Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2021
Ran by Ceni_Pc_Formation (administrator) on FORMALT (HP HP 250 G5 Notebook PC) (30-05-2021 12:14:52)
Running from C:\Users\Ceni_Pc_Formation\Desktop
Loaded Profiles: Ceni_Pc_Formation & MSSQLFDLauncher$EXAUCEMOKILI & MSSQL$EXAUCEMOKILI & SQLAgent$EXAUCEMOKILI & MsDtsServer120 & ReportServer$EXAUCEMOKILI & MSOLAP$EXAUCEMOKILI
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] [File is in use] C:\boots\syswin.exe <2>
() [File not signed] C:\Program Files\Wondershare\Wondershare dr.fone\Addins\SocialApps\ElevationService.exe
() [File not signed] C:\xampp\mysql\bin\mysqld.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files\FoxitReaderUpdateService.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.EXAUCEMOKILI\OLAP\bin\msmdsrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.EXAUCEMOKILI\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files\Intel\Bluetooth\obexsrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroApp.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroProtection.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.231\WsAppService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\Wondershare dr.fone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files\Intel\Bluetooth\btmshellex.dll [7256040 2015-12-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [298776 2016-02-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7827712 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [418952 2016-02-10] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [0 2021-05-24] ()
HKLM\...\Run: [Restoro] => C:\Program Files\Restoro\bin\RestoroApp.exe [448984 2021-03-24] (Restoro Ltd -> Restoro)
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\Run: [syswin] => C:\boots\syswin.exe [4730812 2021-05-24] () [File not signed] [File is in use]
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: E - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {2e1b57ef-6371-11ea-9079-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {64ff9cd1-afe2-11eb-a20a-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {942a1ca3-07d5-11ea-9740-84ef18cf2159} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {95a074d4-5d9b-11eb-aaeb-84ef18cf2159} - F:\Setup.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {bf287494-eb49-11e9-b841-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {d6effa33-e069-11e9-b2fd-84ef18cf2159} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {d8fe3e4d-e784-11e9-bfa0-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKLM\...\Windows NT x86\Print Processors\HP2030PrintProc: C:\Windows\System32\spool\prtprocs\W32X86\HP2030PP.DLL [59904 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP2030LM: C:\Windows\system32\HP2030LM.DLL [155648 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor India Private Limited.)
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\90.1.24.86\Installer\chrmstp.exe [2021-05-24] ()
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2398C3F9-D0D8-45AF-B3C8-23B75950C367} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [0 2021-05-24] ()
Task: {3C76DF90-352C-4F71-8886-72E996765C69} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] ()
Task: {3F2D08EF-EA62-4ACF-82DA-0604D26F73F3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [0 2021-05-24] ()
Task: {4ECE2984-F87D-4E61-B0ED-04055D61D202} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [0 2021-05-24] ()
Task: {5F2D1691-D90C-4A0B-B793-DC574F214F04} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [0 2021-05-24] ()
Task: {6115AAA3-19E4-4495-96E3-FB9E9044075D} - System32\Tasks\{A40507CB-2509-4CBE-AFBB-C8CAD2AADE5B} => C:\Windows\system32\pcalua.exe -a C:\Users\Ceni_Pc_Formation\Desktop\setup\EaInstallerMT5.exe -d C:\Users\Ceni_Pc_Formation\Desktop\setup
Task: {72E3AAE3-4D76-4036-B486-EED5995FE816} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [0 2021-05-24] ()
Task: {7C132932-C9CD-4D4E-B0EE-5B1CDC0951DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [0 2021-05-24] ()
Task: {83C5508A-BBE6-4C32-B3BB-8CF4EC87D063} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [0 2021-05-24] ()
Task: {91B46B9D-BB26-48B5-9ED9-1799ECFDE28F} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [0 2021-05-24] ()
Task: {9FB07DD3-00B9-4062-9369-E4425EBF008E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] ()
Task: {A1241EEC-89C7-4FD1-8BD4-19342E414B25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [0 2021-05-24] ()
Task: {B51A9082-B37E-43DC-9417-58A573A734BC} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] ()
Task: {CF3C4DEE-2E77-453B-BB66-5A3A46004F04} - System32\Tasks\AdobeAAMUpdater-1.0-FORMALT-Ceni_Pc_Formation => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {DD1176E9-C68D-4935-B445-2E18394A2AC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] ()
Task: {E7D5819F-7349-4949-8A63-14FEC0D350AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [0 2021-05-24] ()
Task: {FC08DAFD-CF58-4BEE-A0BD-3F13CCDA0FC1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FORMALT-Ceni_Pc_Formation Formalt.unicef.org => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [0 2021-05-24] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{154E9218-AF47-4BA8-9526-0009771E8727}: [DhcpNameServer] 192.168.117.1
Tcpip\..\Interfaces\{8D4B2E9E-AA25-4A87-9D39-785A0CA3092C}: [DhcpNameServer] 192.168.43.1
FireFox:
========
FF DefaultProfile: k9qjby1t.default
FF ProfilePath: C:\Users\Ceni_Pc_Formation\AppData\Roaming\Mozilla\Firefox\Profiles\k9qjby1t.default [2021-05-26]
FF Extension: (Baidu Search Update) - C:\Users\Ceni_Pc_Formation\AppData\Roaming\Mozilla\Firefox\Profiles\k9qjby1t.default\features\{35336c60-d758-41ef-bfdc-48b2a37fc9c5}\baidu-code-update@mozillaonline.com.xpi [2019-05-26]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2019-10-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2019-10-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default [2021-05-28]
CHR Notifications: Default -> hxxps://http5000.pushcrew.com; hxxps://mail.google.com
CHR Extension: (Slides) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-18]
CHR Extension: (Docs) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-18]
CHR Extension: (Google Drive) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (Skrill, des paiements en ligne sûrs et rapides) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhliccpddllpbegbbidgcohaacpedch [2020-12-06]
CHR Extension: (YouTube) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-18]
CHR Extension: (Sheets) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-12]
CHR Extension: (Earth in Space) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiihlpikmpijdopbaegjibndhpgjmjfe [2020-02-18]
CHR Extension: (TradingView - Analyze Your Chart) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnogfeejigcaanajpgggkdaijilpgjgl [2020-10-15]
CHR Extension: (Office) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2021-04-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-27]
Opera:
=======
OPR Profile: C:\Users\Ceni_Pc_Formation\AppData\Roaming\Opera Software\Opera Stable [2020-07-01]
Brave:
=======
BRA Profile: C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-04-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-04-14]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-04-14]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-04-14]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-04-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-04-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S4 aspnet_state; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 Bluetooth Device Monitor; C:\Program Files\Intel\Bluetooth\devmonsrv.exe [1198120 2015-10-15] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R2 Bluetooth Media Service; C:\Program Files\Intel\Bluetooth\mediasrv.exe [1722408 2015-10-28] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R2 Bluetooth OBEX Service; C:\Program Files\Intel\Bluetooth\obexsrv.exe [1161256 2015-10-15] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S2 brave; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 bravem; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 ElevationService; C:\Program Files\Wondershare\Wondershare dr.fone\Addins\SocialApps\ElevationService.exe [913408 2020-07-31] () [File not signed]
R2 esifsvc; C:\Windows\system32\esif_uf.exe [1228440 2016-03-05] (Intel(R) Software -> Intel Corporation)
R2 FoxitReaderUpdateService; C:\Program Files\FoxitReaderUpdateService.exe [2356800 2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\91.0.4472.77\elevation_service.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
S2 iBtSiva; C:\Program Files\Intel\Bluetooth\ibtsiva.exe [0 2021-05-29] () <==== ATTENTION (zero byte File/Folder)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [292240 2015-12-03] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 jhi_service; C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [217280 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\fdlauncher.exe [44224 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
U2 mysql; C:\xampp\mysql\bin\mysqld.exe [8186368 2012-07-20] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 ReportServer$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSRS12.EXAUCEMOKILI\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2030272 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 RestoroActiveProtection; C:\Program Files\Restoro\bin\RestoroProtection.exe [7460880 2021-02-07] (Restoro Ltd -> Restoro)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [268032 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 SQL Server Distributed Replay Client; C:\Program Files\Microsoft SQL Server\120\Tools\DReplayClient\DReplayClient.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 SQL Server Distributed Replay Controller; C:\Program Files\Microsoft SQL Server\120\Tools\DReplayController\DReplayController.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 SQLAgent$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-10-16] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files\Wondershare\Wondershare dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2017-10-25] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3041184 2016-02-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S2 Apache2.4; "C:\xampp\apache\bin\httpd.exe" -k runservice [X]
S2 FileZillaServer; "C:\xampp\filezillaftp\filezillaserver.exe" [X]
R2 MSOLAP$EXAUCEMOKILI; "C:\Program Files\Microsoft SQL Server\MSAS12.EXAUCEMOKILI\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS12.EXAUCEMOKILI\OLAP\Config"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [72168 2015-10-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [116200 2015-10-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1204712 2015-10-16] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [113008 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\Windows\System32\DRIVERS\dptf_acpi.sys [50152 2016-03-05] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\DRIVERS\dptf_cpu.sys [47080 2016-03-05] (Intel(R) Software -> Intel Corporation)
R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [18632 2015-11-22] (Polyclef Software -> Mobile Stream)
R3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [227816 2016-03-05] (Intel(R) Software -> Intel Corporation)
S3 H2OFFT; C:\Windows\System32\DRIVERS\H2OFFT32.sys [62904 2017-11-03] (Insyde Software Corp. -> Insyde Software)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [28176 2019-04-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [335120 2016-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxLP; C:\Windows\System32\DRIVERS\igdkmd32lp.sys [3834296 2015-12-03] (Intel Corporation - pGFX -> Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [397040 2016-02-16] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [817904 2016-02-16] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn04.sys [2740488 2016-02-27] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [205504 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [302808 2016-02-25] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [123952 2016-02-10] (Power Software Limited -> Power Software Ltd)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [148328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TXEI; C:\Windows\System32\DRIVERS\TXEI.sys [130832 2015-10-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-30 12:14 - 2021-05-30 12:20 - 000031421 _____ C:\Users\Ceni_Pc_Formation\Desktop\FRST.txt
2021-05-30 12:11 - 2021-05-30 12:18 - 000000000 ____D C:\FRST
2021-05-30 12:10 - 2021-05-30 12:09 - 002012672 _____ (Farbar) C:\Users\Ceni_Pc_Formation\Desktop\FRST.exe
2021-05-28 15:33 - 2021-05-28 15:33 - 617545728 _____ C:\Users\Ceni_Pc_Formation\Desktop\windows-10-iso-64-bits_octobre-2020-update-20h2_fr_431147.iso
2021-05-28 15:14 - 2021-05-28 15:14 - 000157088 _____ C:\Windows\Minidump\052821-35687-01.dmp
2021-05-26 07:56 - 2021-05-30 12:09 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\rufus-3-14.exe
2021-05-26 07:40 - 2021-05-30 03:39 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\rufus-3.11.exe
2021-05-26 07:03 - 2021-05-26 07:48 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\ChromeSetup.exe
2021-05-26 03:43 - 2021-05-26 03:48 - 000000000 ____D C:\dc03467af4e20685ebbda2e1d8
2021-05-25 08:30 - 2021-05-25 14:17 - 000000000 _____ C:\Windows\system32\MRT-KB890830.exe
2021-05-25 08:28 - 2021-05-25 08:30 - 000000000 ____D C:\41d9d86beb33d1428ac6
2021-05-25 08:09 - 2021-05-25 08:09 - 000131594 _____ C:\Users\Ceni_Pc_Formation\Desktop\INVITATION 2.pdf
2021-05-25 08:07 - 2021-05-25 08:07 - 000132028 _____ C:\Users\Ceni_Pc_Formation\Desktop\invitation 1.pdf
2021-05-24 15:23 - 2021-05-24 15:23 - 000000000 ___HD C:\boots
2021-05-22 06:36 - 2021-05-22 06:37 - 000074073 _____ C:\Users\Ceni_Pc_Formation\Desktop\LCE740500394_auth_letter.pdf
2021-05-22 06:24 - 2021-05-25 17:23 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\LocalLow\BitTorrent
2021-05-20 16:48 - 2021-04-22 19:32 - 000080834 ____H C:\Users\Ceni_Pc_Formation\Desktop\~WRL3800.tmp
2021-05-19 11:20 - 2021-05-19 11:20 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\TeamViewer
2021-05-19 11:14 - 2021-05-19 11:14 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-05-19 11:14 - 2021-05-19 11:14 - 000000953 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-05-19 11:14 - 2021-05-19 11:14 - 000000953 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-05-19 11:14 - 2021-05-19 11:14 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\TeamViewer
2021-05-19 11:13 - 2021-05-29 01:38 - 000000000 ____D C:\Program Files\TeamViewer
2021-05-19 08:35 - 2021-05-19 08:35 - 000000162 ____H C:\Users\Ceni_Pc_Formation\Desktop\~$ ntonda 1 Nk.dot
2021-05-13 17:21 - 2021-05-13 17:21 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\PacketTracer7
2021-05-13 17:14 - 2021-05-13 17:21 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Cisco Packet Tracer 7.2
2021-05-13 17:13 - 2021-05-13 17:13 - 000001151 _____ C:\Users\Ceni_Pc_Formation\Desktop\Cisco Packet Tracer.lnk
2021-05-13 17:13 - 2021-05-13 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
2021-05-13 17:11 - 2021-05-24 15:26 - 000000000 ____D C:\Program Files\Cisco Packet Tracer 7.2
2021-05-13 16:41 - 2021-05-24 11:55 - 000000388 _____ C:\Users\Ceni_Pc_Formation\.packettracer
2021-05-13 16:41 - 2021-05-13 16:43 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Cisco Packet Tracer 6.2sv
2021-05-10 17:39 - 2021-05-10 17:43 - 000000000 ____D C:\Lucifer Saison 2
2021-05-10 17:20 - 2021-05-10 17:21 - 000000000 ____D C:\Lucifer S1
2021-05-07 15:44 - 2021-05-10 12:22 - 000000145 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.prj
2021-05-07 15:44 - 2021-05-10 12:22 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.shx
2021-05-07 15:44 - 2021-05-10 12:22 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.shp
2021-05-07 15:44 - 2021-05-10 12:22 - 000000098 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.dbf
2021-05-07 15:33 - 2021-05-07 15:33 - 000000145 _____ C:\Users\Ceni_Pc_Formation\Documents\region.prj
2021-05-07 15:33 - 2021-05-07 15:33 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\region.shx
2021-05-07 15:33 - 2021-05-07 15:33 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\region.shp
2021-05-07 15:33 - 2021-05-07 15:33 - 000000066 _____ C:\Users\Ceni_Pc_Formation\Documents\region.dbf
2021-05-05 16:57 - 2021-05-02 13:51 - 011961746 _____ C:\Users\Ceni_Pc_Formation\Desktop\Free Word to Latex Converter _ Elsevier Template Handling_HIGH.mp4
2021-05-05 14:09 - 2021-05-05 14:09 - 000000194 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.dbf
2021-05-05 14:09 - 2021-05-05 14:09 - 000000145 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.prj
2021-05-05 14:09 - 2021-05-05 14:09 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.shx
2021-05-05 14:09 - 2021-05-05 14:09 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.shp
2021-05-05 13:00 - 2021-05-05 13:00 - 000001904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrindEQ Options.lnk
2021-05-05 13:00 - 2021-05-05 13:00 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\GrindEQ
2021-05-05 13:00 - 2021-05-05 13:00 - 000000000 ____D C:\ProgramData\GrindEQ
2021-05-05 12:59 - 2021-05-05 13:00 - 000000000 ____D C:\Program Files\GrindEQ
2021-05-04 09:15 - 2021-05-24 15:42 - 000000000 ____D C:\Program Files\Restoro
2021-05-04 09:15 - 2021-05-04 09:22 - 000000000 ____D C:\ProgramData\Restoro
2021-05-04 09:15 - 2021-05-04 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restoro
2021-05-04 09:15 - 2021-05-04 09:15 - 000001821 _____ C:\Users\Public\Desktop\Restoro.lnk
2021-05-04 09:15 - 2021-05-04 09:15 - 000001821 _____ C:\ProgramData\Desktop\Restoro.lnk
2021-05-04 09:10 - 2021-05-04 09:21 - 000000161 _____ C:\Windows\restoro.ini
2021-05-04 06:22 - 2021-05-04 06:22 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\GRASS7
2021-05-04 06:17 - 2021-05-04 06:17 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\QGIS
2021-05-04 06:15 - 2021-05-04 06:15 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\QGIS
2021-05-04 06:13 - 2021-05-04 06:13 - 000000000 ____D C:\Users\Public\Desktop\OSGeo4W
2021-05-04 06:13 - 2021-05-04 06:13 - 000000000 ____D C:\ProgramData\Desktop\OSGeo4W
2021-05-04 06:09 - 2021-05-04 06:09 - 000001529 _____ C:\Users\Public\Desktop\OpenEV.lnk
2021-05-04 06:09 - 2021-05-04 06:09 - 000001529 _____ C:\ProgramData\Desktop\OpenEV.lnk
2021-05-04 06:06 - 2021-05-04 06:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W
2021-04-30 18:36 - 2021-05-04 05:30 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\CF
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-30 12:14 - 2010-11-20 22:01 - 000989884 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-30 12:14 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2021-05-30 12:00 - 2009-07-14 05:34 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-30 12:00 - 2009-07-14 05:34 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-29 01:40 - 2019-07-21 16:01 - 000000000 __SHD C:\Users\Ceni_Pc_Formation\IntelGraphicsProfiles
2021-05-29 01:37 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-28 18:48 - 2019-09-23 11:32 - 000000000 _____ C:\Windows\system32\MRT.exe
2021-05-28 15:17 - 2019-10-01 16:15 - 000000000 ____D C:\Users\MSSQLFDLauncher$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-07 16:18 - 000000000 ____D C:\Users\SQLAgent$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-01 16:16 - 000000000 ____D C:\Users\ReportServer$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-01 16:16 - 000000000 ____D C:\Users\MSOLAP$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-01 16:16 - 000000000 ____D C:\Users\MsDtsServer120
2021-05-28 15:14 - 2019-10-01 16:15 - 000000000 ____D C:\Users\MSSQL$EXAUCEMOKILI
2021-05-28 15:14 - 2019-08-20 05:19 - 000000000 ____D C:\Windows\Minidump
2021-05-28 15:13 - 2020-10-15 16:01 - 339726199 _____ C:\Windows\MEMORY.DMP
2021-05-28 14:25 - 2019-09-23 11:33 - 000000000 ____D C:\Windows\system32\MRT
2021-05-26 07:05 - 2019-06-02 01:49 - 000003490 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-26 07:05 - 2019-06-02 01:49 - 000003362 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-25 18:20 - 2021-02-21 00:52 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Telegram Desktop
2021-05-25 18:20 - 2020-01-10 17:11 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\BitTorrent
2021-05-25 17:52 - 2019-10-01 14:50 - 000000000 ___RD C:\films
2021-05-25 17:48 - 2020-12-07 23:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-25 17:48 - 2020-12-07 23:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-25 14:36 - 2021-01-31 10:14 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\BitTorrentHelper
2021-05-25 08:12 - 2019-08-19 18:39 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\vlc
2021-05-24 15:55 - 2020-10-10 11:24 - 000000000 _____ C:\Windows\system32\HP2030SM.EXE
2021-05-24 15:55 - 2019-07-21 15:13 - 000000000 _____ C:\Windows\system32\IntelCpHeciSvc.exe
2021-05-24 15:55 - 2019-07-21 15:13 - 000000000 _____ C:\Windows\system32\igfxext.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\Gfxv4_0.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\Gfxv2_0.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\GfxUIEx.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\DPTopologyAppv2_0.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\DPTopologyApp.exe
2021-05-24 15:55 - 2019-06-02 02:14 - 000000000 _____ C:\Windows\system32\vmicsvc.exe
2021-05-24 15:55 - 2019-02-22 17:49 - 000000000 _____ C:\Windows\system32\MpSigStub.exe
2021-05-24 15:55 - 2013-10-05 02:38 - 000000000 _____ C:\Windows\system32\vsjitdebugger.exe
2021-05-24 15:55 - 2013-08-21 22:06 - 000000000 _____ C:\Windows\system32\appverif.exe
2021-05-24 15:55 - 2013-08-21 22:03 - 000000000 _____ C:\Windows\system32\microsoft.windows.softwarelogo.showdesktop.exe
2021-05-24 15:55 - 2013-08-21 22:03 - 000000000 _____ C:\Windows\system32\dxcpl.exe
2021-05-24 15:53 - 2021-04-14 10:37 - 000000000 ____D C:\Users\Public\Documents\Edrawsoft
2021-05-24 15:53 - 2021-04-14 10:37 - 000000000 ____D C:\ProgramData\Documents\Edrawsoft
2021-05-24 15:53 - 2021-03-17 09:34 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\VS 2013
2021-05-24 15:53 - 2020-11-16 14:16 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-05-24 15:53 - 2020-11-16 14:16 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2021-05-24 15:53 - 2019-11-10 16:55 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\setup.exe
2021-05-24 15:53 - 2019-10-01 13:59 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Documents\VMware Workstation Pro v12.1.1 + Key [www.TechTools.NET]
2021-05-24 15:53 - 2019-09-27 15:19 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Documents\whatsapp.viewer.txt
2021-05-24 15:53 - 2019-09-25 06:07 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Downloads\Telegram Desktop
2021-05-24 15:53 - 2019-09-24 17:22 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\tsetup.1.8.8.exe
2021-05-24 15:53 - 2019-07-21 14:32 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\win32_152824.exe
2021-05-24 15:53 - 2019-07-21 14:19 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\win64_152824.exe
2021-05-24 15:53 - 2019-07-08 18:30 - 000000000 _____ C:\Windows\pyw.exe
2021-05-24 15:53 - 2019-07-08 18:30 - 000000000 _____ C:\Windows\py.exe
2021-05-24 15:53 - 2019-05-26 01:46 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\ChromeSetup.exe
2021-05-24 15:53 - 2019-02-22 12:36 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Documents\My Received Files
2021-05-24 15:53 - 2019-02-22 11:01 - 000000000 ____D C:\Users\Ceni_Pc_Formation\pilote
2021-05-24 15:52 - 2020-12-24 09:41 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\keke M
2021-05-24 15:52 - 2019-10-01 14:49 - 000000000 ___RD C:\Users\Ceni_Pc_Formation\Desktop\setup
2021-05-24 15:51 - 2021-04-14 10:26 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\BraveBrowserSetup32-CLU884.exe
2021-05-24 15:51 - 2020-11-16 14:16 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\win-drfone_setup_full3360.exe
2021-05-24 15:51 - 2020-11-16 13:52 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\emsa_free.exe
2021-05-24 15:51 - 2020-10-21 10:31 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\setup-x86.exe
2021-05-24 15:51 - 2020-10-12 01:57 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\Canva Setup 1.9.0.exe
2021-05-24 15:51 - 2020-05-29 17:17 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\WhatsApp
2021-05-24 15:51 - 2020-05-05 02:04 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Binary.com
2021-05-24 15:51 - 2020-02-25 12:56 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\ZoomInstaller.exe
2021-05-24 15:48 - 2020-10-12 01:58 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\canva-updater
2021-05-24 15:48 - 2020-09-30 09:54 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\Figma
2021-05-24 15:48 - 2020-08-06 17:12 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\Discord
2021-05-24 15:47 - 2019-10-03 22:00 - 000000000 ___HD C:\Recycle.Bin
2021-05-24 15:46 - 2019-10-10 11:57 - 000000000 ____D C:\ProgramData\KMSAutoS
2021-05-24 15:43 - 2020-12-26 00:43 - 000000000 ____D C:\ProgramData\Anaconda3
2021-05-24 15:43 - 2019-02-22 19:17 - 000000000 ____D C:\Program Files\WinRAR
2021-05-24 15:42 - 2021-04-10 17:46 - 000000000 ____D C:\Program Files\Shell Extensions
2021-05-24 15:42 - 2021-03-31 16:51 - 000000000 ____D C:\Program Files\WinDirStat
2021-05-24 15:42 - 2020-08-06 15:22 - 000000000 ____D C:\Program Files\Traders Way MetaTrader 4
2021-05-24 15:42 - 2019-10-15 12:14 - 000000000 ____D C:\Program Files\Sublime Text 3
2021-05-24 15:42 - 2019-10-07 13:01 - 000000000 ____D C:\Program Files\NetBeans 8.2
2021-05-24 15:42 - 2019-10-03 15:46 - 000000000 ____D C:\Program Files\pl
2021-05-24 15:42 - 2019-10-02 06:17 - 000000000 ____D C:\Program Files\PowerISO
2021-05-24 15:41 - 2019-11-11 12:28 - 000000000 ____D C:\Program Files\Microsoft VS Code
2021-05-24 15:29 - 2021-03-17 11:19 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2021-05-24 15:28 - 2021-03-17 10:39 - 000000000 ____D C:\Program Files\IIS Express
2021-05-24 15:28 - 2021-03-17 10:10 - 000000000 ____D C:\Program Files\HTML Help Workshop
2021-05-24 15:28 - 2020-07-16 14:37 - 000000000 ____D C:\Program Files\FBS Trader 4
2021-05-24 15:28 - 2020-04-06 07:21 - 000000000 ____D C:\Program Files\Git
2021-05-24 15:28 - 2019-10-07 13:14 - 000000000 ____D C:\Program Files\glassfish-4.1.1
2021-05-24 15:27 - 2019-10-14 17:46 - 000000000 ____D C:\Program Files\EasyPHP-Devserver-17
2021-05-24 15:27 - 2019-02-22 13:33 - 000000000 ____D C:\Program Files\DriverToolkit
2021-05-24 15:26 - 2021-04-10 17:46 - 000000000 _____ C:\Program Files\SendCrashReport.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\unins000.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\TrackReview.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\ServiceMiniNotice.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\FoxitUpdater.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\FoxitReaderConnectedPDFService.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\FoxitReader.exe
2021-05-24 15:26 - 2020-09-07 12:35 - 000000000 ____D C:\Program Files\Bootstrap Studio
2021-05-24 15:26 - 2019-10-05 16:32 - 000000000 ____D C:\Program Files\ArgoUML
2021-05-24 15:26 - 2019-10-02 01:16 - 000000000 ____D C:\Program Files\CodeBlocks
2021-05-24 15:23 - 2019-11-13 07:51 - 000000000 _____ C:\debug.exe
2021-05-22 00:46 - 2019-11-11 12:32 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Code
2021-05-21 11:47 - 2021-04-14 10:35 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-05-21 11:47 - 2021-04-14 10:35 - 000002206 _____ C:\Users\Public\Desktop\Brave.lnk
2021-05-21 11:47 - 2021-04-14 10:35 - 000002206 _____ C:\ProgramData\Desktop\Brave.lnk
2021-05-20 23:03 - 2009-07-14 05:33 - 000443216 _____ C:\Windows\system32\FNTCACHE.DAT
2021-05-20 16:56 - 2019-02-22 15:22 - 000114672 _____ C:\Users\Ceni_Pc_Formation\AppData\Local\GDIPFONTCACHEV1.DAT
2021-05-15 16:11 - 2008-05-16 02:49 - 000005100 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for FORMALT-Ceni_Pc_Formation Formalt.unicef.org
2021-05-13 17:14 - 2019-02-21 17:19 - 000000000 ____D C:\Users\Ceni_Pc_Formation
2021-05-08 14:34 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2021-05-05 13:03 - 2019-02-22 15:38 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-04 12:04 - 2021-04-17 17:38 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\DIAG SYSML
2021-05-04 06:05 - 2021-04-27 19:22 - 000000000 ____D C:\OSGeo4W
2021-04-30 18:42 - 2019-02-22 19:30 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Foxit Software
==================== Files in the root of some directories ========
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-console-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-datetime-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-debug-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-errorhandling-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000021768 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-file-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-file-l1-2-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-file-l2-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-handle-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-heap-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-interlocked-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-libraryloader-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020744 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-localization-l1-2-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-memory-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-namedpipe-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-processenvironment-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-processthreads-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-processthreads-l1-1-1.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000017672 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-profile-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000017672 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-rtlsupport-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-string-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-synch-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-synch-l1-2-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-sysinfo-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-timezone-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-util-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000002560 _____ (Microsoft Corporation) C:\Program Files\API-MS-Win-core-xstate-l2-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-conio-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000022280 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-convert-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-environment-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-filesystem-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-heap-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-locale-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000028936 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-math-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000026376 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-multibyte-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000072968 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-private-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-process-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000022792 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000024328 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-stdio-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000024328 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-string-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020744 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-time-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-utility-l1-1-0.dll
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\FoxitReader.exe
2021-04-10 17:45 - 2021-03-19 01:47 - 000074588 _____ () C:\Program Files\FoxitReader.exe.man
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\FoxitReaderConnectedPDFService.exe
2021-04-10 17:45 - 2021-03-18 20:42 - 002356800 _____ (Foxit Software Inc.) C:\Program Files\FoxitReaderUpdateService.exe
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\FoxitUpdater.exe
2021-04-10 17:45 - 2021-03-18 20:41 - 002780736 _____ (Foxit Software Inc.) C:\Program Files\FPCSDK.dll
2021-04-10 17:45 - 2021-03-18 20:42 - 003671616 _____ (Foxit Software Inc.) C:\Program Files\FPCSDK64.dll
2021-04-10 17:46 - 2021-03-19 00:43 - 002154416 _____ (TODO: <公司名>) C:\Program Files\FXCUSTOM.dll
2021-04-10 17:45 - 2020-08-13 20:19 - 001036464 _____ (Foxit Software Inc.) C:\Program Files\fxLuceneLib.dll
2021-04-10 17:45 - 2021-03-19 00:44 - 010410272 _____ () C:\Program Files\icudtl.dat
2021-04-10 17:45 - 2021-03-19 00:44 - 000001478 _____ () C:\Program Files\legal.txt
2021-04-10 17:45 - 2021-03-18 20:41 - 002147392 _____ (Foxit Software Inc.) C:\Program Files\LocalService.dll
2021-04-10 17:45 - 2020-08-13 20:19 - 001982128 _____ (Foxit Software Inc.) C:\Program Files\lucene++-contrib.dll
2021-04-10 17:45 - 2020-08-13 20:19 - 007557296 _____ (Foxit Software Inc.) C:\Program Files\lucene++.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 005122704 _____ (Microsoft Corporation) C:\Program Files\mfc140u.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000092816 _____ (Microsoft Corporation) C:\Program Files\mfcm140u.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000457512 _____ (Microsoft Corporation) C:\Program Files\msvcp140.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000027076 _____ () C:\Program Files\notice.txt
2021-04-10 17:45 - 2021-03-19 00:44 - 000051888 _____ () C:\Program Files\opentracing.dll
2021-04-10 17:45 - 2021-03-19 00:44 - 000060080 _____ () C:\Program Files\opentracing64.dll
2021-04-10 17:46 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\SendCrashReport.exe
2021-04-10 17:45 - 2021-03-18 20:42 - 002786880 _____ (Foxit Corporation) C:\Program Files\Sensor.dll
2021-04-10 17:45 - 2021-03-18 20:43 - 003991616 _____ (Foxit Corporation) C:\Program Files\Sensor64.dll
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\ServiceMiniNotice.exe
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\TrackReview.exe
2021-04-10 17:45 - 2020-07-10 01:11 - 001172232 _____ (Microsoft Corporation) C:\Program Files\ucrtbase.dll
2021-04-10 17:45 - 2021-04-10 17:46 - 000215886 _____ () C:\Program Files\unins000.dat
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\unins000.exe
2021-04-10 17:46 - 2021-04-10 17:46 - 000022709 _____ () C:\Program Files\unins000.msg
2021-04-10 17:45 - 2021-04-10 17:47 - 000001082 _____ () C:\Program Files\UpdaterInfo.xml
2021-04-10 17:45 - 2020-07-10 01:11 - 000267592 _____ (Microsoft Corporation) C:\Program Files\vccorlib140.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000083784 _____ (Microsoft Corporation) C:\Program Files\vcruntime140.dll
2019-12-06 05:57 - 2019-12-06 05:57 - 000328916 _____ () C:\Users\Ceni_Pc_Formation\AppData\Roaming\Mepop
2019-11-11 00:57 - 2020-01-10 08:57 - 000000280 _____ () C:\Users\Ceni_Pc_Formation\AppData\Roaming\WB.CFG
2020-12-09 06:47 - 2020-12-09 06:47 - 000000000 _____ () C:\Users\Ceni_Pc_Formation\AppData\Local\oobelibMkey.log
2020-07-30 12:25 - 2020-07-30 12:25 - 000002772 _____ () C:\Users\Ceni_Pc_Formation\AppData\Local\recently-used.xbel
2021-01-09 08:40 - 2021-01-09 08:40 - 000000074 _____ () C:\Users\Ceni_Pc_Formation\AppData\Local\uts.ini
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\Windows\py.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\pyw.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\appverif.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\DPTopologyApp.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\DPTopologyAppv2_0.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\dxcpl.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\GfxUIEx.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\Gfxv2_0.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\Gfxv4_0.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\HP2030SM.EXE [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\igfxext.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\IntelCpHeciSvc.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\microsoft.windows.softwarelogo.showdesktop.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\MpSigStub.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\MRT-KB890830.exe [2021-05-25] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\MRT.exe [2021-05-28] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\vmicsvc.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\vsjitdebugger.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-05-28 17:01
==================== End of FRST.txt ========================
Ran by Ceni_Pc_Formation (administrator) on FORMALT (HP HP 250 G5 Notebook PC) (30-05-2021 12:14:52)
Running from C:\Users\Ceni_Pc_Formation\Desktop
Loaded Profiles: Ceni_Pc_Formation & MSSQLFDLauncher$EXAUCEMOKILI & MSSQL$EXAUCEMOKILI & SQLAgent$EXAUCEMOKILI & MsDtsServer120 & ReportServer$EXAUCEMOKILI & MSOLAP$EXAUCEMOKILI
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] [File is in use] C:\boots\syswin.exe <2>
() [File not signed] C:\Program Files\Wondershare\Wondershare dr.fone\Addins\SocialApps\ElevationService.exe
() [File not signed] C:\xampp\mysql\bin\mysqld.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files\FoxitReaderUpdateService.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS12.EXAUCEMOKILI\OLAP\bin\msmdsrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.EXAUCEMOKILI\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files\Intel\Bluetooth\obexsrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroApp.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroProtection.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.231\WsAppService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\Wondershare dr.fone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files\Intel\Bluetooth\btmshellex.dll [7256040 2015-12-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [298776 2016-02-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7827712 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [418952 2016-02-10] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [0 2021-05-24] ()
HKLM\...\Run: [Restoro] => C:\Program Files\Restoro\bin\RestoroApp.exe [448984 2021-03-24] (Restoro Ltd -> Restoro)
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\Run: [syswin] => C:\boots\syswin.exe [4730812 2021-05-24] () [File not signed] [File is in use]
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: E - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {2e1b57ef-6371-11ea-9079-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {64ff9cd1-afe2-11eb-a20a-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {942a1ca3-07d5-11ea-9740-84ef18cf2159} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {95a074d4-5d9b-11eb-aaeb-84ef18cf2159} - F:\Setup.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {bf287494-eb49-11e9-b841-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {d6effa33-e069-11e9-b2fd-84ef18cf2159} - »ªÎªÊÖ»úÖúÊÖ°²×°Ïòµ¼.exe
HKU\S-1-5-21-1370151667-2240441480-2472382858-1000\...\MountPoints2: {d8fe3e4d-e784-11e9-bfa0-84ef18cf2159} - F:\HiSuiteDownLoader.exe
HKLM\...\Windows NT x86\Print Processors\HP2030PrintProc: C:\Windows\System32\spool\prtprocs\W32X86\HP2030PP.DLL [59904 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP2030LM: C:\Windows\system32\HP2030LM.DLL [155648 2012-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor India Private Limited.)
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\90.1.24.86\Installer\chrmstp.exe [2021-05-24] ()
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2398C3F9-D0D8-45AF-B3C8-23B75950C367} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [0 2021-05-24] ()
Task: {3C76DF90-352C-4F71-8886-72E996765C69} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] ()
Task: {3F2D08EF-EA62-4ACF-82DA-0604D26F73F3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [0 2021-05-24] ()
Task: {4ECE2984-F87D-4E61-B0ED-04055D61D202} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [0 2021-05-24] ()
Task: {5F2D1691-D90C-4A0B-B793-DC574F214F04} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [0 2021-05-24] ()
Task: {6115AAA3-19E4-4495-96E3-FB9E9044075D} - System32\Tasks\{A40507CB-2509-4CBE-AFBB-C8CAD2AADE5B} => C:\Windows\system32\pcalua.exe -a C:\Users\Ceni_Pc_Formation\Desktop\setup\EaInstallerMT5.exe -d C:\Users\Ceni_Pc_Formation\Desktop\setup
Task: {72E3AAE3-4D76-4036-B486-EED5995FE816} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [0 2021-05-24] ()
Task: {7C132932-C9CD-4D4E-B0EE-5B1CDC0951DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [0 2021-05-24] ()
Task: {83C5508A-BBE6-4C32-B3BB-8CF4EC87D063} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [0 2021-05-24] ()
Task: {91B46B9D-BB26-48B5-9ED9-1799ECFDE28F} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [0 2021-05-24] ()
Task: {9FB07DD3-00B9-4062-9369-E4425EBF008E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] ()
Task: {A1241EEC-89C7-4FD1-8BD4-19342E414B25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [0 2021-05-24] ()
Task: {B51A9082-B37E-43DC-9417-58A573A734BC} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] ()
Task: {CF3C4DEE-2E77-453B-BB66-5A3A46004F04} - System32\Tasks\AdobeAAMUpdater-1.0-FORMALT-Ceni_Pc_Formation => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {DD1176E9-C68D-4935-B445-2E18394A2AC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] ()
Task: {E7D5819F-7349-4949-8A63-14FEC0D350AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [0 2021-05-24] ()
Task: {FC08DAFD-CF58-4BEE-A0BD-3F13CCDA0FC1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FORMALT-Ceni_Pc_Formation Formalt.unicef.org => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [0 2021-05-24] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{154E9218-AF47-4BA8-9526-0009771E8727}: [DhcpNameServer] 192.168.117.1
Tcpip\..\Interfaces\{8D4B2E9E-AA25-4A87-9D39-785A0CA3092C}: [DhcpNameServer] 192.168.43.1
FireFox:
========
FF DefaultProfile: k9qjby1t.default
FF ProfilePath: C:\Users\Ceni_Pc_Formation\AppData\Roaming\Mozilla\Firefox\Profiles\k9qjby1t.default [2021-05-26]
FF Extension: (Baidu Search Update) - C:\Users\Ceni_Pc_Formation\AppData\Roaming\Mozilla\Firefox\Profiles\k9qjby1t.default\features\{35336c60-d758-41ef-bfdc-48b2a37fc9c5}\baidu-code-update@mozillaonline.com.xpi [2019-05-26]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\plugins\npFoxitReaderPlugin.dll [2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2019-10-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2019-10-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default [2021-05-28]
CHR Notifications: Default -> hxxps://http5000.pushcrew.com; hxxps://mail.google.com
CHR Extension: (Slides) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-18]
CHR Extension: (Docs) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-18]
CHR Extension: (Google Drive) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (Skrill, des paiements en ligne sûrs et rapides) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhliccpddllpbegbbidgcohaacpedch [2020-12-06]
CHR Extension: (YouTube) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-18]
CHR Extension: (Sheets) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-12]
CHR Extension: (Earth in Space) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiihlpikmpijdopbaegjibndhpgjmjfe [2020-02-18]
CHR Extension: (TradingView - Analyze Your Chart) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnogfeejigcaanajpgggkdaijilpgjgl [2020-10-15]
CHR Extension: (Office) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2021-04-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Ceni_Pc_Formation\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-27]
Opera:
=======
OPR Profile: C:\Users\Ceni_Pc_Formation\AppData\Roaming\Opera Software\Opera Stable [2020-07-01]
Brave:
=======
BRA Profile: C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-04-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-04-14]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-04-14]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-04-14]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-04-22]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Ceni_Pc_Formation\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-04-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S4 aspnet_state; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 Bluetooth Device Monitor; C:\Program Files\Intel\Bluetooth\devmonsrv.exe [1198120 2015-10-15] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R2 Bluetooth Media Service; C:\Program Files\Intel\Bluetooth\mediasrv.exe [1722408 2015-10-28] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R2 Bluetooth OBEX Service; C:\Program Files\Intel\Bluetooth\obexsrv.exe [1161256 2015-10-15] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S2 brave; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 bravem; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 ElevationService; C:\Program Files\Wondershare\Wondershare dr.fone\Addins\SocialApps\ElevationService.exe [913408 2020-07-31] () [File not signed]
R2 esifsvc; C:\Windows\system32\esif_uf.exe [1228440 2016-03-05] (Intel(R) Software -> Intel Corporation)
R2 FoxitReaderUpdateService; C:\Program Files\FoxitReaderUpdateService.exe [2356800 2021-03-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\91.0.4472.77\elevation_service.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [0 2021-05-26] () <==== ATTENTION (zero byte File/Folder)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
S2 iBtSiva; C:\Program Files\Intel\Bluetooth\ibtsiva.exe [0 2021-05-29] () <==== ATTENTION (zero byte File/Folder)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [292240 2015-12-03] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 jhi_service; C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MsDtsServer120; C:\Program Files\Microsoft SQL Server\120\DTS\Binn\MsDtsSrvr.exe [217280 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\fdlauncher.exe [44224 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
U2 mysql; C:\xampp\mysql\bin\mysqld.exe [8186368 2012-07-20] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetMsmqActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 ReportServer$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSRS12.EXAUCEMOKILI\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2030272 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 RestoroActiveProtection; C:\Program Files\Restoro\bin\RestoroProtection.exe [7460880 2021-02-07] (Restoro Ltd -> Restoro)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [268032 2016-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 SQL Server Distributed Replay Client; C:\Program Files\Microsoft SQL Server\120\Tools\DReplayClient\DReplayClient.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 SQL Server Distributed Replay Controller; C:\Program Files\Microsoft SQL Server\120\Tools\DReplayController\DReplayController.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 SQLAgent$EXAUCEMOKILI; C:\Program Files\Microsoft SQL Server\MSSQL12.EXAUCEMOKILI\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [0 2021-05-24] () <==== ATTENTION (zero byte File/Folder)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-10-16] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files\Wondershare\Wondershare dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2017-10-25] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3041184 2016-02-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S2 Apache2.4; "C:\xampp\apache\bin\httpd.exe" -k runservice [X]
S2 FileZillaServer; "C:\xampp\filezillaftp\filezillaserver.exe" [X]
R2 MSOLAP$EXAUCEMOKILI; "C:\Program Files\Microsoft SQL Server\MSAS12.EXAUCEMOKILI\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS12.EXAUCEMOKILI\OLAP\Config"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [72168 2015-10-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [116200 2015-10-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1204712 2015-10-16] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [113008 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\Windows\System32\DRIVERS\dptf_acpi.sys [50152 2016-03-05] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\DRIVERS\dptf_cpu.sys [47080 2016-03-05] (Intel(R) Software -> Intel Corporation)
R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [18632 2015-11-22] (Polyclef Software -> Mobile Stream)
R3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [227816 2016-03-05] (Intel(R) Software -> Intel Corporation)
S3 H2OFFT; C:\Windows\System32\DRIVERS\H2OFFT32.sys [62904 2017-11-03] (Insyde Software Corp. -> Insyde Software)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [28176 2019-04-02] (LogMeIn, Inc. -> LogMeIn, Inc.)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [335120 2016-03-19] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxLP; C:\Windows\System32\DRIVERS\igdkmd32lp.sys [3834296 2015-12-03] (Intel Corporation - pGFX -> Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [397040 2016-02-16] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [817904 2016-02-16] (Intel Corporation - Client Components Group -> Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn04.sys [2740488 2016-02-27] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [205504 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [302808 2016-02-25] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [123952 2016-02-10] (Power Software Limited -> Power Software Ltd)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [148328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TXEI; C:\Windows\System32\DRIVERS\TXEI.sys [130832 2015-10-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-30 12:14 - 2021-05-30 12:20 - 000031421 _____ C:\Users\Ceni_Pc_Formation\Desktop\FRST.txt
2021-05-30 12:11 - 2021-05-30 12:18 - 000000000 ____D C:\FRST
2021-05-30 12:10 - 2021-05-30 12:09 - 002012672 _____ (Farbar) C:\Users\Ceni_Pc_Formation\Desktop\FRST.exe
2021-05-28 15:33 - 2021-05-28 15:33 - 617545728 _____ C:\Users\Ceni_Pc_Formation\Desktop\windows-10-iso-64-bits_octobre-2020-update-20h2_fr_431147.iso
2021-05-28 15:14 - 2021-05-28 15:14 - 000157088 _____ C:\Windows\Minidump\052821-35687-01.dmp
2021-05-26 07:56 - 2021-05-30 12:09 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\rufus-3-14.exe
2021-05-26 07:40 - 2021-05-30 03:39 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\rufus-3.11.exe
2021-05-26 07:03 - 2021-05-26 07:48 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\ChromeSetup.exe
2021-05-26 03:43 - 2021-05-26 03:48 - 000000000 ____D C:\dc03467af4e20685ebbda2e1d8
2021-05-25 08:30 - 2021-05-25 14:17 - 000000000 _____ C:\Windows\system32\MRT-KB890830.exe
2021-05-25 08:28 - 2021-05-25 08:30 - 000000000 ____D C:\41d9d86beb33d1428ac6
2021-05-25 08:09 - 2021-05-25 08:09 - 000131594 _____ C:\Users\Ceni_Pc_Formation\Desktop\INVITATION 2.pdf
2021-05-25 08:07 - 2021-05-25 08:07 - 000132028 _____ C:\Users\Ceni_Pc_Formation\Desktop\invitation 1.pdf
2021-05-24 15:23 - 2021-05-24 15:23 - 000000000 ___HD C:\boots
2021-05-22 06:36 - 2021-05-22 06:37 - 000074073 _____ C:\Users\Ceni_Pc_Formation\Desktop\LCE740500394_auth_letter.pdf
2021-05-22 06:24 - 2021-05-25 17:23 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\LocalLow\BitTorrent
2021-05-20 16:48 - 2021-04-22 19:32 - 000080834 ____H C:\Users\Ceni_Pc_Formation\Desktop\~WRL3800.tmp
2021-05-19 11:20 - 2021-05-19 11:20 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\TeamViewer
2021-05-19 11:14 - 2021-05-19 11:14 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-05-19 11:14 - 2021-05-19 11:14 - 000000953 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-05-19 11:14 - 2021-05-19 11:14 - 000000953 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-05-19 11:14 - 2021-05-19 11:14 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\TeamViewer
2021-05-19 11:13 - 2021-05-29 01:38 - 000000000 ____D C:\Program Files\TeamViewer
2021-05-19 08:35 - 2021-05-19 08:35 - 000000162 ____H C:\Users\Ceni_Pc_Formation\Desktop\~$ ntonda 1 Nk.dot
2021-05-13 17:21 - 2021-05-13 17:21 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\PacketTracer7
2021-05-13 17:14 - 2021-05-13 17:21 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Cisco Packet Tracer 7.2
2021-05-13 17:13 - 2021-05-13 17:13 - 000001151 _____ C:\Users\Ceni_Pc_Formation\Desktop\Cisco Packet Tracer.lnk
2021-05-13 17:13 - 2021-05-13 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
2021-05-13 17:11 - 2021-05-24 15:26 - 000000000 ____D C:\Program Files\Cisco Packet Tracer 7.2
2021-05-13 16:41 - 2021-05-24 11:55 - 000000388 _____ C:\Users\Ceni_Pc_Formation\.packettracer
2021-05-13 16:41 - 2021-05-13 16:43 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Cisco Packet Tracer 6.2sv
2021-05-10 17:39 - 2021-05-10 17:43 - 000000000 ____D C:\Lucifer Saison 2
2021-05-10 17:20 - 2021-05-10 17:21 - 000000000 ____D C:\Lucifer S1
2021-05-07 15:44 - 2021-05-10 12:22 - 000000145 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.prj
2021-05-07 15:44 - 2021-05-10 12:22 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.shx
2021-05-07 15:44 - 2021-05-10 12:22 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.shp
2021-05-07 15:44 - 2021-05-10 12:22 - 000000098 _____ C:\Users\Ceni_Pc_Formation\Documents\idvd.dbf
2021-05-07 15:33 - 2021-05-07 15:33 - 000000145 _____ C:\Users\Ceni_Pc_Formation\Documents\region.prj
2021-05-07 15:33 - 2021-05-07 15:33 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\region.shx
2021-05-07 15:33 - 2021-05-07 15:33 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\region.shp
2021-05-07 15:33 - 2021-05-07 15:33 - 000000066 _____ C:\Users\Ceni_Pc_Formation\Documents\region.dbf
2021-05-05 16:57 - 2021-05-02 13:51 - 011961746 _____ C:\Users\Ceni_Pc_Formation\Desktop\Free Word to Latex Converter _ Elsevier Template Handling_HIGH.mp4
2021-05-05 14:09 - 2021-05-05 14:09 - 000000194 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.dbf
2021-05-05 14:09 - 2021-05-05 14:09 - 000000145 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.prj
2021-05-05 14:09 - 2021-05-05 14:09 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.shx
2021-05-05 14:09 - 2021-05-05 14:09 - 000000100 _____ C:\Users\Ceni_Pc_Formation\Documents\Lui.shp
2021-05-05 13:00 - 2021-05-05 13:00 - 000001904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrindEQ Options.lnk
2021-05-05 13:00 - 2021-05-05 13:00 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\GrindEQ
2021-05-05 13:00 - 2021-05-05 13:00 - 000000000 ____D C:\ProgramData\GrindEQ
2021-05-05 12:59 - 2021-05-05 13:00 - 000000000 ____D C:\Program Files\GrindEQ
2021-05-04 09:15 - 2021-05-24 15:42 - 000000000 ____D C:\Program Files\Restoro
2021-05-04 09:15 - 2021-05-04 09:22 - 000000000 ____D C:\ProgramData\Restoro
2021-05-04 09:15 - 2021-05-04 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restoro
2021-05-04 09:15 - 2021-05-04 09:15 - 000001821 _____ C:\Users\Public\Desktop\Restoro.lnk
2021-05-04 09:15 - 2021-05-04 09:15 - 000001821 _____ C:\ProgramData\Desktop\Restoro.lnk
2021-05-04 09:10 - 2021-05-04 09:21 - 000000161 _____ C:\Windows\restoro.ini
2021-05-04 06:22 - 2021-05-04 06:22 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\GRASS7
2021-05-04 06:17 - 2021-05-04 06:17 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\QGIS
2021-05-04 06:15 - 2021-05-04 06:15 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\QGIS
2021-05-04 06:13 - 2021-05-04 06:13 - 000000000 ____D C:\Users\Public\Desktop\OSGeo4W
2021-05-04 06:13 - 2021-05-04 06:13 - 000000000 ____D C:\ProgramData\Desktop\OSGeo4W
2021-05-04 06:09 - 2021-05-04 06:09 - 000001529 _____ C:\Users\Public\Desktop\OpenEV.lnk
2021-05-04 06:09 - 2021-05-04 06:09 - 000001529 _____ C:\ProgramData\Desktop\OpenEV.lnk
2021-05-04 06:06 - 2021-05-04 06:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSGeo4W
2021-04-30 18:36 - 2021-05-04 05:30 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\CF
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-30 12:14 - 2010-11-20 22:01 - 000989884 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-30 12:14 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2021-05-30 12:00 - 2009-07-14 05:34 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-30 12:00 - 2009-07-14 05:34 - 000035424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-29 01:40 - 2019-07-21 16:01 - 000000000 __SHD C:\Users\Ceni_Pc_Formation\IntelGraphicsProfiles
2021-05-29 01:37 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-28 18:48 - 2019-09-23 11:32 - 000000000 _____ C:\Windows\system32\MRT.exe
2021-05-28 15:17 - 2019-10-01 16:15 - 000000000 ____D C:\Users\MSSQLFDLauncher$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-07 16:18 - 000000000 ____D C:\Users\SQLAgent$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-01 16:16 - 000000000 ____D C:\Users\ReportServer$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-01 16:16 - 000000000 ____D C:\Users\MSOLAP$EXAUCEMOKILI
2021-05-28 15:14 - 2019-10-01 16:16 - 000000000 ____D C:\Users\MsDtsServer120
2021-05-28 15:14 - 2019-10-01 16:15 - 000000000 ____D C:\Users\MSSQL$EXAUCEMOKILI
2021-05-28 15:14 - 2019-08-20 05:19 - 000000000 ____D C:\Windows\Minidump
2021-05-28 15:13 - 2020-10-15 16:01 - 339726199 _____ C:\Windows\MEMORY.DMP
2021-05-28 14:25 - 2019-09-23 11:33 - 000000000 ____D C:\Windows\system32\MRT
2021-05-26 07:05 - 2019-06-02 01:49 - 000003490 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-26 07:05 - 2019-06-02 01:49 - 000003362 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-25 18:20 - 2021-02-21 00:52 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Telegram Desktop
2021-05-25 18:20 - 2020-01-10 17:11 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\BitTorrent
2021-05-25 17:52 - 2019-10-01 14:50 - 000000000 ___RD C:\films
2021-05-25 17:48 - 2020-12-07 23:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-25 17:48 - 2020-12-07 23:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-25 14:36 - 2021-01-31 10:14 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\BitTorrentHelper
2021-05-25 08:12 - 2019-08-19 18:39 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\vlc
2021-05-24 15:55 - 2020-10-10 11:24 - 000000000 _____ C:\Windows\system32\HP2030SM.EXE
2021-05-24 15:55 - 2019-07-21 15:13 - 000000000 _____ C:\Windows\system32\IntelCpHeciSvc.exe
2021-05-24 15:55 - 2019-07-21 15:13 - 000000000 _____ C:\Windows\system32\igfxext.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\Gfxv4_0.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\Gfxv2_0.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\GfxUIEx.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\DPTopologyAppv2_0.exe
2021-05-24 15:55 - 2019-07-21 15:12 - 000000000 _____ C:\Windows\system32\DPTopologyApp.exe
2021-05-24 15:55 - 2019-06-02 02:14 - 000000000 _____ C:\Windows\system32\vmicsvc.exe
2021-05-24 15:55 - 2019-02-22 17:49 - 000000000 _____ C:\Windows\system32\MpSigStub.exe
2021-05-24 15:55 - 2013-10-05 02:38 - 000000000 _____ C:\Windows\system32\vsjitdebugger.exe
2021-05-24 15:55 - 2013-08-21 22:06 - 000000000 _____ C:\Windows\system32\appverif.exe
2021-05-24 15:55 - 2013-08-21 22:03 - 000000000 _____ C:\Windows\system32\microsoft.windows.softwarelogo.showdesktop.exe
2021-05-24 15:55 - 2013-08-21 22:03 - 000000000 _____ C:\Windows\system32\dxcpl.exe
2021-05-24 15:53 - 2021-04-14 10:37 - 000000000 ____D C:\Users\Public\Documents\Edrawsoft
2021-05-24 15:53 - 2021-04-14 10:37 - 000000000 ____D C:\ProgramData\Documents\Edrawsoft
2021-05-24 15:53 - 2021-03-17 09:34 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\VS 2013
2021-05-24 15:53 - 2020-11-16 14:16 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-05-24 15:53 - 2020-11-16 14:16 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2021-05-24 15:53 - 2019-11-10 16:55 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\setup.exe
2021-05-24 15:53 - 2019-10-01 13:59 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Documents\VMware Workstation Pro v12.1.1 + Key [www.TechTools.NET]
2021-05-24 15:53 - 2019-09-27 15:19 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Documents\whatsapp.viewer.txt
2021-05-24 15:53 - 2019-09-25 06:07 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Downloads\Telegram Desktop
2021-05-24 15:53 - 2019-09-24 17:22 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\tsetup.1.8.8.exe
2021-05-24 15:53 - 2019-07-21 14:32 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\win32_152824.exe
2021-05-24 15:53 - 2019-07-21 14:19 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\win64_152824.exe
2021-05-24 15:53 - 2019-07-08 18:30 - 000000000 _____ C:\Windows\pyw.exe
2021-05-24 15:53 - 2019-07-08 18:30 - 000000000 _____ C:\Windows\py.exe
2021-05-24 15:53 - 2019-05-26 01:46 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Downloads\ChromeSetup.exe
2021-05-24 15:53 - 2019-02-22 12:36 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Documents\My Received Files
2021-05-24 15:53 - 2019-02-22 11:01 - 000000000 ____D C:\Users\Ceni_Pc_Formation\pilote
2021-05-24 15:52 - 2020-12-24 09:41 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\keke M
2021-05-24 15:52 - 2019-10-01 14:49 - 000000000 ___RD C:\Users\Ceni_Pc_Formation\Desktop\setup
2021-05-24 15:51 - 2021-04-14 10:26 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\BraveBrowserSetup32-CLU884.exe
2021-05-24 15:51 - 2020-11-16 14:16 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\win-drfone_setup_full3360.exe
2021-05-24 15:51 - 2020-11-16 13:52 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\emsa_free.exe
2021-05-24 15:51 - 2020-10-21 10:31 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\setup-x86.exe
2021-05-24 15:51 - 2020-10-12 01:57 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\Canva Setup 1.9.0.exe
2021-05-24 15:51 - 2020-05-29 17:17 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\WhatsApp
2021-05-24 15:51 - 2020-05-05 02:04 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Binary.com
2021-05-24 15:51 - 2020-02-25 12:56 - 000000000 _____ C:\Users\Ceni_Pc_Formation\Desktop\ZoomInstaller.exe
2021-05-24 15:48 - 2020-10-12 01:58 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\canva-updater
2021-05-24 15:48 - 2020-09-30 09:54 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\Figma
2021-05-24 15:48 - 2020-08-06 17:12 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Local\Discord
2021-05-24 15:47 - 2019-10-03 22:00 - 000000000 ___HD C:\Recycle.Bin
2021-05-24 15:46 - 2019-10-10 11:57 - 000000000 ____D C:\ProgramData\KMSAutoS
2021-05-24 15:43 - 2020-12-26 00:43 - 000000000 ____D C:\ProgramData\Anaconda3
2021-05-24 15:43 - 2019-02-22 19:17 - 000000000 ____D C:\Program Files\WinRAR
2021-05-24 15:42 - 2021-04-10 17:46 - 000000000 ____D C:\Program Files\Shell Extensions
2021-05-24 15:42 - 2021-03-31 16:51 - 000000000 ____D C:\Program Files\WinDirStat
2021-05-24 15:42 - 2020-08-06 15:22 - 000000000 ____D C:\Program Files\Traders Way MetaTrader 4
2021-05-24 15:42 - 2019-10-15 12:14 - 000000000 ____D C:\Program Files\Sublime Text 3
2021-05-24 15:42 - 2019-10-07 13:01 - 000000000 ____D C:\Program Files\NetBeans 8.2
2021-05-24 15:42 - 2019-10-03 15:46 - 000000000 ____D C:\Program Files\pl
2021-05-24 15:42 - 2019-10-02 06:17 - 000000000 ____D C:\Program Files\PowerISO
2021-05-24 15:41 - 2019-11-11 12:28 - 000000000 ____D C:\Program Files\Microsoft VS Code
2021-05-24 15:29 - 2021-03-17 11:19 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2021-05-24 15:28 - 2021-03-17 10:39 - 000000000 ____D C:\Program Files\IIS Express
2021-05-24 15:28 - 2021-03-17 10:10 - 000000000 ____D C:\Program Files\HTML Help Workshop
2021-05-24 15:28 - 2020-07-16 14:37 - 000000000 ____D C:\Program Files\FBS Trader 4
2021-05-24 15:28 - 2020-04-06 07:21 - 000000000 ____D C:\Program Files\Git
2021-05-24 15:28 - 2019-10-07 13:14 - 000000000 ____D C:\Program Files\glassfish-4.1.1
2021-05-24 15:27 - 2019-10-14 17:46 - 000000000 ____D C:\Program Files\EasyPHP-Devserver-17
2021-05-24 15:27 - 2019-02-22 13:33 - 000000000 ____D C:\Program Files\DriverToolkit
2021-05-24 15:26 - 2021-04-10 17:46 - 000000000 _____ C:\Program Files\SendCrashReport.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\unins000.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\TrackReview.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\ServiceMiniNotice.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\FoxitUpdater.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\FoxitReaderConnectedPDFService.exe
2021-05-24 15:26 - 2021-04-10 17:45 - 000000000 _____ C:\Program Files\FoxitReader.exe
2021-05-24 15:26 - 2020-09-07 12:35 - 000000000 ____D C:\Program Files\Bootstrap Studio
2021-05-24 15:26 - 2019-10-05 16:32 - 000000000 ____D C:\Program Files\ArgoUML
2021-05-24 15:26 - 2019-10-02 01:16 - 000000000 ____D C:\Program Files\CodeBlocks
2021-05-24 15:23 - 2019-11-13 07:51 - 000000000 _____ C:\debug.exe
2021-05-22 00:46 - 2019-11-11 12:32 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Code
2021-05-21 11:47 - 2021-04-14 10:35 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-05-21 11:47 - 2021-04-14 10:35 - 000002206 _____ C:\Users\Public\Desktop\Brave.lnk
2021-05-21 11:47 - 2021-04-14 10:35 - 000002206 _____ C:\ProgramData\Desktop\Brave.lnk
2021-05-20 23:03 - 2009-07-14 05:33 - 000443216 _____ C:\Windows\system32\FNTCACHE.DAT
2021-05-20 16:56 - 2019-02-22 15:22 - 000114672 _____ C:\Users\Ceni_Pc_Formation\AppData\Local\GDIPFONTCACHEV1.DAT
2021-05-15 16:11 - 2008-05-16 02:49 - 000005100 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for FORMALT-Ceni_Pc_Formation Formalt.unicef.org
2021-05-13 17:14 - 2019-02-21 17:19 - 000000000 ____D C:\Users\Ceni_Pc_Formation
2021-05-08 14:34 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2021-05-05 13:03 - 2019-02-22 15:38 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-04 12:04 - 2021-04-17 17:38 - 000000000 ____D C:\Users\Ceni_Pc_Formation\Desktop\DIAG SYSML
2021-05-04 06:05 - 2021-04-27 19:22 - 000000000 ____D C:\OSGeo4W
2021-04-30 18:42 - 2019-02-22 19:30 - 000000000 ____D C:\Users\Ceni_Pc_Formation\AppData\Roaming\Foxit Software
==================== Files in the root of some directories ========
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-console-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-datetime-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-debug-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-errorhandling-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000021768 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-file-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-file-l1-2-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-file-l2-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-handle-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-heap-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-interlocked-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-libraryloader-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020744 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-localization-l1-2-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-memory-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-namedpipe-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-processenvironment-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-processthreads-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-processthreads-l1-1-1.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000017672 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-profile-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000017672 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-rtlsupport-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-string-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-synch-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-synch-l1-2-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-sysinfo-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-timezone-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018184 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-core-util-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000002560 _____ (Microsoft Corporation) C:\Program Files\API-MS-Win-core-xstate-l2-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-conio-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000022280 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-convert-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-environment-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020232 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-filesystem-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-heap-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-locale-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000028936 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-math-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000026376 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-multibyte-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000072968 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-private-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000019208 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-process-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000022792 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000024328 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-stdio-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000024328 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-string-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000020744 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-time-l1-1-0.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000018696 _____ (Microsoft Corporation) C:\Program Files\api-ms-win-crt-utility-l1-1-0.dll
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\FoxitReader.exe
2021-04-10 17:45 - 2021-03-19 01:47 - 000074588 _____ () C:\Program Files\FoxitReader.exe.man
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\FoxitReaderConnectedPDFService.exe
2021-04-10 17:45 - 2021-03-18 20:42 - 002356800 _____ (Foxit Software Inc.) C:\Program Files\FoxitReaderUpdateService.exe
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\FoxitUpdater.exe
2021-04-10 17:45 - 2021-03-18 20:41 - 002780736 _____ (Foxit Software Inc.) C:\Program Files\FPCSDK.dll
2021-04-10 17:45 - 2021-03-18 20:42 - 003671616 _____ (Foxit Software Inc.) C:\Program Files\FPCSDK64.dll
2021-04-10 17:46 - 2021-03-19 00:43 - 002154416 _____ (TODO: <公司名>) C:\Program Files\FXCUSTOM.dll
2021-04-10 17:45 - 2020-08-13 20:19 - 001036464 _____ (Foxit Software Inc.) C:\Program Files\fxLuceneLib.dll
2021-04-10 17:45 - 2021-03-19 00:44 - 010410272 _____ () C:\Program Files\icudtl.dat
2021-04-10 17:45 - 2021-03-19 00:44 - 000001478 _____ () C:\Program Files\legal.txt
2021-04-10 17:45 - 2021-03-18 20:41 - 002147392 _____ (Foxit Software Inc.) C:\Program Files\LocalService.dll
2021-04-10 17:45 - 2020-08-13 20:19 - 001982128 _____ (Foxit Software Inc.) C:\Program Files\lucene++-contrib.dll
2021-04-10 17:45 - 2020-08-13 20:19 - 007557296 _____ (Foxit Software Inc.) C:\Program Files\lucene++.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 005122704 _____ (Microsoft Corporation) C:\Program Files\mfc140u.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000092816 _____ (Microsoft Corporation) C:\Program Files\mfcm140u.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000457512 _____ (Microsoft Corporation) C:\Program Files\msvcp140.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000027076 _____ () C:\Program Files\notice.txt
2021-04-10 17:45 - 2021-03-19 00:44 - 000051888 _____ () C:\Program Files\opentracing.dll
2021-04-10 17:45 - 2021-03-19 00:44 - 000060080 _____ () C:\Program Files\opentracing64.dll
2021-04-10 17:46 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\SendCrashReport.exe
2021-04-10 17:45 - 2021-03-18 20:42 - 002786880 _____ (Foxit Corporation) C:\Program Files\Sensor.dll
2021-04-10 17:45 - 2021-03-18 20:43 - 003991616 _____ (Foxit Corporation) C:\Program Files\Sensor64.dll
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\ServiceMiniNotice.exe
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\TrackReview.exe
2021-04-10 17:45 - 2020-07-10 01:11 - 001172232 _____ (Microsoft Corporation) C:\Program Files\ucrtbase.dll
2021-04-10 17:45 - 2021-04-10 17:46 - 000215886 _____ () C:\Program Files\unins000.dat
2021-04-10 17:45 - 2021-05-24 15:26 - 000000000 _____ () C:\Program Files\unins000.exe
2021-04-10 17:46 - 2021-04-10 17:46 - 000022709 _____ () C:\Program Files\unins000.msg
2021-04-10 17:45 - 2021-04-10 17:47 - 000001082 _____ () C:\Program Files\UpdaterInfo.xml
2021-04-10 17:45 - 2020-07-10 01:11 - 000267592 _____ (Microsoft Corporation) C:\Program Files\vccorlib140.dll
2021-04-10 17:45 - 2020-07-10 01:11 - 000083784 _____ (Microsoft Corporation) C:\Program Files\vcruntime140.dll
2019-12-06 05:57 - 2019-12-06 05:57 - 000328916 _____ () C:\Users\Ceni_Pc_Formation\AppData\Roaming\Mepop
2019-11-11 00:57 - 2020-01-10 08:57 - 000000280 _____ () C:\Users\Ceni_Pc_Formation\AppData\Roaming\WB.CFG
2020-12-09 06:47 - 2020-12-09 06:47 - 000000000 _____ () C:\Users\Ceni_Pc_Formation\AppData\Local\oobelibMkey.log
2020-07-30 12:25 - 2020-07-30 12:25 - 000002772 _____ () C:\Users\Ceni_Pc_Formation\AppData\Local\recently-used.xbel
2021-01-09 08:40 - 2021-01-09 08:40 - 000000074 _____ () C:\Users\Ceni_Pc_Formation\AppData\Local\uts.ini
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\Windows\py.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\pyw.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\appverif.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\DPTopologyApp.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\DPTopologyAppv2_0.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\dxcpl.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\GfxUIEx.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\Gfxv2_0.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\Gfxv4_0.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\HP2030SM.EXE [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\igfxext.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\IntelCpHeciSvc.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\microsoft.windows.softwarelogo.showdesktop.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\MpSigStub.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\MRT-KB890830.exe [2021-05-25] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\MRT.exe [2021-05-28] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\vmicsvc.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
FCheck: C:\Windows\system32\vsjitdebugger.exe [2021-05-24] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-05-28 17:01
==================== End of FRST.txt ========================