Publicité
Publicité
Commentaire : https://www.cjoint.com/#:~:text=R%C3%A9sultats%20d%27analyse%20de,2022%2014.37.53.txt
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2022
Exécuté par NICOLAS (administrateur) sur LAPTOP-FGLE0HN7 (LENOVO 80T7) (30-05-2022 14:17:26)
Exécuté depuis C:\Users\NICOLAS\Downloads
Profils chargés: NICOLAS
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1706 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\NICOLAS\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230616 2015-11-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-04-22] (LENOVO -> )
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-1056684034-25804902-2605536285-1001\...\Run: [MicrosoftEdgeAutoLaunch_EE7314AB2FAB7C240F841ECFFCD4C24C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547064 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [388792 2016-02-23] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {05CE7A0B-B457-4813-B1A2-8DC926DB2291} - \Microsoft\Windows\PLA\LSC Memory -> Pas de fichier <==== ATTENTION
Task: {0627B6F6-28FF-4F95-9D22-6D74DAA356D2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\777271e5-cc8a-483d-945b-87bee6dafcd4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {0AFCDF25-F120-4DA5-8844-7CED5EE122F8} - \Lenovo\Lenovo Solution Center Launcher -> Pas de fichier <==== ATTENTION
Task: {0BD0F351-4721-4803-B8B3-ED08FD1E709A} - \App Explorer -> Pas de fichier <==== ATTENTION
Task: {1D5DE9C2-9E34-4084-97AB-50D5B11F0053} - \Lenovo\Lenovo Customer Feedback Program 64 35 -> Pas de fichier <==== ATTENTION
Task: {22B6042C-DD13-498A-8D21-0110F94B8365} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2708BB94-854E-4B19-9FE5-904B52D724BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\270ad4e0-c2a7-4db9-92c4-2b81e62f6147 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {2822750E-41F5-4378-B1F6-2727A1EB3FAB} - System32\Tasks\GoogleUpdateTaskMachineCore{3B9CFFAE-F027-484B-8C2F-75F82BC18931} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC)
Task: {2B67B8A9-844E-4990-B5D9-32EA5AA18675} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> Pas de fichier <==== ATTENTION
Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> Pas de fichier <==== ATTENTION
Task: {358BEEC4-2065-47EB-870D-72F81B57C175} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {46F7663B-9BC8-48AC-BA5E-38E8D2CDAFFE} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Pas de fichier <==== ATTENTION
Task: {48A98229-5C8E-4DDD-8139-CF35F7262A95} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> Pas de fichier <==== ATTENTION
Task: {4D6AE9B1-99BC-435D-B708-49BBEB4284E7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cdb5ebe-04ae-4762-8d98-1097e3b422f7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {4DFBD6DD-AC99-4D84-B871-980BD0044620} - \PDVDServ12 Task -> Pas de fichier <==== ATTENTION
Task: {4ED62474-1794-41E8-8CFC-EF847472E4C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5587F1DC-15D0-4331-A673-6EF75E5CD9C0} - \Microsoft\Windows\AppID\SmartScreenSpecific -> Pas de fichier <==== ATTENTION
Task: {62108F85-18CA-4902-B8CB-75971CDB0B3A} - \CyberLink\Photo Master Gadget startup -> Pas de fichier <==== ATTENTION
Task: {6548F5C8-786D-4EC2-9FD3-FA9025D45B92} - \Lenovo\REACHit Agent Update -> Pas de fichier <==== ATTENTION
Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> Pas de fichier <==== ATTENTION
Task: {754CE82A-A246-431B-802C-B7D3486DE43B} - \Lenovo\LSC\Lenovo Solution Center Notifications -> Pas de fichier <==== ATTENTION
Task: {7DB69B72-FB82-4373-B1ED-7786E5AD04FD} - System32\Tasks\GoogleUpdateTaskMachineUA{55917BF7-079C-4796-BB14-BE573DA320A3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC)
Task: {92F49A3A-23B7-474D-AC63-7A8A77280F83} - \Lenovo\REACHit Agent Startup -> Pas de fichier <==== ATTENTION
Task: {AA3EFF6E-7E46-4360-BDC3-00F8A0C6E3D2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B6F2B20A-19E0-4D78-A655-824DB513B00C} - \Lenovo\LSC\LSCHardwareScan -> Pas de fichier <==== ATTENTION
Task: {B93509CA-4C4E-49D1-BAC3-DDFF4C934C26} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {BD3D51B4-19D6-46B0-BB7F-A5E1689F06B8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {C0087A58-710E-4CB8-B649-E6E4B844030A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5208f1b6-981b-4e8f-b91b-dce1f2376ace => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C0C1C407-6785-4D56-B33E-127F08E4850C} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Pas de fichier <==== ATTENTION
Task: {C349BB67-3672-4975-AE02-517BAD9318EE} - \Microsoft\Windows\WindowsUpdate\sih -> Pas de fichier <==== ATTENTION
Task: {E379BAD4-CDDF-4897-8340-91058E78076F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB4E6C95-29EE-4E0E-81D5-8F6ADD11DB62} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Pas de fichier <==== ATTENTION
Task: {F903A328-6730-4FAA-8467-5DC7E7629A90} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ff6ab8af-2a41-495e-9542-ebd2ce4705f0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {FA625267-66E0-464A-AE95-8754007E78AD} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> Pas de fichier <==== ATTENTION
Task: {FC07EE0C-CA8A-4F4C-A9BC-E466AE0069FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{038d4c6e-c271-4f59-b500-d57d0d4c29ff}: [DhcpNameServer] 150.201.1.3
Tcpip\..\Interfaces\{f0f8b683-7089-42f0-b30b-6cedbd039c7e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-30]
Edge Extension: (White Rabbit) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikfjdigkaodnikkepcclccgpbokkmfe [2022-03-27]
Edge Extension: (MEGA) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jemjknhgpjaacbghpdhgchbgccbpkkgf [2022-05-22]
Edge Extension: (Plus) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2022-03-27]
Edge Profile: C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-03-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-27]
CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-22]
CHR Notifications: Profile 1 -> hxxps://www.futura-sciences.com
CHR DefaultSearchURL: Profile 1 -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&enableSearch=true&rdrct=no&redirect=CPC
CHR DefaultSearchKeyword: Profile 1 -> askwebs
CHR DefaultSuggestURL: Profile 1 -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}&enableSearch=true&rdrct=no
CHR Extension: (MEGA) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-05-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-15]
CHR Extension: (Ask Web Search) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hapkhkcjeoklmeklalckjempdbgbagai [2022-04-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-27]
CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-27]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2015-12-10] (LENOVO -> Lenovo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 GoodixTouchDriver; C:\WINDOWS\System32\drivers\GoodixTouchDriver.sys [53760 2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 MpKsl835de01e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF8F6777-89CC-473E-BE5D-88A2A9A74C40}\MpKslDrv.sys [137464 2022-05-30] (Microsoft Windows -> Microsoft Corporation)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 RtkA2dp; C:\WINDOWS\System32\drivers\RtkA2dp.sys [222760 2016-08-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [78616 2016-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [87832 2016-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkHandsfree; C:\WINDOWS\System32\drivers\RtkHandsfree.sys [48680 2016-08-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [282272 2021-03-10] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 USBDEVICEDRV; C:\WINDOWS\system32\drivers\USBDEVICEDRV.sys [94704 2014-01-27] (Future Technology Devices International Ltd -> FTDI Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-30 14:17 - 2022-05-30 14:20 - 000021461 _____ C:\Users\NICOLAS\Downloads\FRST.txt
2022-05-30 14:15 - 2022-05-30 14:19 - 000000000 ____D C:\FRST
2022-05-30 14:14 - 2022-05-30 14:14 - 000001039 _____ C:\Users\NICOLAS\Desktop\FRST64 - Raccourci.lnk
2022-05-30 14:12 - 2022-05-30 14:14 - 002367488 _____ (Farbar) C:\Users\NICOLAS\Downloads\FRST64.exe
2022-05-30 13:56 - 2022-05-30 13:56 - 000265646 _____ C:\Users\NICOLAS\Desktop\ZHPDiag.txt
2022-05-30 13:28 - 2022-05-30 13:56 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\ZHP
2022-05-30 13:28 - 2022-05-30 13:28 - 000000874 _____ C:\Users\NICOLAS\Desktop\ZHPSuite.lnk
2022-05-30 13:28 - 2022-05-30 13:28 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\ZHP
2022-05-30 13:27 - 2022-05-30 13:28 - 003483848 _____ (Nicolas Coolman) C:\Users\NICOLAS\Downloads\ZHPSuite.exe
2022-05-29 11:03 - 2022-05-29 11:03 - 000002719 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barre Edge de Microsoft Edge.lnk
2022-05-18 12:48 - 2022-05-18 12:48 - 000000000 ___RD C:\Users\NICOLAS\Downloads\1253QUANTUMVM.UNRARMETRO_ckbnxvahp5f44!App
2022-05-18 12:42 - 2022-05-18 12:42 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-18 12:40 - 2022-05-18 12:40 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-18 12:39 - 2022-05-18 12:39 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-18 11:37 - 2022-05-18 11:37 - 000000000 ___HD C:\$WinREAgent
2022-05-02 21:08 - 2022-05-02 21:08 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-05-02 21:08 - 2022-05-02 21:08 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-20 13:33 - 2022-04-20 13:33 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-20 13:32 - 2022-04-20 13:32 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-20 13:30 - 2022-04-20 13:30 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-08 09:22 - 2022-05-29 10:18 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\CrashDumps
2022-04-04 10:33 - 2022-04-04 10:55 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\mbam
2022-04-03 15:01 - 2022-04-03 15:01 - 000314441 _____ C:\Users\NICOLAS\Downloads\fiche-de-cours.htm
2022-04-02 14:57 - 2022-04-02 14:57 - 000084766 _____ C:\Users\NICOLAS\Downloads\photo-pyramide-de-gizeh-dm7915.webp
2022-04-02 14:53 - 2022-04-02 14:53 - 000115478 _____ C:\Users\NICOLAS\Downloads\11452165.webp
2022-04-02 14:48 - 2022-04-02 14:48 - 000102323 _____ C:\Users\NICOLAS\Downloads\File_Louvre-antiquites-egyptiennes-p1020372-gradient.htm
2022-03-30 09:21 - 2022-05-18 12:28 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\PlaceholderTileLogoFolder
2022-03-29 11:10 - 2022-04-08 08:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-29 10:44 - 2022-03-29 10:44 - 000001944 _____ C:\Users\NICOLAS\Desktop\PC Health Check.lnk
2022-03-29 10:44 - 2022-03-29 10:44 - 000001362 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-03-29 10:44 - 2022-03-29 10:44 - 000000000 ___RD C:\Users\NICOLAS\AppData\Local\PCHealthCheck
2022-03-29 10:33 - 2022-03-29 10:33 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\OneDrive
2022-03-28 11:24 - 2022-03-28 11:24 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\D3DSCache
2022-03-28 10:53 - 2022-05-18 11:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-27 17:13 - 2022-03-27 17:13 - 000000000 ___HD C:\OneDriveTemp
2022-03-27 17:12 - 2022-03-27 17:12 - 000000000 ____D C:\Users\Public\Lenovo App Explorer
2022-03-27 14:23 - 2022-05-18 13:07 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-27 14:23 - 2022-05-18 13:07 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-27 14:22 - 2022-03-27 14:22 - 000000000 ____D C:\Program Files\Google
2022-03-27 14:20 - 2022-04-25 16:16 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{55917BF7-079C-4796-BB14-BE573DA320A3}
2022-03-27 14:20 - 2022-04-25 16:16 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3B9CFFAE-F027-484B-8C2F-75F82BC18931}
2022-03-27 14:19 - 2022-05-30 14:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-27 14:19 - 2022-03-30 10:26 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Google
2022-03-27 10:55 - 2022-03-27 10:55 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\LSC
2022-03-27 10:45 - 2022-03-27 11:02 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Lenovo
2022-03-27 10:45 - 2022-03-27 10:45 - 000000000 ____D C:\Users\NICOLAS\REACHit
2022-03-27 10:41 - 2022-03-27 13:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-03-27 10:41 - 2022-03-27 10:41 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\CyberLink
2022-03-26 12:04 - 2022-03-26 12:04 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Comms
2022-03-25 19:16 - 2022-03-25 19:17 - 000000000 ____D C:\ProgramData\HP
2022-03-24 20:51 - 2022-05-20 11:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1056684034-25804902-2605536285-1001
2022-03-24 20:50 - 2022-05-20 11:45 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1056684034-25804902-2605536285-1001
2022-03-24 20:47 - 2022-03-24 20:47 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Power2Go8
2022-03-24 20:42 - 2022-03-24 20:42 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Publishers
2022-03-24 20:41 - 2022-05-18 13:14 - 000000000 ____D C:\ProgramData\Packages
2022-03-24 20:37 - 2022-05-18 13:18 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Packages
2022-03-24 20:37 - 2022-05-18 11:48 - 000000000 ____D C:\Users\NICOLAS\Documents\My Bluetooth
2022-03-24 20:37 - 2022-03-24 20:37 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\Adobe
2022-03-24 20:37 - 2022-03-24 20:37 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\VirtualStore
2022-03-24 20:36 - 2022-03-25 19:11 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\ConnectedDevicesPlatform
2022-03-24 20:36 - 2022-03-24 20:36 - 000000020 ___SH C:\Users\NICOLAS\ntuser.ini
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\Default User
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\All Users
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Modèles
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Menu Démarrer
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Bureau
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Program Files\Fichiers communs
2022-03-24 17:26 - 2022-03-24 17:26 - 000010168 _____ C:\Users\defaultuser100000\Desktop\Applications supprimées.html
2022-03-24 17:20 - 2022-03-24 17:20 - 000023108 _____ C:\WINDOWS\system32\emptyregdb.dat
2022-03-24 16:39 - 2022-05-30 11:00 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Host App Service
2022-03-24 16:39 - 2022-05-20 11:45 - 000002430 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-24 16:39 - 2022-03-27 10:45 - 000000000 ____D C:\Users\NICOLAS
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Voisinage réseau
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Voisinage d'impression
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Modèles
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Mes documents
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Menu Démarrer
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Mes vidéos
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Mes images
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Ma musique
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\AppData\Local\Historique
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage réseau
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage d'impression
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Modèles
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Mes documents
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Menu Démarrer
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes vidéos
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes images
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Ma musique
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Local\Historique
2022-03-24 16:38 - 2022-03-24 17:23 - 000000000 ____D C:\Users\defaultuser100000
2022-03-24 16:38 - 2022-03-24 16:18 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Host App Service
2022-03-24 16:38 - 2019-12-07 11:10 - 000001105 _____ C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-24 16:11 - 2022-03-24 16:11 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-03-24 15:32 - 2022-03-24 15:33 - 000000000 ____D C:\Program Files\Realtek
2022-03-24 15:32 - 2022-03-24 15:32 - 000241015 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____D C:\WINDOWS\system32\DAX3
2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-03-24 15:31 - 2022-05-30 10:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-03-24 15:31 - 2022-03-24 16:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-03-24 15:31 - 2022-03-24 16:12 - 000000000 ____D C:\Program Files\Intel
2022-03-24 15:31 - 2022-03-24 15:31 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2022-03-24 15:31 - 2022-03-24 15:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2022-03-24 15:31 - 2022-03-24 15:31 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2022-03-24 15:31 - 2017-06-12 02:56 - 000103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2022-03-24 15:31 - 2017-06-12 02:56 - 000099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2022-03-24 15:29 - 2022-05-02 21:07 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-24 15:29 - 2022-05-02 21:07 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-24 15:28 - 2022-03-24 16:18 - 000000000 ____D C:\ProgramData\Realtek
2022-03-24 15:27 - 2022-05-19 15:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-24 15:27 - 2022-04-25 16:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-24 14:58 - 2022-05-23 15:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-24 14:58 - 2022-05-18 16:02 - 000258768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-24 14:56 - 2015-04-28 20:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2022-03-24 14:54 - 2022-03-24 18:32 - 000000000 ____D C:\WINDOWS\Panther
2022-03-24 14:23 - 2022-03-28 11:26 - 000000000 ____D C:\Windows.old
2022-03-24 14:21 - 2022-03-24 14:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-03-24 14:18 - 2022-03-24 14:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2022-03-24 14:17 - 2022-03-24 14:17 - 000000000 ____D C:\WINDOWS\Lenovo
2022-03-24 14:16 - 2022-03-24 15:30 - 000000000 ____D C:\Program Files\Elantech
2022-03-24 14:14 - 2022-03-24 14:14 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-03-24 14:12 - 2022-03-24 14:12 - 000000000 ____D C:\WINDOWS\Setup
2022-03-24 14:10 - 2022-03-24 18:32 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-03-24 14:10 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\OCR
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ___RD C:\WINDOWS\WebManagement
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\addins
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\ProgramData\ssh
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files\MSBuild
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-03-24 14:08 - 2022-05-19 15:45 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-24 14:08 - 2022-05-19 15:45 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-24 14:08 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2022-03-24 14:08 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\fr
2022-03-24 14:08 - 2022-03-24 14:07 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat
2022-03-24 14:08 - 2022-03-24 14:07 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\system32\0409
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\DigitalLocker
2022-03-24 13:53 - 2022-05-19 15:37 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\Provisioning
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-24 13:53 - 2022-03-30 10:25 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-24 13:53 - 2022-03-25 19:12 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-03-24 13:53 - 2022-03-24 17:26 - 000000000 ____D C:\WINDOWS\Registration
2022-03-24 13:53 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\system32\spool
2022-03-24 13:53 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\Resources
2022-03-24 13:53 - 2022-03-24 14:51 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-03-24 13:53 - 2022-03-24 14:50 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SystemApps
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Com
2022-03-24 13:53 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\system32\Nui
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Web
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\WaaS
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Vss
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\tracing
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\TAPI
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\winevt
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ti-et
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\si-lk
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ras
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\my-mm
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\IME
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\icsxml
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ias
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\DriverState
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\am-et
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\System
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SKB
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\security
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\schemas
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SchCache
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\rescache
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\PLA
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Performance
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-03-24 13:53 - 2022-03-24 13:47 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2022-03-24 13:53 - 2022-03-24 13:47 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2022-03-24 13:53 - 2022-03-24 13:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-03-24 13:53 - 2022-03-24 13:47 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2022-03-24 13:53 - 2022-03-24 13:47 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2022-03-24 13:53 - 2022-03-24 13:47 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2022-03-24 13:53 - 2022-03-24 13:47 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2022-03-24 13:53 - 2022-03-24 13:47 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2022-03-24 13:53 - 2022-03-24 13:47 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2022-03-24 13:52 - 2022-05-30 13:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-24 13:52 - 2022-05-30 13:49 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-24 13:52 - 2022-05-30 13:49 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-24 13:52 - 2022-04-25 16:15 - 000000000 ____D C:\Program Files\Windows Defender
2022-03-24 13:52 - 2022-04-20 17:00 - 000000000 ___RD C:\Program Files (x86)
2022-03-24 13:52 - 2022-04-20 16:35 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-24 13:52 - 2022-03-27 10:43 - 000000000 ____D C:\WINDOWS\appcompat
2022-03-24 13:52 - 2022-03-24 17:34 - 000000000 ____D C:\Program Files\Windows NT
2022-03-24 13:52 - 2022-03-24 17:20 - 000000000 __RHD C:\Users\Public\Libraries
2022-03-24 13:52 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\Help
2022-03-24 13:52 - 2022-03-24 16:18 - 000000000 ____D C:\ProgramData\USOPrivate
2022-03-24 13:52 - 2022-03-24 16:12 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-03-24 13:52 - 2022-03-24 15:08 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-24 13:52 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\WINDOWS\IME
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-03-24 13:52 - 2022-03-24 14:04 - 000000000 ____D C:\Program Files (x86)\Windows NT
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 __RSD C:\WINDOWS\Media
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\L2Schemas
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\IdentityCRL
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Cursors
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Common Files\Services
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\InputMethod
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Globalization
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Containers
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Branding
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\ProgramData\USOShared
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\Program Files\Windows Security
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2022-03-24 13:49 - 2022-05-23 11:15 - 000000000 ____D C:\WINDOWS\INF
2022-03-24 13:36 - 2022-05-18 13:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-24 13:21 - 2022-05-18 16:12 - 084672512 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-03-24 13:21 - 2022-05-18 16:12 - 019660800 _____ C:\WINDOWS\system32\config\SYSTEM
2022-03-24 13:21 - 2022-05-18 16:12 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2022-03-24 13:21 - 2022-05-18 16:12 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-03-24 13:21 - 2022-05-18 16:12 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2022-03-24 13:21 - 2022-05-18 16:12 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2022-03-24 13:21 - 2022-04-20 14:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-24 13:21 - 2022-03-29 11:09 - 000000000 ____D C:\WINDOWS\servicing
2022-03-24 13:21 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\SMI
2022-03-18 12:52 - 2022-03-18 12:52 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-18 12:51 - 2022-03-18 12:51 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-18 12:50 - 2022-03-18 12:50 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-18 12:49 - 2022-03-18 12:49 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-10 12:21 - 2022-03-10 12:21 - 000000751 _____ C:\Users\NICOLAS\Downloads\Musique - Raccourci.lnk
2022-03-10 12:04 - 2022-03-10 12:42 - 000001631 _____ C:\Users\NICOLAS\Desktop\Driver.lnk
2022-03-10 12:04 - 2022-03-10 12:04 - 000000000 ____D C:\APPLIC
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-30 12:37 - 2021-01-25 19:27 - 000000000 ____D C:\Users\NICOLAS\Documents\1 DOSSIER NICOLAS
2022-05-30 10:53 - 2019-03-13 21:37 - 000000000 __SHD C:\Users\NICOLAS\IntelGraphicsProfiles
2022-05-20 11:44 - 2020-06-25 09:56 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-20 11:44 - 2020-06-25 09:56 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-05-19 15:45 - 2015-11-03 21:28 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-19 15:37 - 2020-09-24 19:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-18 13:30 - 2020-12-18 09:22 - 000000000 ____D C:\Users\NICOLAS\Documents\2 DOSSIER SANDRA
==================== Fichiers à la racine de certains dossiers ========
2022-03-24 20:37 - 2022-05-30 10:55 - 000178034 _____ () C:\Users\NICOLAS\AppData\Local\BTServer.log
==================== SigCheckExt =========================
2016-04-22 19:11 - 2016-01-18 08:33 - 000189440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4364.dll
2016-06-06 03:26 - 2016-01-27 14:29 - 000001700 _____ C:\WINDOWS\system32\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll
2016-06-06 03:26 - 2016-03-10 10:25 - 000037084 _____ C:\WINDOWS\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll
2016-06-06 03:26 - 2016-01-27 14:20 - 000022232 _____ C:\WINDOWS\system32\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2016-06-06 03:24 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2015-09-03 10:59 - 2015-09-03 10:59 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2022-05-30 14:12 - 2022-05-30 14:14 - 002367488 _____ (Farbar) C:\Users\NICOLAS\Downloads\FRST64.exe
2022-05-30 13:27 - 2022-05-30 13:28 - 003483848 _____ (Nicolas Coolman) C:\Users\NICOLAS\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{9426218e-2bd5-11e6-9cc7-806e6f6e6963}
{7783abf5-b87d-11e6-af14-806e6f6e6963}
{9426218c-2bd5-11e6-9cc7-806e6f6e6963}
{9426218d-2bd5-11e6-9cc7-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {393f3b06-ab6d-11ec-a791-f405824e5376}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {539b7b80-88a9-11e6-af0b-806e6f6e6963}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description EFI Network 0 for IPv6 (C8-5B-76-0F-60-26)
Application logicielle (101fffff)
--------------------------------
identificateur {7783abf4-b87d-11e6-af14-806e6f6e6963}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Application logicielle (101fffff)
--------------------------------
identificateur {7783abf5-b87d-11e6-af14-806e6f6e6963}
device partition=\Device\HarddiskVolume7
path \EFI\Microsoft\Boot\LrsBootMgr.efi
description Lenovo Recovery System
Application logicielle (101fffff)
--------------------------------
identificateur {7783abf6-b87d-11e6-af14-806e6f6e6963}
description EFI Network 0 for IPv4 (C8-5B-76-0F-60-26)
Application logicielle (101fffff)
--------------------------------
identificateur {9426218c-2bd5-11e6-9cc7-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {9426218d-2bd5-11e6-9cc7-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {9426218e-2bd5-11e6-9cc7-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {09647ae6-fe91-11ea-a26e-fdb38a979b42}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{09647ae7-fe91-11ea-a26e-fdb38a979b42}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{09647ae7-fe91-11ea-a26e-fdb38a979b42}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {09647ae6-fe91-11ea-a26e-fdb38a979b42}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {393f3b06-ab6d-11ec-a791-f405824e5376}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {393f3b06-ab6d-11ec-a791-f405824e5376}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {09647ae6-fe91-11ea-a26e-fdb38a979b42}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {09647ae7-fe91-11ea-a26e-fdb38a979b42}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par NICOLAS (administrateur) sur LAPTOP-FGLE0HN7 (LENOVO 80T7) (30-05-2022 14:17:26)
Exécuté depuis C:\Users\NICOLAS\Downloads
Profils chargés: NICOLAS
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1706 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\NICOLAS\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230616 2015-11-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-04-22] (LENOVO -> )
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-1056684034-25804902-2605536285-1001\...\Run: [MicrosoftEdgeAutoLaunch_EE7314AB2FAB7C240F841ECFFCD4C24C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547064 2022-05-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [388792 2016-02-23] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {05CE7A0B-B457-4813-B1A2-8DC926DB2291} - \Microsoft\Windows\PLA\LSC Memory -> Pas de fichier <==== ATTENTION
Task: {0627B6F6-28FF-4F95-9D22-6D74DAA356D2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\777271e5-cc8a-483d-945b-87bee6dafcd4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {0AFCDF25-F120-4DA5-8844-7CED5EE122F8} - \Lenovo\Lenovo Solution Center Launcher -> Pas de fichier <==== ATTENTION
Task: {0BD0F351-4721-4803-B8B3-ED08FD1E709A} - \App Explorer -> Pas de fichier <==== ATTENTION
Task: {1D5DE9C2-9E34-4084-97AB-50D5B11F0053} - \Lenovo\Lenovo Customer Feedback Program 64 35 -> Pas de fichier <==== ATTENTION
Task: {22B6042C-DD13-498A-8D21-0110F94B8365} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2708BB94-854E-4B19-9FE5-904B52D724BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\270ad4e0-c2a7-4db9-92c4-2b81e62f6147 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {2822750E-41F5-4378-B1F6-2727A1EB3FAB} - System32\Tasks\GoogleUpdateTaskMachineCore{3B9CFFAE-F027-484B-8C2F-75F82BC18931} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC)
Task: {2B67B8A9-844E-4990-B5D9-32EA5AA18675} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> Pas de fichier <==== ATTENTION
Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> Pas de fichier <==== ATTENTION
Task: {358BEEC4-2065-47EB-870D-72F81B57C175} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {46F7663B-9BC8-48AC-BA5E-38E8D2CDAFFE} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Pas de fichier <==== ATTENTION
Task: {48A98229-5C8E-4DDD-8139-CF35F7262A95} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> Pas de fichier <==== ATTENTION
Task: {4D6AE9B1-99BC-435D-B708-49BBEB4284E7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cdb5ebe-04ae-4762-8d98-1097e3b422f7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {4DFBD6DD-AC99-4D84-B871-980BD0044620} - \PDVDServ12 Task -> Pas de fichier <==== ATTENTION
Task: {4ED62474-1794-41E8-8CFC-EF847472E4C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5587F1DC-15D0-4331-A673-6EF75E5CD9C0} - \Microsoft\Windows\AppID\SmartScreenSpecific -> Pas de fichier <==== ATTENTION
Task: {62108F85-18CA-4902-B8CB-75971CDB0B3A} - \CyberLink\Photo Master Gadget startup -> Pas de fichier <==== ATTENTION
Task: {6548F5C8-786D-4EC2-9FD3-FA9025D45B92} - \Lenovo\REACHit Agent Update -> Pas de fichier <==== ATTENTION
Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> Pas de fichier <==== ATTENTION
Task: {754CE82A-A246-431B-802C-B7D3486DE43B} - \Lenovo\LSC\Lenovo Solution Center Notifications -> Pas de fichier <==== ATTENTION
Task: {7DB69B72-FB82-4373-B1ED-7786E5AD04FD} - System32\Tasks\GoogleUpdateTaskMachineUA{55917BF7-079C-4796-BB14-BE573DA320A3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC)
Task: {92F49A3A-23B7-474D-AC63-7A8A77280F83} - \Lenovo\REACHit Agent Startup -> Pas de fichier <==== ATTENTION
Task: {AA3EFF6E-7E46-4360-BDC3-00F8A0C6E3D2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B6F2B20A-19E0-4D78-A655-824DB513B00C} - \Lenovo\LSC\LSCHardwareScan -> Pas de fichier <==== ATTENTION
Task: {B93509CA-4C4E-49D1-BAC3-DDFF4C934C26} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {BD3D51B4-19D6-46B0-BB7F-A5E1689F06B8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {C0087A58-710E-4CB8-B649-E6E4B844030A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5208f1b6-981b-4e8f-b91b-dce1f2376ace => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C0C1C407-6785-4D56-B33E-127F08E4850C} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Pas de fichier <==== ATTENTION
Task: {C349BB67-3672-4975-AE02-517BAD9318EE} - \Microsoft\Windows\WindowsUpdate\sih -> Pas de fichier <==== ATTENTION
Task: {E379BAD4-CDDF-4897-8340-91058E78076F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB4E6C95-29EE-4E0E-81D5-8F6ADD11DB62} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Pas de fichier <==== ATTENTION
Task: {F903A328-6730-4FAA-8467-5DC7E7629A90} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ff6ab8af-2a41-495e-9542-ebd2ce4705f0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {FA625267-66E0-464A-AE95-8754007E78AD} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> Pas de fichier <==== ATTENTION
Task: {FC07EE0C-CA8A-4F4C-A9BC-E466AE0069FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{038d4c6e-c271-4f59-b500-d57d0d4c29ff}: [DhcpNameServer] 150.201.1.3
Tcpip\..\Interfaces\{f0f8b683-7089-42f0-b30b-6cedbd039c7e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-30]
Edge Extension: (White Rabbit) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikfjdigkaodnikkepcclccgpbokkmfe [2022-03-27]
Edge Extension: (MEGA) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jemjknhgpjaacbghpdhgchbgccbpkkgf [2022-05-22]
Edge Extension: (Plus) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2022-03-27]
Edge Profile: C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-03-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-27]
CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-22]
CHR Notifications: Profile 1 -> hxxps://www.futura-sciences.com
CHR DefaultSearchURL: Profile 1 -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&enableSearch=true&rdrct=no&redirect=CPC
CHR DefaultSearchKeyword: Profile 1 -> askwebs
CHR DefaultSuggestURL: Profile 1 -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}&enableSearch=true&rdrct=no
CHR Extension: (MEGA) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-05-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-15]
CHR Extension: (Ask Web Search) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hapkhkcjeoklmeklalckjempdbgbagai [2022-04-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-27]
CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-27]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2015-12-10] (LENOVO -> Lenovo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 GoodixTouchDriver; C:\WINDOWS\System32\drivers\GoodixTouchDriver.sys [53760 2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 MpKsl835de01e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF8F6777-89CC-473E-BE5D-88A2A9A74C40}\MpKslDrv.sys [137464 2022-05-30] (Microsoft Windows -> Microsoft Corporation)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 RtkA2dp; C:\WINDOWS\System32\drivers\RtkA2dp.sys [222760 2016-08-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [78616 2016-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [87832 2016-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkHandsfree; C:\WINDOWS\System32\drivers\RtkHandsfree.sys [48680 2016-08-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [282272 2021-03-10] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 USBDEVICEDRV; C:\WINDOWS\system32\drivers\USBDEVICEDRV.sys [94704 2014-01-27] (Future Technology Devices International Ltd -> FTDI Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-30 14:17 - 2022-05-30 14:20 - 000021461 _____ C:\Users\NICOLAS\Downloads\FRST.txt
2022-05-30 14:15 - 2022-05-30 14:19 - 000000000 ____D C:\FRST
2022-05-30 14:14 - 2022-05-30 14:14 - 000001039 _____ C:\Users\NICOLAS\Desktop\FRST64 - Raccourci.lnk
2022-05-30 14:12 - 2022-05-30 14:14 - 002367488 _____ (Farbar) C:\Users\NICOLAS\Downloads\FRST64.exe
2022-05-30 13:56 - 2022-05-30 13:56 - 000265646 _____ C:\Users\NICOLAS\Desktop\ZHPDiag.txt
2022-05-30 13:28 - 2022-05-30 13:56 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\ZHP
2022-05-30 13:28 - 2022-05-30 13:28 - 000000874 _____ C:\Users\NICOLAS\Desktop\ZHPSuite.lnk
2022-05-30 13:28 - 2022-05-30 13:28 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\ZHP
2022-05-30 13:27 - 2022-05-30 13:28 - 003483848 _____ (Nicolas Coolman) C:\Users\NICOLAS\Downloads\ZHPSuite.exe
2022-05-29 11:03 - 2022-05-29 11:03 - 000002719 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barre Edge de Microsoft Edge.lnk
2022-05-18 12:48 - 2022-05-18 12:48 - 000000000 ___RD C:\Users\NICOLAS\Downloads\1253QUANTUMVM.UNRARMETRO_ckbnxvahp5f44!App
2022-05-18 12:42 - 2022-05-18 12:42 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-18 12:40 - 2022-05-18 12:40 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-18 12:39 - 2022-05-18 12:39 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-18 11:37 - 2022-05-18 11:37 - 000000000 ___HD C:\$WinREAgent
2022-05-02 21:08 - 2022-05-02 21:08 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-05-02 21:08 - 2022-05-02 21:08 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-20 13:33 - 2022-04-20 13:33 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-20 13:32 - 2022-04-20 13:32 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-20 13:30 - 2022-04-20 13:30 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-08 09:22 - 2022-05-29 10:18 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\CrashDumps
2022-04-04 10:33 - 2022-04-04 10:55 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\mbam
2022-04-03 15:01 - 2022-04-03 15:01 - 000314441 _____ C:\Users\NICOLAS\Downloads\fiche-de-cours.htm
2022-04-02 14:57 - 2022-04-02 14:57 - 000084766 _____ C:\Users\NICOLAS\Downloads\photo-pyramide-de-gizeh-dm7915.webp
2022-04-02 14:53 - 2022-04-02 14:53 - 000115478 _____ C:\Users\NICOLAS\Downloads\11452165.webp
2022-04-02 14:48 - 2022-04-02 14:48 - 000102323 _____ C:\Users\NICOLAS\Downloads\File_Louvre-antiquites-egyptiennes-p1020372-gradient.htm
2022-03-30 09:21 - 2022-05-18 12:28 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\PlaceholderTileLogoFolder
2022-03-29 11:10 - 2022-04-08 08:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-29 10:44 - 2022-03-29 10:44 - 000001944 _____ C:\Users\NICOLAS\Desktop\PC Health Check.lnk
2022-03-29 10:44 - 2022-03-29 10:44 - 000001362 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-03-29 10:44 - 2022-03-29 10:44 - 000000000 ___RD C:\Users\NICOLAS\AppData\Local\PCHealthCheck
2022-03-29 10:33 - 2022-03-29 10:33 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\OneDrive
2022-03-28 11:24 - 2022-03-28 11:24 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\D3DSCache
2022-03-28 10:53 - 2022-05-18 11:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-27 17:13 - 2022-03-27 17:13 - 000000000 ___HD C:\OneDriveTemp
2022-03-27 17:12 - 2022-03-27 17:12 - 000000000 ____D C:\Users\Public\Lenovo App Explorer
2022-03-27 14:23 - 2022-05-18 13:07 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-27 14:23 - 2022-05-18 13:07 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-27 14:22 - 2022-03-27 14:22 - 000000000 ____D C:\Program Files\Google
2022-03-27 14:20 - 2022-04-25 16:16 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{55917BF7-079C-4796-BB14-BE573DA320A3}
2022-03-27 14:20 - 2022-04-25 16:16 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3B9CFFAE-F027-484B-8C2F-75F82BC18931}
2022-03-27 14:19 - 2022-05-30 14:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-27 14:19 - 2022-03-30 10:26 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Google
2022-03-27 10:55 - 2022-03-27 10:55 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\LSC
2022-03-27 10:45 - 2022-03-27 11:02 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Lenovo
2022-03-27 10:45 - 2022-03-27 10:45 - 000000000 ____D C:\Users\NICOLAS\REACHit
2022-03-27 10:41 - 2022-03-27 13:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-03-27 10:41 - 2022-03-27 10:41 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\CyberLink
2022-03-26 12:04 - 2022-03-26 12:04 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Comms
2022-03-25 19:16 - 2022-03-25 19:17 - 000000000 ____D C:\ProgramData\HP
2022-03-24 20:51 - 2022-05-20 11:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1056684034-25804902-2605536285-1001
2022-03-24 20:50 - 2022-05-20 11:45 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1056684034-25804902-2605536285-1001
2022-03-24 20:47 - 2022-03-24 20:47 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Power2Go8
2022-03-24 20:42 - 2022-03-24 20:42 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Publishers
2022-03-24 20:41 - 2022-05-18 13:14 - 000000000 ____D C:\ProgramData\Packages
2022-03-24 20:37 - 2022-05-18 13:18 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Packages
2022-03-24 20:37 - 2022-05-18 11:48 - 000000000 ____D C:\Users\NICOLAS\Documents\My Bluetooth
2022-03-24 20:37 - 2022-03-24 20:37 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\Adobe
2022-03-24 20:37 - 2022-03-24 20:37 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\VirtualStore
2022-03-24 20:36 - 2022-03-25 19:11 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\ConnectedDevicesPlatform
2022-03-24 20:36 - 2022-03-24 20:36 - 000000020 ___SH C:\Users\NICOLAS\ntuser.ini
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\Default User
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\All Users
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Modèles
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Menu Démarrer
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Bureau
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Program Files\Fichiers communs
2022-03-24 17:26 - 2022-03-24 17:26 - 000010168 _____ C:\Users\defaultuser100000\Desktop\Applications supprimées.html
2022-03-24 17:20 - 2022-03-24 17:20 - 000023108 _____ C:\WINDOWS\system32\emptyregdb.dat
2022-03-24 16:39 - 2022-05-30 11:00 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Host App Service
2022-03-24 16:39 - 2022-05-20 11:45 - 000002430 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-24 16:39 - 2022-03-27 10:45 - 000000000 ____D C:\Users\NICOLAS
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Voisinage réseau
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Voisinage d'impression
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Modèles
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Mes documents
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Menu Démarrer
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Mes vidéos
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Mes images
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Ma musique
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\AppData\Local\Historique
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage réseau
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage d'impression
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Modèles
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Mes documents
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Menu Démarrer
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes vidéos
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes images
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Ma musique
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Local\Historique
2022-03-24 16:38 - 2022-03-24 17:23 - 000000000 ____D C:\Users\defaultuser100000
2022-03-24 16:38 - 2022-03-24 16:18 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Host App Service
2022-03-24 16:38 - 2019-12-07 11:10 - 000001105 _____ C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-24 16:11 - 2022-03-24 16:11 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-03-24 15:32 - 2022-03-24 15:33 - 000000000 ____D C:\Program Files\Realtek
2022-03-24 15:32 - 2022-03-24 15:32 - 000241015 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____D C:\WINDOWS\system32\DAX3
2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-03-24 15:31 - 2022-05-30 10:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-03-24 15:31 - 2022-03-24 16:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-03-24 15:31 - 2022-03-24 16:12 - 000000000 ____D C:\Program Files\Intel
2022-03-24 15:31 - 2022-03-24 15:31 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2022-03-24 15:31 - 2022-03-24 15:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2022-03-24 15:31 - 2022-03-24 15:31 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2022-03-24 15:31 - 2017-06-12 02:56 - 000103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2022-03-24 15:31 - 2017-06-12 02:56 - 000099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2022-03-24 15:29 - 2022-05-02 21:07 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-24 15:29 - 2022-05-02 21:07 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-24 15:28 - 2022-03-24 16:18 - 000000000 ____D C:\ProgramData\Realtek
2022-03-24 15:27 - 2022-05-19 15:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-24 15:27 - 2022-04-25 16:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-24 14:58 - 2022-05-23 15:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-24 14:58 - 2022-05-18 16:02 - 000258768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-24 14:56 - 2015-04-28 20:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2022-03-24 14:54 - 2022-03-24 18:32 - 000000000 ____D C:\WINDOWS\Panther
2022-03-24 14:23 - 2022-03-28 11:26 - 000000000 ____D C:\Windows.old
2022-03-24 14:21 - 2022-03-24 14:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-03-24 14:18 - 2022-03-24 14:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2022-03-24 14:17 - 2022-03-24 14:17 - 000000000 ____D C:\WINDOWS\Lenovo
2022-03-24 14:16 - 2022-03-24 15:30 - 000000000 ____D C:\Program Files\Elantech
2022-03-24 14:14 - 2022-03-24 14:14 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-03-24 14:12 - 2022-03-24 14:12 - 000000000 ____D C:\WINDOWS\Setup
2022-03-24 14:10 - 2022-03-24 18:32 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-03-24 14:10 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\OCR
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ___RD C:\WINDOWS\WebManagement
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\addins
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\ProgramData\ssh
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files\MSBuild
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-03-24 14:08 - 2022-05-19 15:45 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-24 14:08 - 2022-05-19 15:45 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-24 14:08 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2022-03-24 14:08 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\fr
2022-03-24 14:08 - 2022-03-24 14:07 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat
2022-03-24 14:08 - 2022-03-24 14:07 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\system32\0409
2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\DigitalLocker
2022-03-24 13:53 - 2022-05-19 15:37 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\Provisioning
2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-24 13:53 - 2022-03-30 10:25 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-24 13:53 - 2022-03-25 19:12 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-03-24 13:53 - 2022-03-24 17:26 - 000000000 ____D C:\WINDOWS\Registration
2022-03-24 13:53 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\system32\spool
2022-03-24 13:53 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\Resources
2022-03-24 13:53 - 2022-03-24 14:51 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-03-24 13:53 - 2022-03-24 14:50 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SystemApps
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Com
2022-03-24 13:53 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\system32\Nui
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Web
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\WaaS
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Vss
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\tracing
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\TAPI
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\winevt
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ti-et
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\si-lk
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ras
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\my-mm
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\IME
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\icsxml
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ias
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\DriverState
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\am-et
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\System
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SKB
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\security
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\schemas
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SchCache
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\rescache
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\PLA
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Performance
2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-03-24 13:53 - 2022-03-24 13:47 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2022-03-24 13:53 - 2022-03-24 13:47 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2022-03-24 13:53 - 2022-03-24 13:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-03-24 13:53 - 2022-03-24 13:47 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2022-03-24 13:53 - 2022-03-24 13:47 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2022-03-24 13:53 - 2022-03-24 13:47 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2022-03-24 13:53 - 2022-03-24 13:47 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2022-03-24 13:53 - 2022-03-24 13:47 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2022-03-24 13:53 - 2022-03-24 13:47 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2022-03-24 13:52 - 2022-05-30 13:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-24 13:52 - 2022-05-30 13:49 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-24 13:52 - 2022-05-30 13:49 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-24 13:52 - 2022-04-25 16:15 - 000000000 ____D C:\Program Files\Windows Defender
2022-03-24 13:52 - 2022-04-20 17:00 - 000000000 ___RD C:\Program Files (x86)
2022-03-24 13:52 - 2022-04-20 16:35 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-24 13:52 - 2022-03-27 10:43 - 000000000 ____D C:\WINDOWS\appcompat
2022-03-24 13:52 - 2022-03-24 17:34 - 000000000 ____D C:\Program Files\Windows NT
2022-03-24 13:52 - 2022-03-24 17:20 - 000000000 __RHD C:\Users\Public\Libraries
2022-03-24 13:52 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\Help
2022-03-24 13:52 - 2022-03-24 16:18 - 000000000 ____D C:\ProgramData\USOPrivate
2022-03-24 13:52 - 2022-03-24 16:12 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-03-24 13:52 - 2022-03-24 15:08 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-24 13:52 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\WINDOWS\IME
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-03-24 13:52 - 2022-03-24 14:04 - 000000000 ____D C:\Program Files (x86)\Windows NT
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 __RSD C:\WINDOWS\Media
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\L2Schemas
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\IdentityCRL
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Cursors
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Windows Portable Devices
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Common Files\Services
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\InputMethod
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Globalization
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Containers
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Branding
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\ProgramData\USOShared
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\Program Files\Windows Security
2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2022-03-24 13:49 - 2022-05-23 11:15 - 000000000 ____D C:\WINDOWS\INF
2022-03-24 13:36 - 2022-05-18 13:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-24 13:21 - 2022-05-18 16:12 - 084672512 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-03-24 13:21 - 2022-05-18 16:12 - 019660800 _____ C:\WINDOWS\system32\config\SYSTEM
2022-03-24 13:21 - 2022-05-18 16:12 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2022-03-24 13:21 - 2022-05-18 16:12 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-03-24 13:21 - 2022-05-18 16:12 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2022-03-24 13:21 - 2022-05-18 16:12 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2022-03-24 13:21 - 2022-04-20 14:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-24 13:21 - 2022-03-29 11:09 - 000000000 ____D C:\WINDOWS\servicing
2022-03-24 13:21 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\SMI
2022-03-18 12:52 - 2022-03-18 12:52 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-18 12:51 - 2022-03-18 12:51 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-18 12:50 - 2022-03-18 12:50 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-18 12:49 - 2022-03-18 12:49 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-10 12:21 - 2022-03-10 12:21 - 000000751 _____ C:\Users\NICOLAS\Downloads\Musique - Raccourci.lnk
2022-03-10 12:04 - 2022-03-10 12:42 - 000001631 _____ C:\Users\NICOLAS\Desktop\Driver.lnk
2022-03-10 12:04 - 2022-03-10 12:04 - 000000000 ____D C:\APPLIC
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-30 12:37 - 2021-01-25 19:27 - 000000000 ____D C:\Users\NICOLAS\Documents\1 DOSSIER NICOLAS
2022-05-30 10:53 - 2019-03-13 21:37 - 000000000 __SHD C:\Users\NICOLAS\IntelGraphicsProfiles
2022-05-20 11:44 - 2020-06-25 09:56 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-05-20 11:44 - 2020-06-25 09:56 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-05-19 15:45 - 2015-11-03 21:28 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-19 15:37 - 2020-09-24 19:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-05-18 13:30 - 2020-12-18 09:22 - 000000000 ____D C:\Users\NICOLAS\Documents\2 DOSSIER SANDRA
==================== Fichiers à la racine de certains dossiers ========
2022-03-24 20:37 - 2022-05-30 10:55 - 000178034 _____ () C:\Users\NICOLAS\AppData\Local\BTServer.log
==================== SigCheckExt =========================
2016-04-22 19:11 - 2016-01-18 08:33 - 000189440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4364.dll
2016-06-06 03:26 - 2016-01-27 14:29 - 000001700 _____ C:\WINDOWS\system32\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll
2016-06-06 03:26 - 2016-03-10 10:25 - 000037084 _____ C:\WINDOWS\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll
2016-06-06 03:26 - 2016-01-27 14:20 - 000022232 _____ C:\WINDOWS\system32\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2016-06-06 03:24 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2015-09-03 10:59 - 2015-09-03 10:59 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2022-05-30 14:12 - 2022-05-30 14:14 - 002367488 _____ (Farbar) C:\Users\NICOLAS\Downloads\FRST64.exe
2022-05-30 13:27 - 2022-05-30 13:28 - 003483848 _____ (Nicolas Coolman) C:\Users\NICOLAS\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{9426218e-2bd5-11e6-9cc7-806e6f6e6963}
{7783abf5-b87d-11e6-af14-806e6f6e6963}
{9426218c-2bd5-11e6-9cc7-806e6f6e6963}
{9426218d-2bd5-11e6-9cc7-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {393f3b06-ab6d-11ec-a791-f405824e5376}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {539b7b80-88a9-11e6-af0b-806e6f6e6963}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description EFI Network 0 for IPv6 (C8-5B-76-0F-60-26)
Application logicielle (101fffff)
--------------------------------
identificateur {7783abf4-b87d-11e6-af14-806e6f6e6963}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Application logicielle (101fffff)
--------------------------------
identificateur {7783abf5-b87d-11e6-af14-806e6f6e6963}
device partition=\Device\HarddiskVolume7
path \EFI\Microsoft\Boot\LrsBootMgr.efi
description Lenovo Recovery System
Application logicielle (101fffff)
--------------------------------
identificateur {7783abf6-b87d-11e6-af14-806e6f6e6963}
description EFI Network 0 for IPv4 (C8-5B-76-0F-60-26)
Application logicielle (101fffff)
--------------------------------
identificateur {9426218c-2bd5-11e6-9cc7-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {9426218d-2bd5-11e6-9cc7-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {9426218e-2bd5-11e6-9cc7-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {09647ae6-fe91-11ea-a26e-fdb38a979b42}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{09647ae7-fe91-11ea-a26e-fdb38a979b42}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{09647ae7-fe91-11ea-a26e-fdb38a979b42}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {09647ae6-fe91-11ea-a26e-fdb38a979b42}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {393f3b06-ab6d-11ec-a791-f405824e5376}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {393f3b06-ab6d-11ec-a791-f405824e5376}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {09647ae6-fe91-11ea-a26e-fdb38a979b42}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {09647ae7-fe91-11ea-a26e-fdb38a979b42}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================