Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2021
Ran by Patrick Anelia (administrator) on LAPTOP-UN06NA71 (HP HP Laptop 15-ra0xx) (14-10-2021 19:47:04)
Running from C:\Users\Patrick Anelia\Desktop
Loaded Profiles: Patrick Anelia
Platform: Microsoft Windows 10 Home Single Language Version 20H2 19042.1237 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-21] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [Dropbox Update] => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [BraveSoftware Update] => C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Update\1.3.101.0\BraveUpdateCore.exe [213656 2021-07-13] (Brave Software, Inc. -> BraveSoftware Inc.)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [MicrosoftEdgeAutoLaunch_E3F8CD75B0EF9971DFFC639E63CDAB0A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [YouTubeToMP3] => C:\Program Files (x86)\Y2mate\Y2mate Downloader\Y2mate Downloader.exe [11812256 2021-04-01] (Vidus Technology Limited -> )
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [Opera Browser Assistant] => C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\MountPoints2: {5c22f474-1f74-11eb-b1ad-b4b6860d75f2} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [653312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-05] (Google LLC -> Google LLC)
Startup: C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2021-09-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\Patrick Anelia\AppData\Roaming\Dropbox\bin\Dropbox.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01F411E3-8BC3-42E6-A880-BF6DA1A2662E} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {060A2F3E-0A38-45F6-9B76-31511A023F60} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2018-06-26] (Apple Inc. -> Apple Inc.)
Task: {0D447A79-917C-4A48-9252-EF9048D6781C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F251F72-4305-49B4-BD89-8957686D4C93} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {1120577E-5297-4856-B0A3-C183B94D802C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001Core => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {12392B1B-1503-4D67-8259-0A18B99902BA} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {18F00A68-6E5C-4125-AB7C-64A8E3A054C7} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.760.0000.105\Bin\SymErr.exe
Task: {1A9ED6E3-B51B-4BDD-AA27-2D83864AC596} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001Core => C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [162456 2021-07-13] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1DBBD267-1EA4-4F95-969A-31CEC8A25A2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {282C2D71-37B6-4385-B622-41495A32DC02} - System32\Tasks\Opera scheduled assistant Autoupdate 1552434528 => C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {290D4C0D-C0E9-4E3A-BAA8-CF4DC7C09AE4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {3687C246-6DF2-4DEB-A723-28671924DC3F} - System32\Tasks\Opera scheduled Autoupdate 1536407716 => C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software)
Task: {3E896E8E-A45C-4E25-826B-31E09013B937} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {3F93EA76-74E1-486B-AE69-3A9BC03BC550} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5040B7F2-0829-4DF3-9BF2-CCD9FD973135} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {556E31E0-DA7F-4C4B-A18A-331949CA1881} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E1C7102-A71A-4A85-9CEC-B332AB252103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {6CEAC7A1-1E90-4BA6-9B81-1BA9CD6DF5AB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {770B97AF-47F2-4456-9B06-08F8FCBF22F9} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {946F7C8D-3E74-48D1-98EC-D06C30ACE53D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {991C3694-81B7-455A-913B-00B373FC6F83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {9D9334B0-62E8-4812-92BF-06A68FFD7CCF} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {9EAE2A2C-576F-4369-91C0-7719C1BEC4CF} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.760.0000.105\Bin\SymErr.exe
Task: {A2DDA581-8C22-4BC4-A7B9-95DF444BC4F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-12] (Google Inc -> Google Inc.)
Task: {B0728A9A-4366-4288-9947-5E4DDF4E7B3A} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {B85328DF-F3EE-4D3A-B2A7-A6784D2102E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD2633C1-9DF6-475D-88E8-1D2558FFFB0F} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {C567EAB5-B229-4BEE-ACBB-309CA241BDD9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-07-15] (HP Inc. -> HP Inc.)
Task: {C5FF4649-9D93-4E2C-B897-667DB05DC206} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001UA => C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [162456 2021-07-13] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C7017084-99FD-42B7-85BA-940B951C7AD3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001UA => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CDFD36C9-18FB-42EE-A1D5-E3EBDE762479} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CED1D3AC-C501-4CB1-8F56-30CF5CCBE669} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.760.0000.105\Bin\SymErr.exe
Task: {E80EF9FF-219C-4178-AE30-B9E497BF005E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-12] (Google Inc -> Google Inc.)
Task: {E80FDB6E-1C35-42A6-9B85-CA91BBEF7139} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {EC956B5B-BFFC-4285-995A-F222F6DC7128} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001Core.job => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001UA.job => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f3134d4f-7685-45eb-91e9-8e2d64346268}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fbf1eaf6-e7b7-46e0-a527-ff79bd2117b1}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Patrick Anelia\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-14]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default [2021-10-11]
CHR Notifications: Default -> hxxps://fr.savefrom.net; hxxps://us05web.zoom.us
CHR Extension: (Slides) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-12]
CHR Extension: (Docs) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-12]
CHR Extension: (Google Drive) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-13]
CHR Extension: (YouTube) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Gmail) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-13]
Opera:
=======
OPR Profile: C:\Users\Patrick Anelia\AppData\Roaming\Opera Software\Opera Stable [2021-10-14]
OPR Notifications: Opera Stable -> hxxps://push-decdbeb-4073.pushails.com; hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Patrick Anelia\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-08]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Patrick Anelia\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13]
Brave:
=======
BRA Profile: C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-10-07]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-07-15]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\ejdgeppfmiloeldijnhljdlamkkmbgko [2021-07-15]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-07-13]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-07-13]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-07-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [File not signed]
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-05] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [733200 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-09-27] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [732176 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-04-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [519120 2018-04-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfevtp; C:\windows\system32\mfevtps.exe [473552 2018-04-24] (McAfee, Inc. -> McAfee, LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAPExe; "C:\Program Files\Common Files\McAfee\VSCore_18_5\McApExe.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77216 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [497568 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [361888 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [533408 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [954784 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [550288 2018-05-03] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108944 2018-05-03] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115616 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
S3 MpKsl2001b14b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{95CF8CD7-7573-43C7-A1CD-DD83948218BC}\MpKslDrv.sys [107752 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
R3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2021-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376544 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-14 19:47 - 2021-10-14 19:51 - 000028561 _____ C:\Users\Patrick Anelia\Desktop\FRST.txt
2021-10-14 19:46 - 2021-10-14 19:49 - 000000000 ____D C:\FRST
2021-10-14 19:45 - 2021-10-14 19:45 - 002310656 _____ (Farbar) C:\Users\Patrick Anelia\Desktop\FRST64.exe
2021-10-10 20:26 - 2021-10-13 14:28 - 000000000 ____D C:\Users\Patrick Anelia\Documents\STATS SP
2021-10-07 22:51 - 2021-10-07 23:42 - 000030208 _____ C:\Users\Patrick Anelia\Downloads\Userlist.xls
2021-10-07 22:49 - 2021-10-07 22:51 - 035940104 _____ (Piriform Software Ltd) C:\Users\Patrick Anelia\Downloads\ccsetup585_pro_trial.exe
2021-10-06 13:27 - 2021-10-06 13:27 - 000000000 ____D C:\Users\Patrick Anelia\Documents\IBM
2021-10-06 13:21 - 2021-10-13 14:48 - 000000000 ____D C:\Users\Patrick Anelia\.spss
2021-10-06 13:21 - 2021-10-06 13:21 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\SPSSInc
2021-10-06 13:20 - 2021-10-06 13:20 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\javasharedresources
2021-10-06 11:36 - 2021-10-06 11:36 - 000002332 _____ C:\Users\Patrick Anelia\Desktop\IBM SPSS Statistics 26.lnk
2021-10-06 11:32 - 2021-10-06 11:39 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\stattransfer12
2021-10-06 11:32 - 2021-10-06 11:39 - 000000000 ____D C:\ProgramData\StatTransfer12
2021-10-06 11:31 - 2021-10-06 11:31 - 000001917 _____ C:\Users\Patrick Anelia\Desktop\StatTrasfer - Shortcut.lnk
2021-10-06 11:28 - 2021-10-06 11:28 - 000001503 _____ C:\Users\Patrick Anelia\Desktop\Stata-64 - Shortcut.lnk
2021-10-06 11:25 - 2021-10-06 11:38 - 000000000 ____D C:\Program Files\StatTransfer_12.0.129.0309x86
2021-10-06 11:19 - 2021-10-06 11:19 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\IBM
2021-10-06 11:19 - 2021-10-06 11:19 - 000000000 ____D C:\ProgramData\IBM
2021-10-06 11:18 - 2021-10-06 11:18 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2021-10-06 11:17 - 2021-10-06 11:17 - 000000000 ____D C:\ProgramData\SPSS
2021-10-06 11:17 - 2021-10-06 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2021-10-06 11:12 - 2021-10-06 11:12 - 000000000 ____D C:\Program Files\Common Files\IBM
2021-10-06 11:08 - 2021-10-06 11:08 - 000000000 ____D C:\Program Files\IBM
2021-10-06 11:06 - 2021-10-06 11:09 - 000000000 ____D C:\Program Files\Stata_15.0x64
2021-10-06 11:06 - 2021-10-06 11:06 - 000001025 _____ C:\WINDOWS\SysWOW64\sysprs7.tgz
2021-10-06 11:06 - 2021-10-06 11:06 - 000001025 _____ C:\WINDOWS\SysWOW64\sysprs7.dll
2021-10-06 11:06 - 2021-10-06 11:06 - 000000219 _____ C:\WINDOWS\SysWOW64\lsprst7.tgz
2021-10-06 11:06 - 2021-10-06 11:06 - 000000205 _____ C:\WINDOWS\SysWOW64\lsprst7.dll
2021-10-06 11:06 - 2021-10-06 11:06 - 000000016 ____H C:\WINDOWS\SysWOW64\servdat.slm
2021-10-06 10:36 - 2021-10-06 10:36 - 000000000 ____D C:\Foxit Software
2021-10-06 00:22 - 2021-10-06 00:22 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-10-06 00:22 - 2021-10-06 00:22 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-06 00:21 - 2021-10-06 00:21 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-10-06 00:21 - 2021-10-06 00:21 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-10-06 00:21 - 2021-10-06 00:21 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-10-06 00:21 - 2021-10-06 00:21 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-06 00:21 - 2021-10-06 00:21 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-10-06 00:21 - 2021-10-06 00:21 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-06 00:20 - 2021-10-06 00:20 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-06 00:20 - 2021-10-06 00:20 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-06 00:20 - 2021-10-06 00:20 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-10-06 00:20 - 2021-10-06 00:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-06 00:20 - 2021-10-06 00:20 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-10-06 00:20 - 2021-10-06 00:20 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-10-06 00:19 - 2021-10-06 00:19 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-10-06 00:19 - 2021-10-06 00:19 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-10-06 00:19 - 2021-10-06 00:19 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-06 00:18 - 2021-10-06 00:18 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-06 00:18 - 2021-10-06 00:18 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-10-06 00:18 - 2021-10-06 00:18 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-10-05 23:11 - 2021-10-05 23:11 - 000000000 ___HD C:\$WinREAgent
2021-10-01 00:32 - 2021-10-01 00:32 - 001130672 _____ (RealNetworks, Inc.) C:\Users\Patrick Anelia\Downloads\RealTimes-RealPlayer_fr.exe
2021-09-30 23:54 - 2021-09-30 23:54 - 000000012 _____ C:\Users\Patrick Anelia\AppData\Roaming\35cbb79ee5b98a8ca9c15ec3b0436646
2021-09-30 23:54 - 2021-09-30 23:54 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Y2mate
2021-09-30 23:51 - 2021-09-30 23:51 - 000002296 _____ C:\Users\Patrick Anelia\Desktop\Y2mate Downloader.lnk
2021-09-30 23:51 - 2021-09-30 23:51 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Y2mate Downloader
2021-09-30 23:51 - 2021-09-30 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Y2mate Downloader
2021-09-30 23:36 - 2021-09-30 23:48 - 000000000 ____D C:\Program Files (x86)\Y2mate
2021-09-30 23:36 - 2021-09-30 23:36 - 000000000 ____D C:\Users\Patrick Anelia\Downloads\Y2mate
2021-09-30 23:35 - 2021-09-30 23:35 - 000000000 ____D C:\Users\Patrick Anelia\Documents\Y2mate
2021-09-30 23:31 - 2021-09-30 23:33 - 006893472 _____ (Y2mate Downloader) C:\Users\Patrick Anelia\Downloads\y2mate_downloader_online_1005_ba28b9c3.exe
2021-09-30 23:22 - 2021-09-30 23:22 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-09-22 14:49 - 2021-09-22 14:49 - 000000000 ____D C:\Users\Patrick Anelia\Desktop\audit
2021-09-22 08:57 - 2021-09-22 09:09 - 000000000 _____ C:\Users\Patrick Anelia\Documents\HP ePrint
2021-09-22 08:57 - 2021-09-22 08:57 - 000000000 ____D C:\Users\Patrick Anelia\HP
2021-09-18 00:18 - 2021-10-05 21:06 - 000004554 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1552434528
2021-09-18 00:15 - 2021-09-18 00:15 - 000000955 _____ C:\Users\Public\Desktop\RadiAnt DICOM Viewer (64-bit).lnk
2021-09-18 00:12 - 2021-09-18 00:13 - 007291600 _____ (Medixant) C:\Users\Patrick Anelia\Downloads\RadiAnt-2021.1-17805-Setup.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-14 19:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-14 19:29 - 2021-01-18 04:22 - 000798878 _____ C:\WINDOWS\system32\perfh00C.dat
2021-10-14 19:29 - 2021-01-18 04:22 - 000155134 _____ C:\WINDOWS\system32\perfc00C.dat
2021-10-14 19:29 - 2021-01-18 03:56 - 001865706 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-14 19:29 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-14 19:26 - 2021-01-17 22:54 - 000000000 ___HD C:\$GetCurrent
2021-10-14 19:24 - 2018-09-12 18:19 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-14 19:22 - 2018-07-03 17:46 - 000000000 __SHD C:\Users\Patrick Anelia\IntelGraphicsProfiles
2021-10-14 19:22 - 2018-07-03 17:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-10-14 19:20 - 2021-01-18 03:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-14 19:20 - 2020-11-19 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-14 19:20 - 2018-09-08 18:19 - 000000000 ____D C:\ProgramData\Symantec
2021-10-14 19:19 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-14 19:18 - 2021-01-18 03:40 - 000000000 ____D C:\Users\Patrick Anelia
2021-10-14 19:13 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-14 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-14 19:12 - 2017-09-29 14:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-10-14 18:57 - 2018-09-08 14:29 - 000000000 ____D C:\ProgramData\Real
2021-10-14 18:57 - 2018-09-08 14:28 - 000000000 ____D C:\Program Files (x86)\Real
2021-10-14 18:57 - 2018-09-08 14:23 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Real
2021-10-14 18:50 - 2021-01-18 04:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection
2021-10-14 18:44 - 2020-11-19 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-14 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-14 15:58 - 2021-01-17 23:24 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\D3DSCache
2021-10-14 15:56 - 2018-09-13 19:06 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\CrashDumps
2021-10-13 22:24 - 2018-07-12 01:47 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Dropbox
2021-10-13 21:56 - 2018-07-12 01:42 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\Dropbox
2021-10-11 00:40 - 2020-10-15 19:24 - 000000000 ____D C:\Users\Patrick Anelia\Documents\specialisation imagerie
2021-10-10 10:56 - 2020-11-19 00:31 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 10:55 - 2020-11-19 00:31 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-08 13:03 - 2021-02-22 08:27 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-07 23:53 - 2018-07-03 17:46 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\Packages
2021-10-07 23:13 - 2021-01-18 04:16 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4103905783-786974986-1128566019-1001
2021-10-07 23:13 - 2021-01-18 03:40 - 000002413 _____ C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-07 23:09 - 2021-01-18 00:56 - 000000000 ___DC C:\WINDOWS\Panther
2021-10-06 13:53 - 2021-01-18 05:49 - 000000000 ____D C:\Users\Patrick Anelia\Documents\compressed
2021-10-06 10:38 - 2020-11-19 00:28 - 000435152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-06 10:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-10-06 07:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-05 21:23 - 2018-09-12 18:25 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-05 21:23 - 2018-09-12 18:25 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-05 21:14 - 2018-07-10 16:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-05 20:57 - 2018-07-10 16:41 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-03 03:06 - 2021-07-13 12:50 - 000002671 _____ C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-10-03 03:06 - 2021-07-13 12:50 - 000002634 _____ C:\Users\Patrick Anelia\Desktop\Brave.lnk
2021-10-03 00:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-03 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-02 23:59 - 2020-11-19 00:31 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-02 23:59 - 2020-11-19 00:31 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-01 00:02 - 2021-01-18 04:16 - 000004282 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1536407716
2021-10-01 00:01 - 2018-09-08 12:55 - 000001515 _____ C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2021-09-30 23:56 - 2018-07-03 17:46 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\VirtualStore
2021-09-30 23:13 - 2021-01-18 04:16 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-30 23:13 - 2021-01-18 04:16 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 14:28 - 2021-04-27 11:29 - 000000000 ____D C:\Users\Patrick Anelia\Documents\RadiAntDB
2021-09-22 12:34 - 2021-04-27 11:28 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\RadiantViewer
2021-09-22 09:14 - 2021-04-14 17:44 - 000000000 ____D C:\LJPM11_M13_Full_Solution
2021-09-22 09:09 - 2021-02-28 19:49 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\HP
2021-09-18 00:15 - 2021-04-27 11:28 - 000000961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\RadiAnt DICOM Viewer (64-bit).lnk
2021-09-18 00:15 - 2021-04-27 11:28 - 000000000 ____D C:\Program Files\RadiAntViewer64bit
==================== Files in the root of some directories ========
2018-08-05 00:29 - 2018-08-05 00:39 - 160398136 _____ (Apple Inc.) C:\Program Files\iCloudSetup.exe
2018-09-12 18:18 - 2018-09-12 18:18 - 001130840 _____ (Google Inc.) C:\Program Files (x86)\ChromeSetup.exe
2018-09-12 15:33 - 2018-09-12 15:33 - 006996080 _____ (SaveFrom.net ) C:\Program Files (x86)\SFHelper-Setup-[321774698cc7c74f#386#].exe
2021-09-30 23:54 - 2021-09-30 23:54 - 000000012 _____ () C:\Users\Patrick Anelia\AppData\Roaming\35cbb79ee5b98a8ca9c15ec3b0436646
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Patrick Anelia (administrator) on LAPTOP-UN06NA71 (HP HP Laptop 15-ra0xx) (14-10-2021 19:47:04)
Running from C:\Users\Patrick Anelia\Desktop
Loaded Profiles: Patrick Anelia
Platform: Microsoft Windows 10 Home Single Language Version 20H2 19042.1237 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-21] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [Dropbox Update] => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [BraveSoftware Update] => C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Update\1.3.101.0\BraveUpdateCore.exe [213656 2021-07-13] (Brave Software, Inc. -> BraveSoftware Inc.)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [MicrosoftEdgeAutoLaunch_E3F8CD75B0EF9971DFFC639E63CDAB0A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [YouTubeToMP3] => C:\Program Files (x86)\Y2mate\Y2mate Downloader\Y2mate Downloader.exe [11812256 2021-04-01] (Vidus Technology Limited -> )
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\Run: [Opera Browser Assistant] => C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4103905783-786974986-1128566019-1001\...\MountPoints2: {5c22f474-1f74-11eb-b1ad-b4b6860d75f2} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [653312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-05] (Google LLC -> Google LLC)
Startup: C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2021-09-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\Patrick Anelia\AppData\Roaming\Dropbox\bin\Dropbox.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01F411E3-8BC3-42E6-A880-BF6DA1A2662E} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {060A2F3E-0A38-45F6-9B76-31511A023F60} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2018-06-26] (Apple Inc. -> Apple Inc.)
Task: {0D447A79-917C-4A48-9252-EF9048D6781C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F251F72-4305-49B4-BD89-8957686D4C93} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {1120577E-5297-4856-B0A3-C183B94D802C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001Core => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {12392B1B-1503-4D67-8259-0A18B99902BA} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {18F00A68-6E5C-4125-AB7C-64A8E3A054C7} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.760.0000.105\Bin\SymErr.exe
Task: {1A9ED6E3-B51B-4BDD-AA27-2D83864AC596} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001Core => C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [162456 2021-07-13] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1DBBD267-1EA4-4F95-969A-31CEC8A25A2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {282C2D71-37B6-4385-B622-41495A32DC02} - System32\Tasks\Opera scheduled assistant Autoupdate 1552434528 => C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {290D4C0D-C0E9-4E3A-BAA8-CF4DC7C09AE4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {3687C246-6DF2-4DEB-A723-28671924DC3F} - System32\Tasks\Opera scheduled Autoupdate 1536407716 => C:\Users\Patrick Anelia\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software)
Task: {3E896E8E-A45C-4E25-826B-31E09013B937} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {3F93EA76-74E1-486B-AE69-3A9BC03BC550} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5040B7F2-0829-4DF3-9BF2-CCD9FD973135} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {556E31E0-DA7F-4C4B-A18A-331949CA1881} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E1C7102-A71A-4A85-9CEC-B332AB252103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {6CEAC7A1-1E90-4BA6-9B81-1BA9CD6DF5AB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {770B97AF-47F2-4456-9B06-08F8FCBF22F9} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {946F7C8D-3E74-48D1-98EC-D06C30ACE53D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {991C3694-81B7-455A-913B-00B373FC6F83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {9D9334B0-62E8-4812-92BF-06A68FFD7CCF} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {9EAE2A2C-576F-4369-91C0-7719C1BEC4CF} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.760.0000.105\Bin\SymErr.exe
Task: {A2DDA581-8C22-4BC4-A7B9-95DF444BC4F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-12] (Google Inc -> Google Inc.)
Task: {B0728A9A-4366-4288-9947-5E4DDF4E7B3A} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {B85328DF-F3EE-4D3A-B2A7-A6784D2102E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD2633C1-9DF6-475D-88E8-1D2558FFFB0F} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {C567EAB5-B229-4BEE-ACBB-309CA241BDD9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-07-15] (HP Inc. -> HP Inc.)
Task: {C5FF4649-9D93-4E2C-B897-667DB05DC206} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001UA => C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [162456 2021-07-13] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C7017084-99FD-42B7-85BA-940B951C7AD3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001UA => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CDFD36C9-18FB-42EE-A1D5-E3EBDE762479} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CED1D3AC-C501-4CB1-8F56-30CF5CCBE669} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.760.0000.105\Bin\SymErr.exe
Task: {E80EF9FF-219C-4178-AE30-B9E497BF005E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-12] (Google Inc -> Google Inc.)
Task: {E80FDB6E-1C35-42A6-9B85-CA91BBEF7139} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {EC956B5B-BFFC-4285-995A-F222F6DC7128} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001Core.job => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4103905783-786974986-1128566019-1001UA.job => C:\Users\Patrick Anelia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f3134d4f-7685-45eb-91e9-8e2d64346268}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fbf1eaf6-e7b7-46e0-a527-ff79bd2117b1}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Patrick Anelia\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-14]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default [2021-10-11]
CHR Notifications: Default -> hxxps://fr.savefrom.net; hxxps://us05web.zoom.us
CHR Extension: (Slides) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-12]
CHR Extension: (Docs) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-12]
CHR Extension: (Google Drive) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-13]
CHR Extension: (YouTube) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]
CHR Extension: (Gmail) - C:\Users\Patrick Anelia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-13]
Opera:
=======
OPR Profile: C:\Users\Patrick Anelia\AppData\Roaming\Opera Software\Opera Stable [2021-10-14]
OPR Notifications: Opera Stable -> hxxps://push-decdbeb-4073.pushails.com; hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Patrick Anelia\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-08]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Patrick Anelia\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13]
Brave:
=======
BRA Profile: C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-10-07]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-07-15]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\ejdgeppfmiloeldijnhljdlamkkmbgko [2021-07-15]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-07-13]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-07-13]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Patrick Anelia\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-07-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [File not signed]
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-05] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [733200 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-09-27] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [732176 2021-04-19] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-04-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [519120 2018-04-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfevtp; C:\windows\system32\mfevtps.exe [473552 2018-04-24] (McAfee, Inc. -> McAfee, LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2021-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAPExe; "C:\Program Files\Common Files\McAfee\VSCore_18_5\McApExe.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77216 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [497568 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [361888 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [533408 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [954784 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [550288 2018-05-03] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108944 2018-05-03] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115616 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-05-16] (McAfee, Inc. -> McAfee, LLC)
S3 MpKsl2001b14b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{95CF8CD7-7573-43C7-A1CD-DD83948218BC}\MpKslDrv.sys [107752 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
R3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2021-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376544 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-14 19:47 - 2021-10-14 19:51 - 000028561 _____ C:\Users\Patrick Anelia\Desktop\FRST.txt
2021-10-14 19:46 - 2021-10-14 19:49 - 000000000 ____D C:\FRST
2021-10-14 19:45 - 2021-10-14 19:45 - 002310656 _____ (Farbar) C:\Users\Patrick Anelia\Desktop\FRST64.exe
2021-10-10 20:26 - 2021-10-13 14:28 - 000000000 ____D C:\Users\Patrick Anelia\Documents\STATS SP
2021-10-07 22:51 - 2021-10-07 23:42 - 000030208 _____ C:\Users\Patrick Anelia\Downloads\Userlist.xls
2021-10-07 22:49 - 2021-10-07 22:51 - 035940104 _____ (Piriform Software Ltd) C:\Users\Patrick Anelia\Downloads\ccsetup585_pro_trial.exe
2021-10-06 13:27 - 2021-10-06 13:27 - 000000000 ____D C:\Users\Patrick Anelia\Documents\IBM
2021-10-06 13:21 - 2021-10-13 14:48 - 000000000 ____D C:\Users\Patrick Anelia\.spss
2021-10-06 13:21 - 2021-10-06 13:21 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\SPSSInc
2021-10-06 13:20 - 2021-10-06 13:20 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\javasharedresources
2021-10-06 11:36 - 2021-10-06 11:36 - 000002332 _____ C:\Users\Patrick Anelia\Desktop\IBM SPSS Statistics 26.lnk
2021-10-06 11:32 - 2021-10-06 11:39 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\stattransfer12
2021-10-06 11:32 - 2021-10-06 11:39 - 000000000 ____D C:\ProgramData\StatTransfer12
2021-10-06 11:31 - 2021-10-06 11:31 - 000001917 _____ C:\Users\Patrick Anelia\Desktop\StatTrasfer - Shortcut.lnk
2021-10-06 11:28 - 2021-10-06 11:28 - 000001503 _____ C:\Users\Patrick Anelia\Desktop\Stata-64 - Shortcut.lnk
2021-10-06 11:25 - 2021-10-06 11:38 - 000000000 ____D C:\Program Files\StatTransfer_12.0.129.0309x86
2021-10-06 11:19 - 2021-10-06 11:19 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\IBM
2021-10-06 11:19 - 2021-10-06 11:19 - 000000000 ____D C:\ProgramData\IBM
2021-10-06 11:18 - 2021-10-06 11:18 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2021-10-06 11:17 - 2021-10-06 11:17 - 000000000 ____D C:\ProgramData\SPSS
2021-10-06 11:17 - 2021-10-06 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2021-10-06 11:12 - 2021-10-06 11:12 - 000000000 ____D C:\Program Files\Common Files\IBM
2021-10-06 11:08 - 2021-10-06 11:08 - 000000000 ____D C:\Program Files\IBM
2021-10-06 11:06 - 2021-10-06 11:09 - 000000000 ____D C:\Program Files\Stata_15.0x64
2021-10-06 11:06 - 2021-10-06 11:06 - 000001025 _____ C:\WINDOWS\SysWOW64\sysprs7.tgz
2021-10-06 11:06 - 2021-10-06 11:06 - 000001025 _____ C:\WINDOWS\SysWOW64\sysprs7.dll
2021-10-06 11:06 - 2021-10-06 11:06 - 000000219 _____ C:\WINDOWS\SysWOW64\lsprst7.tgz
2021-10-06 11:06 - 2021-10-06 11:06 - 000000205 _____ C:\WINDOWS\SysWOW64\lsprst7.dll
2021-10-06 11:06 - 2021-10-06 11:06 - 000000016 ____H C:\WINDOWS\SysWOW64\servdat.slm
2021-10-06 10:36 - 2021-10-06 10:36 - 000000000 ____D C:\Foxit Software
2021-10-06 00:22 - 2021-10-06 00:22 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-10-06 00:22 - 2021-10-06 00:22 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-06 00:21 - 2021-10-06 00:21 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-10-06 00:21 - 2021-10-06 00:21 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-10-06 00:21 - 2021-10-06 00:21 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-10-06 00:21 - 2021-10-06 00:21 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-06 00:21 - 2021-10-06 00:21 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-10-06 00:21 - 2021-10-06 00:21 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-06 00:20 - 2021-10-06 00:20 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-06 00:20 - 2021-10-06 00:20 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-06 00:20 - 2021-10-06 00:20 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-10-06 00:20 - 2021-10-06 00:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-06 00:20 - 2021-10-06 00:20 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-10-06 00:20 - 2021-10-06 00:20 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-10-06 00:19 - 2021-10-06 00:19 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-10-06 00:19 - 2021-10-06 00:19 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-10-06 00:19 - 2021-10-06 00:19 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-06 00:18 - 2021-10-06 00:18 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-06 00:18 - 2021-10-06 00:18 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-10-06 00:18 - 2021-10-06 00:18 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-10-05 23:11 - 2021-10-05 23:11 - 000000000 ___HD C:\$WinREAgent
2021-10-01 00:32 - 2021-10-01 00:32 - 001130672 _____ (RealNetworks, Inc.) C:\Users\Patrick Anelia\Downloads\RealTimes-RealPlayer_fr.exe
2021-09-30 23:54 - 2021-09-30 23:54 - 000000012 _____ C:\Users\Patrick Anelia\AppData\Roaming\35cbb79ee5b98a8ca9c15ec3b0436646
2021-09-30 23:54 - 2021-09-30 23:54 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Y2mate
2021-09-30 23:51 - 2021-09-30 23:51 - 000002296 _____ C:\Users\Patrick Anelia\Desktop\Y2mate Downloader.lnk
2021-09-30 23:51 - 2021-09-30 23:51 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Y2mate Downloader
2021-09-30 23:51 - 2021-09-30 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Y2mate Downloader
2021-09-30 23:36 - 2021-09-30 23:48 - 000000000 ____D C:\Program Files (x86)\Y2mate
2021-09-30 23:36 - 2021-09-30 23:36 - 000000000 ____D C:\Users\Patrick Anelia\Downloads\Y2mate
2021-09-30 23:35 - 2021-09-30 23:35 - 000000000 ____D C:\Users\Patrick Anelia\Documents\Y2mate
2021-09-30 23:31 - 2021-09-30 23:33 - 006893472 _____ (Y2mate Downloader) C:\Users\Patrick Anelia\Downloads\y2mate_downloader_online_1005_ba28b9c3.exe
2021-09-30 23:22 - 2021-09-30 23:22 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-09-22 14:49 - 2021-09-22 14:49 - 000000000 ____D C:\Users\Patrick Anelia\Desktop\audit
2021-09-22 08:57 - 2021-09-22 09:09 - 000000000 _____ C:\Users\Patrick Anelia\Documents\HP ePrint
2021-09-22 08:57 - 2021-09-22 08:57 - 000000000 ____D C:\Users\Patrick Anelia\HP
2021-09-18 00:18 - 2021-10-05 21:06 - 000004554 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1552434528
2021-09-18 00:15 - 2021-09-18 00:15 - 000000955 _____ C:\Users\Public\Desktop\RadiAnt DICOM Viewer (64-bit).lnk
2021-09-18 00:12 - 2021-09-18 00:13 - 007291600 _____ (Medixant) C:\Users\Patrick Anelia\Downloads\RadiAnt-2021.1-17805-Setup.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-14 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-14 19:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-14 19:29 - 2021-01-18 04:22 - 000798878 _____ C:\WINDOWS\system32\perfh00C.dat
2021-10-14 19:29 - 2021-01-18 04:22 - 000155134 _____ C:\WINDOWS\system32\perfc00C.dat
2021-10-14 19:29 - 2021-01-18 03:56 - 001865706 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-14 19:29 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-14 19:26 - 2021-01-17 22:54 - 000000000 ___HD C:\$GetCurrent
2021-10-14 19:24 - 2018-09-12 18:19 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-14 19:22 - 2018-07-03 17:46 - 000000000 __SHD C:\Users\Patrick Anelia\IntelGraphicsProfiles
2021-10-14 19:22 - 2018-07-03 17:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-10-14 19:20 - 2021-01-18 03:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-14 19:20 - 2020-11-19 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-14 19:20 - 2018-09-08 18:19 - 000000000 ____D C:\ProgramData\Symantec
2021-10-14 19:19 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-14 19:18 - 2021-01-18 03:40 - 000000000 ____D C:\Users\Patrick Anelia
2021-10-14 19:13 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-14 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-14 19:12 - 2017-09-29 14:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-10-14 18:57 - 2018-09-08 14:29 - 000000000 ____D C:\ProgramData\Real
2021-10-14 18:57 - 2018-09-08 14:28 - 000000000 ____D C:\Program Files (x86)\Real
2021-10-14 18:57 - 2018-09-08 14:23 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Real
2021-10-14 18:50 - 2021-01-18 04:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection
2021-10-14 18:44 - 2020-11-19 00:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-14 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-14 15:58 - 2021-01-17 23:24 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\D3DSCache
2021-10-14 15:56 - 2018-09-13 19:06 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\CrashDumps
2021-10-13 22:24 - 2018-07-12 01:47 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\Dropbox
2021-10-13 21:56 - 2018-07-12 01:42 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\Dropbox
2021-10-11 00:40 - 2020-10-15 19:24 - 000000000 ____D C:\Users\Patrick Anelia\Documents\specialisation imagerie
2021-10-10 10:56 - 2020-11-19 00:31 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 10:55 - 2020-11-19 00:31 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-08 13:03 - 2021-02-22 08:27 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-07 23:53 - 2018-07-03 17:46 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\Packages
2021-10-07 23:13 - 2021-01-18 04:16 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4103905783-786974986-1128566019-1001
2021-10-07 23:13 - 2021-01-18 03:40 - 000002413 _____ C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-07 23:09 - 2021-01-18 00:56 - 000000000 ___DC C:\WINDOWS\Panther
2021-10-06 13:53 - 2021-01-18 05:49 - 000000000 ____D C:\Users\Patrick Anelia\Documents\compressed
2021-10-06 10:38 - 2020-11-19 00:28 - 000435152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-06 10:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-06 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-06 10:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-10-06 07:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-05 21:23 - 2018-09-12 18:25 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-05 21:23 - 2018-09-12 18:25 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-05 21:14 - 2018-07-10 16:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-05 20:57 - 2018-07-10 16:41 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-03 03:06 - 2021-07-13 12:50 - 000002671 _____ C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-10-03 03:06 - 2021-07-13 12:50 - 000002634 _____ C:\Users\Patrick Anelia\Desktop\Brave.lnk
2021-10-03 00:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-03 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-02 23:59 - 2020-11-19 00:31 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-02 23:59 - 2020-11-19 00:31 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-01 00:02 - 2021-01-18 04:16 - 000004282 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1536407716
2021-10-01 00:01 - 2018-09-08 12:55 - 000001515 _____ C:\Users\Patrick Anelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2021-09-30 23:56 - 2018-07-03 17:46 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\VirtualStore
2021-09-30 23:13 - 2021-01-18 04:16 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-30 23:13 - 2021-01-18 04:16 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-29 14:28 - 2021-04-27 11:29 - 000000000 ____D C:\Users\Patrick Anelia\Documents\RadiAntDB
2021-09-22 12:34 - 2021-04-27 11:28 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Roaming\RadiantViewer
2021-09-22 09:14 - 2021-04-14 17:44 - 000000000 ____D C:\LJPM11_M13_Full_Solution
2021-09-22 09:09 - 2021-02-28 19:49 - 000000000 ____D C:\Users\Patrick Anelia\AppData\Local\HP
2021-09-18 00:15 - 2021-04-27 11:28 - 000000961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\RadiAnt DICOM Viewer (64-bit).lnk
2021-09-18 00:15 - 2021-04-27 11:28 - 000000000 ____D C:\Program Files\RadiAntViewer64bit
==================== Files in the root of some directories ========
2018-08-05 00:29 - 2018-08-05 00:39 - 160398136 _____ (Apple Inc.) C:\Program Files\iCloudSetup.exe
2018-09-12 18:18 - 2018-09-12 18:18 - 001130840 _____ (Google Inc.) C:\Program Files (x86)\ChromeSetup.exe
2018-09-12 15:33 - 2018-09-12 15:33 - 006996080 _____ (SaveFrom.net ) C:\Program Files (x86)\SFHelper-Setup-[321774698cc7c74f#386#].exe
2021-09-30 23:54 - 2021-09-30 23:54 - 000000012 _____ () C:\Users\Patrick Anelia\AppData\Roaming\35cbb79ee5b98a8ca9c15ec3b0436646
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================