Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2022 Exécuté par Admin (administrateur) sur DESKTOP-SLSOEUS (ASUS System Product Name) (30-10-2022 06:08:41) Exécuté depuis C:\Users\Admin\Desktop Profils chargés: Admin Plate-forme: Microsoft Windows 11 Pro Version 22H2 22621.755 (X64) Langue: Anglais (États-Unis) -> Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ACD Systems International Inc. -> ) [Fichier non signé] C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\ACDSeeCommanderUltimate16.exe (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe (C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe (C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\RocketDock\RocketDock.exe (explorer.exe ->) (IP Izmaylov Artem Andreevich -> AIMP DevTeam) C:\Program Files\AIMP\AIMP.exe (explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> ) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3496424 2022-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [ACUW16FR] => C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\acdIDInTouch2.exe [3495472 2022-10-30] (ACD Systems International Inc. -> ACD Systems International Inc.) [Fichier non signé] HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:maps;cortana-moredetails;cortana-language;cortana-notifications;cortana-permissions;cortana;cortana-talktocortana;holographic-audio HKLM\...\Policies\Explorer: [AllowOnlineTips] 0 HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [] => [X] HKU\S-1-5-19\...\RunOnce: [Edge_DisableAskMeWhatToDoWithEachDownload] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Download" /F /V "EnableSavePrompt" /T R (l'élément de données a 22 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Edge_DisableBlockPopup] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows" /F /V "PopupMgr" /T REG_SZ (l'élément de données a 8 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Edge_DisableCortanaAssistant] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI" /F /V "EnableCortana" /T REG (l'élément de données a 20 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Edge_DisablePagePrediction] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" /F /V "FPEnabled" /T REG_DWO (l'élément de données a 16 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Edge_DisableSmartScreen] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /F /V "EnabledV9" /T RE (l'élément de données a 21 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Edge_EnableSendDoNotTrackRequests] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "DoNotTrack" /T REG_DWORD / (l'élément de données a 12 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Edge_ShowFavoritesBar] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LinksBar" /F /V "Enabled" /T REG_DWORD (l'élément de données a 13 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Edge_UseDarkTheme] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "Theme" /T REG_DWORD /D "00 (l'élément de données a 7 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [UseDarkTheme_Apps] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "AppsUseLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [UseDarkTheme_System] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "SystemUsesLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [Explorer_Privacy_WebsiteIDAccess_Disable] => REG ADD "HKCU\Control Panel\International\User Profile" /F /V "HttpAcceptLanguageOptOut" /T REG_DWORD /D "00000001" (Pas de fichier) <==== ATTENTION HKU\S-1-5-19\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-06] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [] => [X] HKU\S-1-5-20\...\RunOnce: [Edge_DisableAskMeWhatToDoWithEachDownload] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Download" /F /V "EnableSavePrompt" /T R (l'élément de données a 22 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Edge_DisableBlockPopup] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows" /F /V "PopupMgr" /T REG_SZ (l'élément de données a 8 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Edge_DisableCortanaAssistant] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI" /F /V "EnableCortana" /T REG (l'élément de données a 20 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Edge_DisablePagePrediction] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" /F /V "FPEnabled" /T REG_DWO (l'élément de données a 16 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Edge_DisableSmartScreen] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /F /V "EnabledV9" /T RE (l'élément de données a 21 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Edge_EnableSendDoNotTrackRequests] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "DoNotTrack" /T REG_DWORD / (l'élément de données a 12 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Edge_ShowFavoritesBar] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LinksBar" /F /V "Enabled" /T REG_DWORD (l'élément de données a 13 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Edge_UseDarkTheme] => REG ADD "HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /F /V "Theme" /T REG_DWORD /D "00 (l'élément de données a 7 caractères en plus). (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [UseDarkTheme_Apps] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "AppsUseLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [UseDarkTheme_System] => REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /F /V "SystemUsesLightTheme" /T REG_DWORD /D "00000000" (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\RunOnce: [Explorer_Privacy_WebsiteIDAccess_Disable] => REG ADD "HKCU\Control Panel\International\User Profile" /F /V "HttpAcceptLanguageOptOut" /T REG_DWORD /D "00000001" (Pas de fichier) <==== ATTENTION HKU\S-1-5-20\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Fichier non signé] HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Run: [ACDSeeCommanderUltimate16] => C:\Program Files\ACD Systems\ACDSee Ultimate\16.0\ACDSeeCommanderUltimate16.exe [8188512 2022-10-30] (ACD Systems International Inc. -> ) [Fichier non signé] HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-816588136-875710598-2891341866-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-816588136-875710598-2891341866-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\MarineAquarium3.scr [7250944 2020-10-12] (SereneScreen) [Fichier non signé] HKLM\...\Windows x64\Print Processors\us005PC: C:\Windows\System32\spool\prtprocs\x64\us005pc.dll [43520 2017-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-09-28] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\us005 Langmon: C:\Windows\system32\us005lm.dll [22528 2017-06-14] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us016 Langmon: C:\Windows\system32\us016lm.dll [40744 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ) AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2022-10-12] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll BootExecute: HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKU\S-1-5-21-816588136-875710598-2891341866-1000\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser -> Pas de fichier <==== ATTENTION Task: {094E7D25-B68C-48EC-9E31-295B12216EF1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {20931B38-947C-49F6-9529-D18EE9635E51} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) "C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" n'a pas pu être déverrouillé. <==== ATTENTION Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask Task: {37261BE4-BF71-41B9-9259-856EFE84EF23} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055840 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {3AA6B52E-0528-4C0F-8AD1-56CE9E3F0949} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [738816 2022-05-23] () [Fichier non signé] Task: {4738DE7A-BCC1-4E2D-B1B0-CADB044BFA81} - \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask -> Pas de fichier <==== ATTENTION Task: {6FAC31FA-4A85-4E64-BFD5-2154FF4594B3} - \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip -> Pas de fichier <==== ATTENTION Task: {977EA608-6942-4E45-B217-87C67E26F229} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-08-26] () [Fichier non signé] Task: {9859F362-CC09-4E45-AF51-E994A92F733E} - System32\Tasks\R@1n\Office 21 ProPlus => wmic path SoftwareLicensingProduct where (ID="fbdb3e18-a8ef-4fb3-9183-dffd60bd0984") call Activate Task: {9BFD5B3A-3AE7-48D5-A588-E32B5E2161EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7055840 2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\Windows\system32\CloudRestoreLauncher.dll [245760 2022-10-11] (Microsoft Windows -> Microsoft Corporation) Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-11] (Microsoft Windows -> Microsoft Corporation) Task: {DD0ABB37-DCE2-445E-B92F-2C538E7EDFEB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\Windows\system32\SecureBootEncodeUEFI.exe [94208 2022-10-30] (Microsoft Windows -> ) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe (Pas de fichier) Task: {EC9D60D7-1B32-44BF-927F-850C03F7080B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation) Task: {F2E5B899-5898-48A6-A415-933C72D7ED6F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation) Task: {FB934888-0201-4896-90C1-7AD00228B1B8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{bac2a043-b908-4356-9cbd-f637d653bf32}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{bac2a043-b908-4356-9cbd-f637d653bf32}: [DhcpNameServer] 192.168.0.254 FireFox: ======== FF DefaultProfile: 0qe11bz2.default FF DefaultProfile: 0yke827s.default FF ProfilePath: C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default [2022-10-30] FF Extension: (Dictionnaire français) - C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2022-10-12] [] FF Extension: (Cloud Service Providers for Postbox) - C:\Users\Admin\AppData\Roaming\PostboxApp\Profiles\0qe11bz2.default\Extensions\pbfilelink@postbox-inc.com.xpi [2022-10-12] [] [non signé] FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0yke827s.default [2022-10-12] FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release [2022-10-30] FF DownloadDir: L:\Toto + Disque I toto FF Homepage: Mozilla\Firefox\Profiles\yees70hb.default-release -> hxxps://www.dealabs.com/nouveaux FF Extension: (AdBlocker Ultimate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-10-12] FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-10-12] FF Extension: (TWP - Translate Web Pages) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\yees70hb.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-10-12] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2022-10-12] [non signé] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-12] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9191816 2022-09-05] (Microsoft Corporation -> Microsoft Corporation) S3 dcsvc; C:\Windows\system32\dcsvc.dll [806912 2022-10-30] (Microsoft Windows -> Microsoft Corporation) R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [224680 2021-09-21] (DTS, Inc. -> DTS Inc.) S3 InventorySvc; C:\Windows\system32\inventorysvc.dll [304480 2022-10-11] (Microsoft Windows -> Microsoft Corporation) S2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_4644c24027cfb2ed\RstMwService.exe [3901454 2022-10-30] () [Fichier non signé] R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 2018-06-24] (HP Inc. -> ) R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2015-02-07] (Samsung Electronics CO., LTD. -> ) S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SgrmBroker; C:\Windows\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [193776 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [830503 2022-05-13] (DEVGURU Co., LTD.) [Fichier non signé] S2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [999047 2022-05-13] (DEVGURU Co., LTD.) [Fichier non signé] R3 TextInputManagementService; C:\Windows\System32\TabSvc.dll [266240 2022-10-11] (Microsoft Windows -> Microsoft Corporation) S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658224 2021-08-26] (Lespeed Technology Co., Ltd -> WiseCleaner.com) S2 wuauserv; C:\Windows\system32\wuauserv.dll [137544 2022-10-30] (Microsoft Windows -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispui.inf_amd64_734c6958d8400ec5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 bfs; C:\Windows\system32\drivers\bfs.sys [91480 2022-10-11] (Microsoft Windows -> Microsoft Corporation) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-06] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [165104 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 e2f68; C:\Windows\System32\drivers\e2f68.sys [526184 2021-01-20] (INTELEPGSW2022 -> Intel Corporation) R3 e2fexpress; C:\Windows\System32\DriverStore\FileRepository\e2f.inf_amd64_0f2d4ef9c63375f3\e2f.sys [527000 2022-10-30] (Intel Corporation -> Intel Corporation) S3 e2fnexpress; C:\Windows\System32\DriverStore\FileRepository\e2fn.inf_amd64_c241fd785011b775\e2fn.sys [1364096 2022-10-12] (Intel Corporation -> Intel Corporation) R3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29936 2022-10-30] (WDKTestCert v.kurilovich,130838452094803308 -> Evoluent) S0 GenPass; C:\Windows\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation) R0 hswultpep; C:\Windows\System32\drivers\hswultpep.sys [62968 2022-10-30] (Intel Corporation - Software and Firmware Products -> Intel Corporation) R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-23] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1ebed6f33a1c1014\iaLPSS2_I2C_ADL.sys [210600 2022-06-23] (Intel Corporation -> Intel Corporation) R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1605296 2022-10-30] (Intel Corporation -> Intel Corporation) S0 pvscsi; C:\Windows\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.) S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) S3 RoutePolicy; C:\Windows\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> ) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [171768 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [48368 2022-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [48536 2022-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [438544 2022-05-06] (Microsoft Windows -> Microsoft Corporation) S4 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [90384 2022-05-06] (Microsoft Windows -> Microsoft Corporation) R3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2022-10-12] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com) R2 wtd; C:\Windows\System32\drivers\wtd.sys [118784 2022-10-11] (Microsoft Windows -> Microsoft Corporation) U4 DcpSvc; pas de ImagePath U4 HomeGroupListener; pas de ImagePath U4 HomeGroupProvider; pas de ImagePath U4 xbgm; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-10-30 06:08 - 2022-10-30 06:08 - 000030024 _____ C:\Users\Admin\Desktop\FRST.txt 2022-10-30 06:08 - 2022-10-30 06:08 - 000000000 ____D C:\FRST 2022-10-30 06:08 - 2022-10-30 06:07 - 002374144 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2022-10-30 04:47 - 2022-10-30 04:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Wise Care 365 2022-10-30 04:32 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA 2022-10-30 04:32 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ACD Systems 2022-10-30 04:30 - 2022-10-30 04:32 - 000000000 ____D C:\Users\Admin\AppData\Local\ACD Systems 2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations 2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems 2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\Apple 2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\ProgramData\ACD Systems 2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Program Files\Common Files\ACD Systems 2022-10-30 04:30 - 2022-10-30 04:30 - 000000000 ____D C:\Program Files\ACD Systems 2022-10-30 04:29 - 2022-10-30 04:35 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-30 04:29 - 2022-10-30 04:35 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-30 04:15 - 2022-10-30 04:15 - 000806446 _____ C:\Windows\system32\perfh00C.dat 2022-10-30 04:15 - 2022-10-30 04:15 - 000156284 _____ C:\Windows\system32\perfc00C.dat 2022-10-30 04:09 - 2022-10-30 04:09 - 000062968 _____ (Intel Corporation) C:\Windows\system32\Drivers\hswultpep.sys 2022-10-30 02:53 - 2022-10-30 02:53 - 000000000 ___DL C:\Users\Admin\AppData\Roaming\brave 2022-10-30 02:16 - 2022-10-30 02:16 - 000000000 ____D C:\Windows\LastGood.Tmp 2022-10-30 02:15 - 2022-10-30 02:15 - 015220312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 012541528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 007588408 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 006458416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 005907576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 005769856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 005429352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 003102320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 002246752 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001968496 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2022-10-30 02:15 - 2022-10-30 02:15 - 001968496 _____ C:\Windows\system32\vulkaninfo.exe 2022-10-30 02:15 - 2022-10-30 02:15 - 001653384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001525104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-10-30 02:15 - 2022-10-30 02:15 - 001525104 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2022-10-30 02:15 - 2022-10-30 02:15 - 001523304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001472600 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001432944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001432944 _____ C:\Windows\system32\vulkan-1.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001261688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001214048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001186424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001146208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 001146208 _____ C:\Windows\SysWOW64\vulkan-1.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 000988296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 000872056 _____ C:\Windows\system32\nvofapi64.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 000854168 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2022-10-30 02:15 - 2022-10-30 02:15 - 000823400 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 000709736 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2022-10-30 02:15 - 2022-10-30 02:15 - 000694408 _____ C:\Windows\SysWOW64\nvofapi.dll 2022-10-30 02:15 - 2022-10-30 02:15 - 000457848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2022-10-30 02:15 - 2022-10-30 02:15 - 000095254 _____ C:\Windows\system32\nvinfo.pb 2022-10-30 02:14 - 2022-10-30 02:14 - 000129000 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2022-10-30 02:14 - 2022-10-30 02:14 - 000041984 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2022-10-30 02:13 - 2022-10-30 02:13 - 003901503 _____ C:\Windows\system32\RstMwEventLogMsg.dll 2022-10-30 02:13 - 2022-10-30 02:13 - 001605296 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorVD.sys 2022-10-30 02:13 - 2022-10-30 02:13 - 000029936 _____ (Evoluent) C:\Windows\system32\Drivers\EvoMouseDriverFilterHidUsb.sys 2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IObit 2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IObit 2022-10-30 02:11 - 2022-10-30 02:11 - 000000000 ____D C:\ProgramData\IObit 2022-10-30 01:11 - 2022-10-30 01:11 - 000000000 ____D C:\Windows\system32\appraiser 2022-10-30 01:09 - 2022-10-30 01:09 - 000094208 _____ C:\Windows\system32\SecureBootEncodeUEFI.exe 2022-10-30 01:09 - 2022-10-30 01:09 - 000062832 _____ C:\Windows\system32\AppInstallerBackgroundUpdate.exe 2022-10-30 01:09 - 2022-10-30 01:09 - 000016521 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-10-30 01:05 - 2022-10-30 02:19 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-10-30 01:02 - 2022-10-30 04:10 - 000000000 ____D C:\Users\Admin\AppData\Local\LogiBolt 2022-10-23 12:17 - 2022-10-23 12:17 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk 2022-10-23 12:17 - 2022-10-23 12:17 - 000002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2022-10-23 12:16 - 2022-10-23 12:16 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WiseUpdate 2022-10-23 12:15 - 2022-10-23 12:15 - 000002216 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2022-10-23 12:15 - 2021-11-17 14:50 - 000038400 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys 2022-10-12 17:59 - 2022-10-30 05:11 - 000000000 ____D C:\Program Files (x86)\Postbox 2022-10-12 17:59 - 2022-10-23 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postbox 2022-10-12 17:59 - 2022-10-12 18:00 - 000000000 ____D C:\Users\Admin\AppData\Local\PostboxApp 2022-10-12 17:59 - 2022-10-12 17:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\PostboxApp 2022-10-12 17:58 - 2022-10-12 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2022-10-12 17:58 - 2022-10-12 17:58 - 000000000 ____D C:\Program Files (x86)\Auslogics 2022-10-12 17:57 - 2022-10-30 04:27 - 000000000 __SHD C:\ProgramData\Synaptics 2022-10-12 17:57 - 2022-10-12 17:57 - 000000000 ____D C:\ProgramData\Auslogics 2022-10-12 17:53 - 2022-10-12 17:57 - 000000000 ____D C:\Users\Admin\AppData\Roaming\MahJong Suite 2022-10-12 17:53 - 2022-10-12 17:55 - 000000000 ____D C:\Program Files (x86)\MahJong Suite 2022-10-12 17:53 - 2022-10-12 17:53 - 000001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite.lnk 2022-10-12 17:53 - 2022-10-12 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite 2022-10-12 17:46 - 2022-10-12 17:46 - 000000000 ____D C:\Program Files (x86)\Wise 2022-10-12 17:43 - 2022-10-12 17:53 - 000000000 ____D C:\ProgramData\TreeCardGames 2022-10-12 17:43 - 2022-10-12 17:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\SolSuite 2022-10-12 17:43 - 2022-10-12 17:43 - 000001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk 2022-10-12 17:43 - 2022-10-12 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games 2022-10-12 17:43 - 2022-10-12 17:43 - 000000000 ____D C:\Program Files (x86)\SolSuite 2022-10-12 17:41 - 2022-10-23 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools.net Premium 2022-10-12 17:41 - 2022-10-12 17:41 - 000000000 ____D C:\Program Files (x86)\WinTools Software 2022-10-12 17:38 - 2022-10-12 17:38 - 000000000 ____D C:\Users\URET TEAM 2022-10-12 17:37 - 2022-10-23 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\Users\Admin\AppData\Local\VS Revo Group 2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\ProgramData\VS Revo Group 2022-10-12 17:37 - 2022-10-12 17:37 - 000000000 ____D C:\Program Files\VS Revo Group 2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Marine Aquarium 3 2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SereneScreen 2022-10-12 17:35 - 2022-10-12 17:35 - 000000000 ____D C:\Program Files (x86)\SereneScreen 2022-10-12 17:35 - 2020-10-12 23:57 - 007250944 _____ (SereneScreen) C:\Windows\SysWOW64\MarineAquarium3.scr 2022-10-12 17:35 - 2020-10-12 23:57 - 007250944 _____ (SereneScreen) C:\Windows\system32\MarineAquarium3.scr 2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\NVIDIA 2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe 2022-10-12 17:34 - 2022-10-12 17:34 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe 2022-10-12 17:33 - 2022-10-12 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp 2022-10-12 17:33 - 2022-10-12 17:33 - 000000000 ____D C:\Program Files\Core Temp 2022-10-12 17:32 - 2022-10-12 17:34 - 000000000 ____D C:\ProgramData\Adobe 2022-10-12 17:32 - 2022-10-12 17:32 - 000003300 _____ C:\Windows\system32\Tasks\klcp_update 2022-10-12 17:32 - 2022-10-12 17:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-10-12 17:32 - 2022-10-12 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2022-10-12 17:32 - 2019-12-28 02:00 - 000784384 _____ C:\Windows\system32\xvidcore.dll 2022-10-12 17:32 - 2019-12-28 02:00 - 000681984 _____ C:\Windows\SysWOW64\xvidcore.dll 2022-10-12 17:32 - 2019-12-28 02:00 - 000310784 _____ C:\Windows\system32\xvidvfw.dll 2022-10-12 17:32 - 2019-12-28 02:00 - 000284160 _____ C:\Windows\SysWOW64\xvidvfw.dll 2022-10-12 17:32 - 2017-07-30 03:50 - 003850240 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll 2022-10-12 17:32 - 2017-07-30 03:50 - 003799552 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll 2022-10-12 17:32 - 2015-10-24 09:00 - 000112128 _____ C:\Windows\SysWOW64\ff_vfw.dll 2022-10-12 17:32 - 2015-02-25 09:27 - 000473088 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\lameACM.acm 2022-10-12 17:32 - 2012-07-21 03:55 - 000180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm 2022-10-12 17:32 - 2012-07-21 03:54 - 000122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm 2022-10-12 17:32 - 2012-05-21 14:48 - 000000415 _____ C:\Windows\SysWOW64\lame_acm.xml 2022-10-12 17:32 - 2011-12-07 10:37 - 000148992 _____ ( ) C:\Windows\system32\lagarith.dll 2022-10-12 17:32 - 2011-12-07 10:32 - 000216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll 2022-10-12 17:32 - 2005-01-21 16:53 - 000055296 _____ C:\Windows\system32\huffyuv.dll 2022-10-12 17:32 - 2004-05-18 11:16 - 000039936 _____ (Disappearing Inc.) C:\Windows\SysWOW64\huffyuv.dll 2022-10-12 17:31 - 2022-10-12 17:32 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2022-10-12 17:24 - 2022-10-30 04:31 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla 2022-10-12 17:24 - 2022-10-30 02:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-10-12 17:24 - 2022-10-30 01:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-10-12 17:24 - 2022-10-12 17:24 - 000000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla 2022-10-12 17:24 - 2022-10-12 17:24 - 000000000 ____D C:\Users\Admin\AppData\Local\Mozilla 2022-10-12 17:22 - 2022-10-30 06:08 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AIMP 2022-10-12 17:22 - 2022-10-12 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP 2022-10-12 17:22 - 2022-10-12 17:22 - 000000000 ____D C:\Program Files\AIMP 2022-10-12 17:18 - 2022-10-12 17:18 - 000000000 ____D C:\Users\Admin\AppData\Local\DBG 2022-10-12 17:01 - 2022-10-12 17:01 - 051981582 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2022-10-12 17:01 - 2022-10-12 17:01 - 006304560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2022-10-12 17:01 - 2022-10-12 17:01 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2022-10-12 17:01 - 2022-10-12 17:01 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2022-10-12 17:01 - 2022-10-12 17:01 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2022-10-12 17:01 - 2022-10-12 17:01 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2022-10-12 17:01 - 2022-10-12 17:01 - 000000000 ____D C:\Program Files (x86)\OpenAL 2022-10-12 17:01 - 2022-10-12 17:01 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA 2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Windows\IObit 2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IObit_backup 2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\IObit_backup 2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\Users\Admin\AppData\Local\IObit 2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\ProgramData\ProductData_backup 2022-10-12 16:58 - 2022-10-12 16:58 - 000000000 ____D C:\ProgramData\IObit_backup 2022-10-12 16:55 - 2022-10-30 05:04 - 000000000 ____D C:\ProgramData\Intel 2022-10-12 16:55 - 2022-10-12 17:06 - 000000000 ____D C:\ProgramData\Package Cache 2022-10-12 16:54 - 2022-10-30 05:04 - 000000000 ____D C:\Users\Admin\Intel 2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045} 2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5} 2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700} 2022-10-12 16:54 - 2022-10-12 16:54 - 000000000 ____D C:\Program Files (x86)\Intel 2022-10-12 16:44 - 2022-10-12 16:44 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms 2022-10-12 16:43 - 2022-10-12 16:43 - 000000000 ____D C:\Users\Admin\AppData\Local\OO Software 2022-10-12 16:42 - 2022-10-12 16:42 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Users\Public\Documents\Logishrd 2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Logitech 2022-10-12 16:42 - 2022-10-12 16:42 - 000000000 ____D C:\Program Files\Common Files\LogiShrd 2022-10-12 16:39 - 2022-10-12 16:39 - 000000000 ____D C:\Windows\system32\DTS 2022-10-12 16:36 - 2022-10-12 16:36 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-10-12 16:36 - 2022-10-12 16:36 - 000000000 ____D C:\Program Files (x86)\Realtek 2022-10-12 16:36 - 2021-09-29 11:41 - 000276832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll 2022-10-12 16:36 - 2021-09-29 11:41 - 000231280 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll 2022-10-12 16:36 - 2021-05-16 18:50 - 002875968 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2022-10-12 16:33 - 2022-10-12 17:48 - 000033864 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll 2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ADBDriverInstaller 2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\ClockworkMod 2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Program Files\DIFX 2022-10-12 16:29 - 2022-10-12 16:29 - 000000000 ____D C:\Program Files (x86)\ClockworkMod 2022-10-12 16:28 - 2022-10-12 16:29 - 000000000 ____D C:\adb 2022-10-12 16:28 - 2022-10-12 16:28 - 000000000 ____D C:\Windows\system32\Samsung 2022-10-12 16:28 - 2022-10-12 16:28 - 000000000 ____D C:\Program Files\Samsung 2022-10-12 16:28 - 2022-05-13 00:06 - 000171768 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2022-10-12 16:28 - 2022-05-13 00:06 - 000165104 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys 2022-10-12 16:28 - 2022-05-13 00:06 - 000069120 _____ (Nokia) C:\Windows\system32\nmwcdclsx64.dll 2022-10-12 16:28 - 2022-05-13 00:06 - 000048368 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ss_conn_usb_driver2.sys 2022-10-12 16:25 - 2022-10-12 16:25 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2022-10-12 16:23 - 2022-10-30 03:05 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-10-12 16:23 - 2022-10-12 17:32 - 000000000 ____D C:\Program Files\Adobe 2022-10-12 16:23 - 2022-10-12 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2022-10-12 16:23 - 2022-10-12 16:23 - 000003510 _____ C:\Windows\system32\Tasks\EPM Preload 2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\Documents\Scan 2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Deployment 2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0 2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\ProgramData\boost_interprocess 2022-10-12 16:23 - 2022-10-12 16:23 - 000000000 ____D C:\Program Files\Common Files\Common Desktop Agent 2022-10-12 16:23 - 2018-08-28 14:25 - 000018636 ____N C:\Windows\SysWOW64\spddata.xml 2022-10-12 16:23 - 2018-06-24 10:38 - 000508488 ____N C:\Windows\SysWOW64\spdsvc.exe 2022-10-12 16:22 - 2022-10-12 16:42 - 000000000 ____D C:\Program Files\Logitech 2022-10-12 16:22 - 2017-06-14 14:57 - 000236295 _____ C:\Windows\system32\us005ci.exe 2022-10-12 16:22 - 2017-06-14 14:57 - 000089600 _____ (SS) C:\Windows\system32\us005ci.dll 2022-10-12 16:22 - 2017-06-14 14:57 - 000022528 _____ () C:\Windows\system32\us005lm.dll 2022-10-12 16:21 - 2022-10-12 16:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Samsung 2022-10-12 16:21 - 2022-10-12 16:21 - 000000000 ____D C:\ProgramData\SSScan 2022-10-12 16:21 - 2022-02-23 20:08 - 000364416 _____ (Samsung Electronics) C:\Windows\system32\SnWIAMUI.dll 2022-10-12 16:21 - 2022-02-23 20:08 - 000261552 _____ (TODO: ) C:\Windows\system32\SnAMPV.dll 2022-10-12 16:21 - 2022-02-23 20:08 - 000175288 _____ C:\Windows\wiainst64.exe 2022-10-12 16:21 - 2021-04-01 07:25 - 000014224 ____N (HP Inc) C:\Windows\system32\Drivers\SSPORT.SYS 2022-10-12 16:21 - 2016-11-21 17:11 - 000131580 _____ C:\Windows\system32\WIAEXSTR.loc 2022-10-12 16:21 - 2016-11-21 17:09 - 000586752 _____ C:\Windows\system32\SNWIAUI.dll 2022-10-12 16:21 - 2016-11-21 17:06 - 000756736 _____ C:\Windows\system32\SnMinDrv.dll 2022-10-12 16:21 - 2016-11-21 17:06 - 000155136 _____ C:\Windows\system32\SnImgFlt.dll 2022-10-12 16:21 - 2016-11-21 17:05 - 000068096 _____ C:\Windows\system32\SnErHdlr.dll 2022-10-12 16:21 - 2016-11-21 16:57 - 000420352 _____ C:\Windows\system32\SaMinDrv.dll 2022-10-12 16:21 - 2016-11-21 16:56 - 000151040 _____ C:\Windows\system32\SaImgFlt.dll 2022-10-12 16:21 - 2016-11-21 16:55 - 000068096 _____ C:\Windows\system32\SaErHdlr.dll 2022-10-12 16:21 - 2016-07-20 12:15 - 000169472 ____N C:\Windows\system32\StatusMessage.dll 2022-10-12 16:21 - 2016-07-20 12:15 - 000124928 ____N C:\Windows\SysWOW64\StatusMessage.dll 2022-10-12 16:21 - 2015-02-07 05:58 - 000143664 ____N C:\Windows\SysWOW64\SecUPDUtilSvc.exe 2022-10-12 16:21 - 2015-02-07 05:58 - 000143664 ____N C:\Windows\system32\SecUPDUtilSvc.exe 2022-10-12 16:20 - 2022-10-12 16:28 - 000000000 ____D C:\ProgramData\Samsung 2022-10-12 16:20 - 2022-10-12 16:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2022-10-12 16:20 - 2022-10-12 16:23 - 000000000 ____D C:\Program Files (x86)\Samsung 2022-10-12 16:20 - 2022-02-23 19:06 - 000251776 _____ C:\Windows\system32\SBuySupplies.exe 2022-10-12 16:20 - 2022-02-23 19:06 - 000184168 _____ C:\Windows\system32\us016ci.exe 2022-10-12 16:20 - 2022-02-23 19:06 - 000040744 _____ () C:\Windows\system32\us016lm.dll 2022-10-12 16:20 - 2022-02-23 19:05 - 000106776 _____ (SS) C:\Windows\system32\us016ci.dll 2022-10-12 16:20 - 2018-06-24 10:38 - 002095688 ____N C:\Windows\SysWOW64\DlgSearchEngine.dll 2022-10-12 16:20 - 2016-08-10 04:07 - 002847744 ____N C:\Windows\system32\DlgSearchEngine.dll 2022-10-12 16:14 - 2022-10-12 16:40 - 000000000 ____D C:\Program Files (x86)\RocketDock 2022-10-12 16:14 - 2022-10-12 16:14 - 000000000 ____D C:\Windows\Firmware 2022-10-12 16:14 - 2022-10-12 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock 2022-10-12 16:12 - 2022-10-12 16:12 - 000351124 _____ C:\Windows\system32\perfi00C.dat 2022-10-12 16:12 - 2022-10-12 16:12 - 000040728 _____ C:\Windows\system32\perfd00C.dat 2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\SysWOW64\fr 2022-10-12 16:12 - 2022-10-12 16:12 - 000000000 ____D C:\Windows\system32\fr 2022-10-12 16:10 - 2022-10-12 16:40 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder 2022-10-12 16:07 - 2022-10-12 16:07 - 000019968 _____ C:\Windows\system32\SppExtComObjHook.dll 2022-10-12 16:07 - 2022-10-12 16:07 - 000000000 ____D C:\Windows\system32\Tasks\R@1n 2022-10-12 16:07 - 2022-10-12 16:07 - 000000000 ____D C:\Users\Admin\AppData\Local\mpress 2022-10-12 16:04 - 2022-10-12 16:12 - 000000000 ____D C:\Program Files\Microsoft Office 2022-10-12 16:04 - 2022-10-12 16:04 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2022-10-12 16:04 - 2022-10-12 16:04 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2022-10-12 16:04 - 2022-10-12 16:04 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Users\FC Portables 2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Program Files\Microsoft Office 15 2022-10-12 16:04 - 2022-10-12 16:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2022-10-12 16:03 - 2022-10-30 01:02 - 000000000 ____D C:\ProgramData\Logishrd 2022-10-12 16:03 - 2022-10-23 12:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd 2022-10-12 16:03 - 2022-10-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2022-10-12 16:03 - 2022-10-12 16:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CEF 2022-10-12 16:03 - 2022-10-12 16:03 - 000000000 ____D C:\Program Files\Logi 2022-10-12 16:02 - 2022-10-30 04:10 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-12 16:02 - 2022-10-12 16:56 - 000000000 ____D C:\Program Files\Intel 2022-10-12 16:02 - 2022-10-12 16:04 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA 2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Windows\CSC 2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2022-10-12 16:02 - 2022-10-12 16:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-10-12 16:02 - 2022-07-19 17:26 - 000000936 ____N C:\Windows\system32\SetupBD.din 2022-10-12 16:02 - 2021-06-07 19:27 - 000433912 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe 2022-10-12 16:01 - 2022-10-12 16:01 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR 2022-10-12 16:01 - 2022-10-12 16:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-10-12 15:58 - 2022-10-12 15:59 - 000000000 ____D C:\Program Files\WinRAR 2022-10-12 15:58 - 2022-10-12 15:58 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-10-12 15:58 - 2022-10-12 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-10-12 15:56 - 2022-10-12 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2022-10-12 15:56 - 2022-10-12 15:56 - 000000000 ____D C:\Program Files\7-Zip 2022-10-12 15:52 - 2022-10-12 15:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2022-10-11 22:10 - 2022-10-11 22:10 - 000000000 ____D C:\ProgramData\WinaeroTweaker 2022-10-11 22:07 - 2022-10-30 04:15 - 001803994 _____ C:\Windows\system32\PerfStringBackup.INI 2022-10-11 22:03 - 2022-10-30 04:34 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache 2022-10-11 22:03 - 2022-10-30 03:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe 2022-10-11 22:03 - 2022-10-30 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages 2022-10-11 22:03 - 2022-10-12 16:54 - 000000000 ____D C:\Users\Admin 2022-10-11 22:03 - 2022-10-12 16:02 - 000000000 ____D C:\ProgramData\Packages 2022-10-11 22:03 - 2022-10-11 22:03 - 000000020 ___SH C:\Users\Admin\ntuser.ini 2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 _SHDL C:\Documents and Settings 2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-10-11 22:03 - 2022-10-11 22:03 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform 2022-10-11 22:03 - 2022-05-06 22:19 - 000001281 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2022-10-11 22:03 - 2022-05-06 22:19 - 000000407 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2022-10-11 22:02 - 2022-10-30 04:10 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-10-11 22:02 - 2022-10-11 22:02 - 000000000 ____D C:\Windows\system32\Drivers\wd 2022-10-11 22:02 - 2022-10-11 22:02 - 000000000 ____D C:\Windows\system32\config\BFS 2022-10-11 22:01 - 2022-10-30 04:26 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-10-11 22:01 - 2022-10-11 22:01 - 000000000 ____D C:\Windows\ServiceProfiles 2022-10-11 21:59 - 2022-10-11 21:59 - 000000000 ____D C:\Users\Admin\AppData\Local\PeerDistRepub 2022-10-11 21:49 - 2022-10-11 21:50 - 000000180 _____ C:\Users\Admin\Documents\systemtransparency.ini 2022-10-11 21:49 - 2022-10-11 21:49 - 000000000 ____D C:\Program Files (x86)\Clear 2022-10-11 17:56 - 2022-10-30 04:10 - 100925440 _____ C:\Windows\system32\config\SOFTWARE 2022-10-11 17:56 - 2022-10-30 04:10 - 014942208 _____ C:\Windows\system32\config\SYSTEM 2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files\MSBuild 2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-10-11 17:53 - 2022-10-11 17:53 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-10-11 17:52 - 2022-10-11 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools 2022-10-11 17:52 - 2022-10-11 21:35 - 000000000 ____D C:\ProgramData\PhoenixOS 2022-10-11 17:52 - 2022-04-12 13:57 - 000043254 _____ C:\Windows\system32\OEM.bmp 2022-10-11 17:45 - 2022-10-11 17:45 - 002088728 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll 2022-10-11 17:45 - 2022-10-11 17:45 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe 2022-10-11 17:45 - 2022-10-11 17:45 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe 2022-10-11 17:45 - 2022-10-11 17:45 - 000180224 _____ C:\Windows\system32\stordiag.exe 2022-10-11 17:45 - 2022-10-11 17:45 - 000157008 _____ C:\Windows\system32\HvsiManagementApi.dll 2022-10-11 17:45 - 2022-10-11 17:45 - 000133120 _____ C:\Windows\SysWOW64\stordiag.exe 2022-10-11 17:45 - 2022-10-11 17:45 - 000105312 _____ C:\Windows\SysWOW64\HvsiManagementApi.dll 2022-10-11 17:45 - 2022-10-11 17:45 - 000098304 _____ C:\Windows\system32\dplcsp.dll 2022-10-11 17:45 - 2022-10-11 17:45 - 000055144 _____ C:\Windows\system32\SFAPE.dll 2022-10-11 17:45 - 2022-10-11 17:45 - 000046888 _____ C:\Windows\system32\wow64base.dll 2022-10-11 17:44 - 2022-10-11 17:44 - 002575632 _____ (The ICU Project) C:\Windows\system32\icu.dll 2022-10-11 17:44 - 2022-10-11 17:44 - 000327680 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2022-10-11 17:44 - 2022-10-11 17:44 - 000296448 _____ C:\Windows\system32\CloudIdWxhExtension.dll 2022-10-11 17:44 - 2022-10-11 17:44 - 000192512 _____ C:\Windows\system32\CloudExperienceHostRedirection.dll 2022-10-11 15:23 - 2022-10-30 01:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-10-11 15:23 - 2022-10-12 16:12 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2022-10-11 15:23 - 2022-10-11 17:48 - 000000000 ___SD C:\Windows\system32\AppV 2022-10-11 15:23 - 2022-10-11 15:23 - 000000000 ____D C:\Windows\RemotePackages 2022-10-11 15:23 - 2022-10-11 15:23 - 000000000 ____D C:\Windows\InboxApps 2022-10-11 15:23 - 2022-05-06 22:21 - 000024935 _____ C:\Windows\Professional.xml ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-10-30 05:05 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemTemp 2022-10-30 05:05 - 2022-05-06 22:22 - 000000000 ____D C:\Windows\INF 2022-10-30 04:29 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-30 04:27 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\System 2022-10-30 04:27 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2022-10-30 04:10 - 2022-05-06 22:17 - 000131072 _____ C:\Windows\system32\config\BBI 2022-10-30 04:09 - 2022-05-06 22:24 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-30 04:09 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\AppReadiness 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\UUS 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\InputMethod 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\IME 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemResources 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SystemApps 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinMetadata 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Sgrm 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\InputMethod 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\IME 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\DDFs 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ShellExperiences 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ShellComponents 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Performance 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\IME 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\bcastdvr 2022-10-30 01:11 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\appcompat 2022-10-30 01:10 - 2022-05-06 22:17 - 000000000 ____D C:\Windows\CbsTemp 2022-10-30 01:08 - 2022-05-06 22:17 - 000000000 ____D C:\Windows\servicing 2022-10-12 17:04 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Help 2022-10-12 16:52 - 2022-05-06 22:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2022-10-12 16:42 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-10-12 16:12 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2022-10-12 16:12 - 2022-05-06 23:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\winrm 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\WCN 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\slmgr 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\winrm 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\WCN 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\slmgr 2022-10-12 16:12 - 2022-05-06 23:01 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\SysWOW64\F12 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\F12 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\dsc 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\oobe 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\MUI 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\Com 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Sysprep 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\oobe 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\MUI 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\migwiz 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Dism 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\Com 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\OCR 2022-10-12 16:12 - 2022-05-06 22:24 - 000000000 ____D C:\Program Files\Windows Defender 2022-10-12 16:02 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\spool 2022-10-12 15:54 - 2022-05-06 22:28 - 000000000 ____D C:\Windows\Setup 2022-10-11 22:17 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\USOPrivate 2022-10-11 22:06 - 2022-05-06 22:24 - 000000000 ___RD C:\Windows\PrintDialog 2022-10-11 22:03 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2022-10-11 22:02 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\ServiceState 2022-10-11 22:02 - 2022-05-06 22:17 - 000032768 _____ C:\Windows\system32\config\ELAM 2022-10-11 17:56 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\InputMethod 2022-10-11 17:56 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Cursors 2022-10-11 17:55 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Resources 2022-10-11 17:52 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Web 2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ___SD C:\Windows\system32\UNP 2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\SysWOW64\setup 2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\ShellExperiences 2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\system32\setup 2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Provisioning 2022-10-11 17:48 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\Globalization 2022-10-11 15:23 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\security 2022-10-11 15:23 - 2022-05-06 22:24 - 000000000 ____D C:\Windows\schemas ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================