED6F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB934888-0201-4896-90C1-7AD00228B1B8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{bac2a043-b908-4356-9cbd-f637d653bf32}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{bac2a043-b908-4356-9cbd-f637d653bf32}: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF DefaultProfile: 0qe11bz2.default
FF DefaultProfile: 0yke827s.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default [2022-10-30]
FF Extension: (Dictionnaire français) - C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2022-10-12] []
FF Extension: (Cloud Service Providers for Postbox) - C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default\Extensions\pbfilelink@postbox-inc.com.xpi [2022-10-12] [] [non signé]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0yke827s.default [2022-10-12]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release [2022-10-30]
FF DownloadDir: L:\Toto + Disque I toto
FF Homepage: Mozilla\Firefox\Profiles\yees70hb.default-release -> hxxps://www.dealabs.com/nouveaux
FF Extension: (AdBlocker Ultimate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-10-12]
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-10-12]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-10-12]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2022-10-12] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-12] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9191816 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\Windows\system32\dcsvc.dll [806912 2022-10-30] (Microsoft Windows -> Microsoft Corporation)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [224680 2021-09-21] (DTS, Inc. -> DTS Inc.)
S3 InventorySvc; C:\Windows\system32\inventorysvc.dll [304480 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_4644c24027cfb2ed\RstMwService.exe [3901454 2022-10-30] () [Fichier non signé]
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 2018-06-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-02-07] (Samsung Electronics CO., LTD. -> )
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SgrmBroker; C:\Windows\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [193776 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [830503 2022-05-13] (DEVGURU Co., LTD.) [Fichier non signé]
S2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [999047 2022-05-13] (DEVGURU Co., LTD.) [Fichier non signé]
R3 TextInputManagementService; C:\Windows\System32\TabSvc.dll [266240 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658224 2021-08-26] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
S2 wuauserv; C:\Windows\system32\wuauserv.dll [137544 2022-10-30] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 bfs; C:\Windows\system32\drivers\bfs.sys [91480 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-06] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [165104 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 e2f68; C:\Windows\System32\drivers\e2f68.sys [526184 2021-01-20] (INTELEPGSW2022 -> Intel Corporation)
R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_0f2d4ef9c63375f3\e2f.sys [527000 2022-10-30] (Intel Corporation -> Intel Corporation)
S3 e2fnexpress; C:\Windows\System32\DriverStore\FileRepository\e2fn.inf_amd64_c241fd785011b775\e2fn.sys [1364096 2022-10-12] (Intel Corporation -> Intel Corporation)
R3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29936 2022-10-30] (WDKTestCert v.kurilovich,130838452094803308 -> Evoluent)
S0 GenPass; C:\Windows\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R0 hswultpep; C:\Windows\System32\drivers\hswultpep.sys [62968 2022-10-30] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-23] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1ebed6f33a1c1014\iaLPSS2_I2C_ADL.sys [210600 2022-06-23] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1605296 2022-10-30] (Intel Corporation -> Intel Corporation)
S0 pvscsi; C:\Windows\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 RoutePolicy; C:\Windows\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [171768 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [48368 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [48536 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [438544 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [90384 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2022-10-12] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
R2 wtd; C:\Windows\System32\drivers\wtd.sys [118784 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
U4 DcpSvc; pas de ImagePath
U4 HomeGroupListener; pas de ImagePath
U4 HomeGroupProvider; pas de ImagePath
U4 xbgm; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-30 06:08 - 2022-10-30 06:08 - 000030024 _____ C:\Users\Admin\Desktop\FRST.txt
2022-10-30 06:08 - 2022-10-30 06:08 - 000000000 ____D C:\FRST
2022-10-30 06:08 - 2022-10-30 06:07 - 002374144 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2022-10-30 04:47 - 2022-10-30 04:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Wise Care 365
2022-10-30 04:32 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2022-10-30 04:32 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Local\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\Apple
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Program Files\ACD Systems
2022-10-30 04:29 - 2022-10-30 04:35 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-30 04:29 - 2022-10-30 04:35 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-30 04:15 - 2022-10-30 04:15 - 000806446 _____ C:\Windows\system32\perfh00C.dat
2022-10-30 04:15 - 2022-10-30 04:15 - 000156284 _____ C:\Windows\system32\perfc00C.dat
2022-10-30 04:09 - 2022-10-30 04:09 - 000062968 _____ (Intel Corporation) C:\Windows\system32\Drivers\hswultpep.sys
2022-10-30 02:53 - 2022-10-30 02:53 - 000000000 ___DL C:\Users\Admin\AppData\Roaming\brave
2022-10-30 02:16 - 2022-10-30 02:16 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-10-30 02:15 - 2022-10-30 02:15 - 015220312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 012541528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 007588408 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 006458416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 005907576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 005769856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 005429352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 003102320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 002246752 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001968496 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001968496 _____ C:\Windows\system32\vulkaninfo.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001653384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001525104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001525104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 001523304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001472600 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001432944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001432944 _____ C:\Windows\system32\vulkan-1.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001261688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001214048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001186424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001146208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 001146208 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000988296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000872056 _____ C:\Windows\system32\nvofapi64.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000854168 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 000823400 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000709736 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 000694408 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-10-30 02:15 - 2022-10-30 02:15 - 000457848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-10-30 02:15 - 2022-10-30 02:15 - 000095254 _____ C:\Windows\system32\nvinfo.pb
2022-10-30 02:14 - 2022-10-30 02:14 - 000129000 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2022-10-30 02:14 - 2022-10-30 02:14 - 000041984 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2022-10-30 02:13 - 2022-10-30 02:13 - 003901503 _____ C:\Windows\system32\RstMwEventLogMsg.dll
2022-10-30 02:13 - 2022-10-30 02:13 - 001605296 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorVD.sys
2022-10-30 02:13 - 2022-10-30 02:13 - 000029936 _____ (Evoluent) C:\Windows\system32\Drivers\EvoMouseDriverFilterHidUsb.sys
2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IObit
2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\ProgramData\IObit
2022-10-30 01:11 - 2022-10-30 01:11 - 000000000 ____D C:\Windows\system32\appraiser
2022-10-30 01:09 - 2022-10-30 01:09 - 000094208 _____ C:\Windows\system32\SecureBootEncodeUEFI.exe
2022-10-30 01:09 - 2022-10-30 01:09 - 000062832 _____ C:\Windows\system32\AppInstallerBackgroundUpdate.exe
2022-10-30 01:09 - 2022-10-30 01:09 - 000016521 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-10-30 01:05 - 2022-10-30 02:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-30 01:02 - 2022-10-30 04:10 - 000000000 ____D C:\Users\Admin\AppData\Local\LogiBolt
2022-10-23 12:17 - 2022-10-23 12:17 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2022-10-23 12:17 - 2022-10-23 12:17 - 000002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-23 12:16 - 2022-10-23 12:16 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WiseUpdate
2022-10-23 12:15 - 2022-10-23 12:15 - 000002216 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-23 12:15 - 2021-11-17 14:50 - 000038400 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2022-10-12 17:59 - 2022-10-30 05:11 - 000000000 ____D C:\Program Files (x86)\Postbox
2022-10-12 17:59 - 2022-10-23 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postbox
2022-10-12 17:59 - 2022-10-12 18:00 - 000000000 ____D C:\Users\Admin\AppData\Local\PostboxApp
2022-10-12 17:59 - 2022-10-12 17:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\PostboxApp
2022-10-12 17:58 - 2022-10-12 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2022-10-12 17:58 - 2022-10-12 17:58 - 000000000 ____D C:\Program Files (x86)\Auslogics
2022-10-12 17:57 - 2022-10-30 04:27 - 000000000 __SHD C:\ProgramData\Synaptics
2022-10-12 17:57 - 2022-10-12 17:57 - 000000000 ____D C:\ProgramData\Auslogics
2022-10-12 17:53 - 2022-10-12 17:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\MahJong Suite
2022-10-12 17:53 - 2022-10-12 17:55 - 000000000 ____D C:\Program Files (x86)\MahJong Suite
2022-10-12 17:53 - 2022-10-12 17:53 - 000001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite.lnk
2022-10-12 17:53 - 2022-10-12 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite
2022-10-12 17:46 - 2022-10-12 17:46 - 000000000 ____D C:\Program Files (x86)\Wise
2022-10-12 17:43 - 2022-10-12 17:53 - 000000000 ____D C:\ProgramData\TreeCardGames
2022-10-12 17:43 - 2022-10-12 17:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\SolSuite
2022-10-12 17:43 - 2022-10-12 17:43 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk
2022-10-12 17:43 - 2022-10-12 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
2022-10-12 17:43 - 2022-10-12 17:43 - 000000000 ____D C:\Program Files (x86)\SolSuite
2022-10-12 17:41 - 2022-10-23 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools.net Premium
2022-10-12 17:41 - 2022-10-12 17:41 - 000000000 ____D C:\Program Files (x86)\WinTools Software
2022-10-12 17:38 - 2022-10-12 17:38 - 000000000 ____D C:\Users\URET TEAM
2022-10-12 17:37 - 2022-10-23 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\Users\Admin\AppData\Local\VS Revo Group
2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\ProgramData\VS Revo Group
2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\Program Files\VS Revo Group
2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Marine Aquarium 3
2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SereneScreen
2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\Program Files (x86)\SereneScreen
2022-10-12 17:35 - 2020-10-12 23:57 - 007250944 _____ (SereneScreen) C:\Windows\SysWOW64\MarineAquarium3.scr
2022-10-12 17:35 - 2020-10-12 23:57 - 007250944 _____ (SereneScreen) C:\Windows\system32\MarineAquarium3.scr
2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\NVIDIA
2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2022-10-12 17:33 - 2022-10-12 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2022-10-12 17:33 - 2022-10-12 17:33 - 000000000 ____D C:\Program Files\Core Temp
2022-10-12 17:32 - 2022-10-12 17:34 - 000000000 ____D C:\ProgramData\Adobe
2022-10-12 17:32 - 2022-10-12 17:32 - 000003300 _____ C:\Windows\system32\Tasks\klcp_update
2022-10-12 17:32 - 2022-10-12 17:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-10-12 17:32 - 2022-10-12 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-10-12 17:32 - 2019-12-28 02:00 - 000784384 _____ C:\Windows\system32\xvidcore.dll
2022-10-12 17:32 - 2019-12-28 02:00 - 000681984 _____ C:\Windows\SysWOW64\xvidcore.dll
2022-10-12 17:32 - 2019-12-28 02:00 - 000310784 _____ C:\Windows\system32\xvidvfw.dll
2022-10-12 17:32 - 2019-12-28 02:00 - 000284160 _____ C:\Windows\SysWOW64\xvidvfw.dll
2022-10-12 17:32 - 2017-07-30 03:50 - 003850240 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2022-10-12 17:32 - 2017-07-30 03:50 - 003799552 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2022-10-12 17:32 - 2015-10-24 09:00 - 000112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2022-10-12 17:32 - 2015-02-25 09:27 - 000473088 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm
2022-10-12 17:32 - 2012-07-21 03:55 - 000180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2022-10-12 17:32 - 2012-07-21 03:54 - 000122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2022-10-12 17:32 - 2012-05-21 14:48 - 000000415 _____ C:\Windows\SysWOW64\lame_acm.xml
2022-10-12 17:32 - 2011-12-07 10:37 - 000148992 _____ ( ) C:\Windows\system32\lagarith.dll
2022-10-12 17:32 - 2011-12-07 10:32 - 000216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2022-10-12 17:32 - 2005-01-21 16:53 - 000055296 _____ C:\Windows\system32\huffyuv.dll
2022-10-12 17:32 - 2004-05-18 11:16 - 000039936 _____ (Disappearing Inc.) C:\Windows\SysWOW64\huffyuv.dll
2022-10-12 17:31 - 2022-10-12 17:32 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-10-12 17:24 - 2022-10-30 04:31 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-10-12 17:24 - 2022-10-30 02:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-10-12 17:24 - 2022-10-30 01:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-12 17:24 - 2022-10-12 17:24 - 000000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2022-10-12 17:22 - 2022-10-30 06:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AIMP
2022-10-12 17:22 - 2022-10-12 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2022-10-12 17:22 - 2022-10-12 17:22 - 000000000 ____D C:\Program Files\AIMP
2022-10-12 17:18 - 2022-10-12 17:18 - 000000000 ____D C:\Users\Admin\AppData\Local\DBG
2022-10-12 17:01 - 2022-10-12 17:01 - 051981582 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2022-10-12 17:01 - 2022-10-12 17:01 - 006304560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2022-10-12 17:01 - 2022-10-12 17:01 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2022-10-12 17:01 - 2022-10-12 17:01 - 000000000 ____D C:\Program Files (x86)\OpenAL
2022-10-12 17:01 - 2022-10-12 17:01 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Windows\IObit
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IObit_backup
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IObit_backup
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\Local\IObit
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\ProgramData\ProductData_backup
2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\ProgramData\IObit_backup
2022-10-12 16:55 - 2022-10-30 05:04 - 000000000 ____D C:\ProgramData\Intel
2022-10-12 16:55 - 2022-10-12 17:06 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-12 16:54 - 2022-10-30 05:04 - 000000000 ____D C:\Users\Admin\Intel
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\Program Files (x86)\Intel
2022-10-12 16:44 - 2022-10-12 16:44 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms
2022-10-12 16:43 - 2022-10-12 16:43 - 000000000 ____D C:\Users\Admin\AppData\Local\OO Software
2022-10-12 16:42 - 2022-10-12 16:42 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Users\Public\Documents\Logishrd
2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Program Files\Common Files\LogiShrd
2022-10-12 16:39 - 2022-10-12 16:39 - 000000000 ____D C:\Windows\system32\DTS
2022-10-12 16:36 - 2022-10-12 16:36 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-12 16:36 - 2022-10-12 16:36 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-10-12 16:36 - 2021-09-29 11:41 - 000276832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2022-10-12 16:36 - 2021-09-29 11:41 - 000231280 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2022-10-12 16:36 - 2021-05-16 18:50 - 002875968 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2022-10-12 16:33 - 2022-10-12 17:48 - 000033864 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ADBDriverInstaller
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Program Files\DIFX
2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
2022-10-12 16:28 - 2022-10-12 16:29 - 000000000 ____D C:\adb
2022-10-12 16:28 - 2022-10-12 16:28 - 000000000 ____D C:\Windows\system32\Samsung
2022-10-12 16:28 - 2022-10-12 16:28 - 000000000 ____D C:\Program Files\Samsung
2022-10-12 16:28 - 2022-05-13 00:06 - 000171768 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2022-10-12 16:28 - 2022-05-13 00:06 - 000165104 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-10-12 16:28 - 2022-05-13 00:06 - 000069120 _____ (Nokia) C:\Windows\system32\nmwcdclsx64.dll
2022-10-12 16:28 - 2022-05-13 00:06 - 000048368 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ss_conn_usb_driver2.sys
2022-10-12 16:25 - 2022-10-12 16:25 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-10-12 16:23 - 2022-10-30 03:05 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-10-12 16:23 - 2022-10-12 17:32 - 000000000 ____D C:\Program Files\Adobe
2022-10-12 16:23 - 2022-10-12 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2022-10-12 16:23 - 2022-10-12 16:23 - 000003510 _____ C:\Windows\system32\Tasks\EPM Preload
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\Documents\Scan
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Deployment
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2022-10-12 16:23 - 2018-08-28 14:25 - 000018636 ____N C:\Windows\SysWOW64\spddata.xml
2022-10-12 16:23 - 2018-06-24 10:38 - 000508488 ____N C:\Windows\SysWOW64\spdsvc.exe
2022-10-12 16:22 - 2022-10-12 16:42 - 000000000 ____D C:\Program Files\Logitech
2022-10-12 16:22 - 2017-06-14 14:57 - 000236295 _____ C:\Windows\system32\us005ci.exe
2022-10-12 16:22 - 2017-06-14 14:57 - 000089600 _____ (SS) C:\Windows\system32\us005ci.dll
2022-10-12 16:22 - 2017-06-14 14:57 - 000022528 _____ () C:\Windows\system32\us005lm.dll
2022-10-12 16:21 - 2022-10-12 16:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2022-10-12 16:21 - 2022-10-12 16:21 - 000000000 ____D C:\ProgramData\SSScan
2022-10-12 16:21 - 2022-02-23 20:08 - 000364416 _____ (Samsung Electronics) C:\Windows\system32\SnWIAMUI.dll
2022-10-12 16:21 - 2022-02-23 20:08 - 000261552 _____ (TODO:
2022-10-12 16:21 - 2022-02-23 20:08 - 000175288 _____ C:\Windows\wiainst64.exe
2022-10-12 16:21 - 2021-04-01 07:25 - 000014224 ____N (HP Inc) C:\Windows\system32\Drivers\SSPORT.SYS
2022-10-12 16:21 - 2016-11-21 17:11 - 000131580 _____ C:\Windows\system32\WIAEXSTR.loc
2022-10-12 16:21 - 2016-11-21 17:09 - 000586752 _____ C:\Windows\system32\SNWIAUI.dll
2022-10-12 16:21 - 2016-11-21 17:06 - 000756736 _____ C:\Windows\system32\SnMinDrv.dll
2022-10-12 16:21 - 2016-11-21 17:06 - 000155136 _____ C:\Windows\system32\SnImgFlt.dll
2022-10-12 16:21 - 2016-11-21 17:05 - 000068096 _____ C:\Windows\system32\SnErHdlr.dll
2022-10-12 16:21 - 2016-11-21 16:57 - 000420352 _____ C:\Windows\system32\SaMinDrv.dll
2022-10-12 16:21 - 2016-11-21 16:56 - 000151040 _____ C:\Windows\system32\SaImgFlt.dll
2022-10-12 16:21 - 2016-11-21 16:55 - 000068096 _____ C:\Windows\system32\SaErHdlr.dll
2022-10-12 16:21 - 2016-07-20 12:15 - 000169472 ____N C:\Windows\system32\StatusMessage.dll
2022-10-12 16:21 - 2016-07-20 12:15 - 000124928 ____N C:\Windows\SysWOW64\StatusMessage.dll
2022-10-12 16:21 - 2015-02-07 05:58 - 000143664 ____N C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2022-10-12 16:21 - 2015-02-07 05:58 - 000143664 ____N C:\Windows\system32\SecUPDUtilSvc.exe
2022-10-12 16:20 - 2022-10-12 16:28 - 000000000 ____D C:\ProgramData\Samsung
2022-10-12 16:20 - 2022-10-12 16:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2022-10-12 16:20 - 2022-10-12 16:23 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-10-12 16:20 - 2022-02-23 19:06 - 000251776 _____ C:\Windows\system32\SBuySupplies.exe
2022-10-12 16:20 - 2022-02-23 19:06 - 000184168 _____ C:\Windows\system32\us016ci.exe
2022-10-12 16:20 - 2022-02-23 19:06 - 000040744 _____ () C:\Windows\system32\us016lm.dll
2022-10-12 16:20 - 2022-02-23 19:05 - 000106776 _____ (SS) C:\Windows\system32\us016ci.dll
2022-10-12 16:20 - 2018-06-24 10:38 - 002095688 ____N C:\Windows\SysWOW64\DlgSearchEngine.dll
2022-10-12 16:20 - 2016-08-10 04:07 - 002847744 ____N C:\Windows\system32\DlgSearchEngine.dll
2022-10-12 16:14 - 2022-10-12 16:40 - 000000000 ____D C:\Program Files (x86)\RocketDock
2022-10-12 16:14 - 2022-10-12 16:14 - 000000000 ____D C:\Windows\Firmware
2022-10-12 16:14 - 2022-10-12 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2022-10-12 16:12 - 2022-10-12 16:12 - 000351124 _____ C:\Windows\system32\perfi00C.dat
2022-10-12 16:12 - 2022-10-12 16:12 - 000040728 _____ C:\Windows\system32\perfd00C.dat
2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\SysWOW64\fr
2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\system32\fr
2022-10-12 16:10 - 2022-10-12 16:40 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2022-10-12 16:07 - 2022-10-12 16:07 - 000019968 _____ C:\Windows\system32\SppExtComObjHook.dll
2022-10-12 16:07 - 2022-10-12 16:07 - 000000000 ____D C:\Windows\system32\Tasks\R@1n
2022-10-12 16:07 - 2022-10-12 16:07 - 000000000 ____D C:\Users\Admin\AppData\Local\mpress
2022-10-12 16:04 - 2022-10-12 16:12 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-12 16:04 - 2022-10-12 16:04 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-10-12 16:04 - 2022-10-12 16:04 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-10-12 16:04 - 2022-10-12 16:04 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Users\FC Portables
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-10-12 16:03 - 2022-10-30 01:02 - 000000000 ____D C:\ProgramData\Logishrd
2022-10-12 16:03 - 2022-10-23 12:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2022-10-12 16:03 - 2022-10-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-10-12 16:03 - 2022-10-12 16:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CEF
2022-10-12 16:03 - 2022-10-12 16:03 - 000000000 ____D C:\Program Files\Logi
2022-10-12 16:02 - 2022-10-30 04:10 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-12 16:02 - 2022-10-12 16:56 - 000000000 ____D C:\Program Files\Intel
2022-10-12 16:02 - 2022-10-12 16:04 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Windows\CSC
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-12 16:02 - 2022-07-19 17:26 - 000000936 ____N C:\Windows\system32\SetupBD.din
2022-10-12 16:02 - 2021-06-07 19:27 - 000433912 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2022-10-12 16:01 - 2022-10-12 16:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR
2022-10-12 16:01 - 2022-10-12 16:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-12 15:58 - 2022-10-12 15:59 - 000000000 ____D C:\Program Files\WinRAR
2022-10-12 15:58 - 2022-10-12 15:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-12 15:58 - 2022-10-12 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-12 15:56 - 2022-10-12 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-10-12 15:56 - 2022-10-12 15:56 - 000000000 ____D C:\Program Files\7-Zip
2022-10-12 15:52 - 2022-10-12 15:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-10-11 22:10 - 2022-10-11 22:10 - 000000000 ____D C:\ProgramData\WinaeroTweaker
2022-10-11 22:07 - 2022-10-30 04:15 - 001803994 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-11 22:03 - 2022-10-30 04:34 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2022-10-11 22:03 - 2022-10-30 03:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2022-10-11 22:03 - 2022-10-30 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2022-10-11 22:03 - 2022-10-12 16:54 - 000000000 ____D C:\Users\Admin
2022-10-11 22:03 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\Packages
2022-10-11 22:03 - 2022-10-11 22:03 - 000000020 ___SH C:\Users\Admin\ntuser.ini
2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 _SHDL C:\Documents and Settings
2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2022-10-11 22:03 - 2022-05-06 22:19 - 000001281 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-10-11 22:03 - 2022-05-06 22:19 - 000000407 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-10-11 22:02 - 2022-10-30 04:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-11 22:02 - 2022-10-11 22:02 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-11 22:02 - 2022-10-11 22:02 - 000000000 ____D C:\Windows\system32\config\BFS
2022-10-11 22:01 - 2022-10-30 04:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-11 22:01 - 2022-10-11 22:01 - 000000000 ____D C:\Windows\ServiceProfiles
2022-10-11 21:59 - 2022-10-11 21:59 - 000000000 ____D C:\Users\Admin\AppData\Local\PeerDistRepub
2022-10-11 21:49 - 2022-10-11 21:50 - 000000180 _____ C:\Users\Admin\Documents\systemtransparency.ini
2022-10-11 21:49 - 2022-10-11 21:49 - 000000000 ____D C:\Program Files (x86)\Clear
2022-10-11 17:56 - 2022-10-30 04:10 - 100925440 _____ C:\Windows\system32\config\SOFTWARE
2022-10-11 17:56 - 2022-10-30 04:10 - 014942208 _____ C:\Windows\system32\config\SYSTEM
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files\MSBuild
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-10-11 17:52 - 2022-10-11 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools
2022-10-11 17:52 - 2022-10-11 21:35 - 000000000 ____D C:\ProgramData\PhoenixOS
2022-10-11 17:52 - 2022-04-12 13:57 - 000043254 _____ C:\Windows\system32\OEM.bmp
2022-10-11 17:45 - 2022-10-11 17:45 - 002088728 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000180224 _____ C:\Windows\system32\stordiag.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000157008 _____ C:\Windows\system32\HvsiManagementApi.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000133120 _____ C:\Windows\SysWOW64\stordiag.exe
2022-10-11 17:45 - 2022-10-11 17:45 - 000105312 _____ C:\Windows\SysWOW64\HvsiManagementApi.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000098304 _____ C:\Windows\system32\dplcsp.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000055144 _____ C:\Windows\system32\SFAPE.dll
2022-10-11 17:45 - 2022-10-11 17:45 - 000046888 _____ C:\Windows\system32\wow64base.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 002575632 _____ (The ICU Project) C:\Windows\system32\icu.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 000327680 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 000296448 _____ C:\Windows\system32\CloudIdWxhExtension.dll
2022-10-11 17:44 - 2022-10-11 17:44 - 000192512 _____ C:\Windows\system32\CloudExperienceHostRedirection.dll
2022-10-11 15:23 - 2022-10-30 01:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-11 15:23 - 2022-10-12 16:12 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2022-10-11 15:23 - 2022-10-11 17:48 - 000000000 ___SD C:\Windows\system32\AppV
2022-10-11 15:23 - 2022-10-11 15:23 - 000000000 ____D C:\Windows\RemotePackages
2022-10-11 15:23 - 2022-10-11 15:23 - 000000000 ____D C:\Windows\InboxApps
2022-10-11 15:23 - 2022-05-06 22:21 - 000024935 _____ C:\Windows\Professional.xml
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-10-30 05:05 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemTemp
2022-10-30 05:05 - 2022-05-06 22:22 - 000000000 ____D C:\Windows\INF
2022-10-30 04:29 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-30 04:27 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-30 04:27 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-30 04:10 - 2022-05-06 22:17 - 000131072 _____ C:\Windows\system32\config\BBI
2022-10-30 04:09 - 2022-05-06 22:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-30 04:09 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\AppReadiness
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\UUS
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\InputMethod
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\IME
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemResources
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemApps
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Sgrm
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\InputMethod
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\IME
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\DDFs
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ShellExperiences
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ShellComponents
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Performance
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\IME
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\bcastdvr
2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\appcompat
2022-10-30 01:10 - 2022-05-06 22:17 - 000000000 ____D C:\Windows\CbsTemp
2022-10-30 01:08 - 2022-05-06 22:17 - 000000000 ____D C:\Windows\servicing
2022-10-12 17:04 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Help
2022-10-12 16:52 - 2022-05-06 22:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2022-10-12 16:42 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-10-12 16:12 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-12 16:12 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\winrm
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\WCN
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\winrm
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\WCN
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\slmgr
2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\F12
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\dsc
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\MUI
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\Com
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Sysprep
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\oobe
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\MUI
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\migwiz
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Dism
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Com
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\OCR
2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-12 16:02 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\spool
2022-10-12 15:54 - 2022-05-06 22:28 - 000000000 ____D C:\Windows\Setup
2022-10-11 22:17 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-11 22:06 - 2022-05-06 22:24 - 000000000 ___RD C:\Windows\PrintDialog
2022-10-11 22:03 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-10-11 22:02 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ServiceState
2022-10-11 22:02 - 2022-05-06 22:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-10-11 17:56 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\InputMethod
2022-10-11 17:56 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Cursors
2022-10-11 17:55 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Resources
2022-10-11 17:52 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Web
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\UNP
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\setup
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Provisioning
2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Globalization
2022-10-11 15:23 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\security
2022-10-11 15:23 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\schemas
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================