Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2023
Exécuté par patrick (administrateur) sur DESKTOP-2NPGTSS (LENOVO 80LT) (21-07-2023 14:10:15)
Exécuté depuis C:\Users\patrick\Desktop\FRST64.exe
Profils chargés: patrick
Plate-forme: Microsoft Windows 11 Professionnel Insider Preview Version 23H2 25905.1000 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ->) (Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_523.17400.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.82\msedgewebview2.exe <6>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_523.17400.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-1330335189-3289774998-2876471418-1000\...\Run: [MicrosoftEdgeAutoLaunch_3154D86BB033AAEA9477A77EC225BA40] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1330335189-3289774998-2876471418-1002\...\Run: [MicrosoftEdgeAutoLaunch_E659F5BFDCFB836B4EA731A4A853C428] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {9EAD6FAF-861C-4422-8948-FCB4A5795A88} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [4933952 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {90961E1F-D59E-4D0E-9444-5363F85A251B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {07C8D1C4-4EB6-4FCF-9D84-D285E2D6FE88} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [102400 2023-07-08] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {FBD422E4-7229-452B-9A09-E73870453C20} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [106496 2023-07-08] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A67475CE-37F0-45EB-BD0F-F29169EE6DDB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\16e8bb80-3fe0-4420-bb62-423eb57eb7e1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {0484AFA9-2C88-4DFC-93D6-E5A4312379BA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4cadf73b-45fe-4b25-90a4-dd2d212c6bb3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B5A71B00-AE7C-48DF-ADC2-8D131377FD7A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a24dd72c-79ea-451e-8c1c-ace05bbfcddf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5FC8A017-6614-4DD6-AE46-E01BA9B9B8B8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cf4f8c8a-0c1f-48d2-abe8-f3f3c6893780 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {40B74FB3-312E-4234-995F-E9D683256498} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {40B74FB3-312E-4234-995F-E9D683256498} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {40B74FB3-312E-4234-995F-E9D683256498} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {F19D7BFE-ADAB-4A75-B6B7-4595BA3E21D5} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [58880 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {E5CE5B1B-5228-4319-8F0F-53D187963F46} - System32\Tasks\Microsoft\Windows\Containers\CmCleanup => {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4}
Task: {FFFBDFF9-03E4-42F4-98FC-D27C6FA54DF1} - System32\Tasks\Microsoft\Windows\Management\Connectivity\ESIMPM => C:\WINDOWS\system32\esimpm.exe [495616 2023-07-08] (Microsoft Windows -> )
Task: {64FC196F-8C54-4CD9-A5F9-51A72E8E70FD} - System32\Tasks\Microsoft\Windows\ReFsDedupSvc\Initialization => {DCFF735B-64F7-45F3-B39C-6C66BBE2120F}
Task: {9392B30A-A21F-482B-932A-184ABECA9FC6} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => {7750564D-D61C-4557-8A9D-7DF56BDCFF96}
Task: {8FD51411-BEE9-42D4-A65D-50F6D81051E3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {A1F22EE2-DEC0-4844-9464-C5D4E64893D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FB6D7A6-C94F-456B-ABB5-B56CD4E4A325} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9085287D-DEAB-4CFA-9567-FC038504576A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {670947FF-43A0-4E88-AEB0-3D6DBD0D38AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E3E8A36A-884B-4742-94DC-563AB3BA3835} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [139040 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {115808FD-6E3A-4501-BBB2-797F3E565C7E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {38565688-6442-4A92-B293-17FA0D6E612E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-12] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58ec27d2-c659-44ff-8046-3755d5223d6f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c0342ce9-5554-4baf-a175-8d8f4b4c2784}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\patrick\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-19]
Edge Extension: (Edge relevant text changes) - C:\Users\patrick\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-30]
FireFox:
========
FF DefaultProfile: lphh24a8.default
FF ProfilePath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lphh24a8.default [2023-04-14]
FF ProfilePath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release [2023-07-21]
FF DownloadDir: C:\Users\patrick\Desktop
FF Extension: (AdGuard AdBlocker) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\adguardadblocker@adguard.com.xpi [2023-07-21]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\firefox@ghostery.com.xpi [2023-06-13]
FF Extension: (uBlock Origin) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-06-13]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2023-07-13]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1064960 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S3 refsdedupsvc; C:\WINDOWS\System32\ReFsDedupSvc.exe [2027520 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [421832 2023-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\NisSrv.exe [3058992 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MsMpEng.exe [133536 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 CDD; C:\WINDOWS\System32\cdd.dll [319488 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 devmap; C:\WINDOWS\System32\DriverStore\FileRepository\devmap.inf_amd64_93056a03a2b2cadf\devmap.sys [36864 2023-07-08] (Microsoft Windows -> )
S3 DisplayMux; C:\WINDOWS\System32\drivers\DisplayMux.sys [57344 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 I3CHost; C:\WINDOWS\System32\DriverStore\FileRepository\i3chost.inf_amd64_1b70f335a5805067\I3CHost.sys [61728 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 kdnic_legacy; C:\WINDOWS\System32\drivers\kdnic_legacy.sys [65824 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S2 NetworkPrivacyPolicy; C:\WINDOWS\System32\DriverStore\FileRepository\networkprivacypolicy.inf_amd64_c5c913661643bbe5\NetworkPrivacyPolicy.sys [73728 2023-07-08] (Microsoft Windows -> )
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [347224 2020-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Technology CO., LTD -> Sonix Co. Ltd.)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R1 Uio; C:\WINDOWS\System32\DriverStore\FileRepository\uio.inf_amd64_22ed683092fd7a0c\Uio.sys [53248 2023-07-08] (Microsoft Windows -> )
S3 UmPass; C:\WINDOWS\System32\DriverStore\FileRepository\umpass.inf_amd64_90d058b348085cab\umpass.sys [53248 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R2 UnionFS; C:\WINDOWS\system32\drivers\UnionFS.sys [426272 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 vwifibus; C:\WINDOWS\System32\DriverStore\FileRepository\netvwifibus.inf_amd64_55698b9042bc5f89\vwifibus.sys [65536 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 vwifimp; C:\WINDOWS\System32\DriverStore\FileRepository\netvwifimp.inf_amd64_a0fa1f18ebde01de\vwifimp.sys [86016 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55752 2023-07-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [216344 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [576792 2023-07-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104728 2023-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 WinAccelCx0101; C:\WINDOWS\System32\drivers\WinAccelCx.sys [123168 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_c9a16057a407466d\WSDPrint.sys [57344 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 ZTDNS; C:\WINDOWS\System32\drivers\ztdns.sys [90400 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S0 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-21 14:10 - 2023-07-21 14:11 - 000017226 _____ C:\Users\patrick\Desktop\FRST.txt
2023-07-21 14:09 - 2023-07-21 14:10 - 000000000 ____D C:\FRST
2023-07-21 14:08 - 2023-07-21 14:08 - 002384384 _____ (Farbar) C:\Users\patrick\Desktop\FRST64.exe
2023-07-21 14:06 - 2023-07-21 14:06 - 000220802 _____ C:\Users\patrick\Desktop\ZHPDiag.txt
2023-07-21 13:53 - 2023-07-21 14:06 - 000000000 ____D C:\Users\patrick\AppData\Roaming\ZHP
2023-07-21 13:53 - 2023-07-21 13:59 - 000000867 _____ C:\Users\patrick\Desktop\ZHPSuite.lnk
2023-07-21 13:53 - 2023-07-21 13:53 - 000000000 ____D C:\Users\patrick\AppData\Local\ZHP
2023-07-21 13:52 - 2023-07-21 13:52 - 003511456 _____ (Nicolas Coolman) C:\Users\patrick\Desktop\ZHPSuite.exe
2023-07-16 16:25 - 2023-07-16 16:25 - 000753982 _____ C:\WINDOWS\system32\perfh00C.dat
2023-07-16 16:25 - 2023-07-16 16:25 - 000150312 _____ C:\WINDOWS\system32\perfc00C.dat
2023-07-16 14:02 - 2023-07-17 11:38 - 000001384 _____ C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-07-16 11:27 - 2023-07-17 11:38 - 000001278 _____ C:\Users\patrick\Desktop\ESET Online Scanner.lnk
2023-07-16 11:27 - 2023-07-16 11:27 - 000000000 ____D C:\Users\patrick\AppData\Local\ESET
2023-07-13 18:53 - 2023-07-13 18:10 - 000000000 ____D C:\Windows.old
2023-07-13 18:48 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-07-13 18:46 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-07-13 18:46 - 2023-07-13 18:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-07-13 18:43 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-07-13 18:43 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-07-13 18:43 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\addins
2023-07-13 18:33 - 2023-07-13 18:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-07-13 18:30 - 2023-07-13 18:30 - 000000020 ___SH C:\Users\patrick\ntuser.ini
2023-07-13 18:09 - 2023-07-16 16:25 - 001682410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-13 18:09 - 2023-07-16 14:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-13 18:09 - 2023-07-13 18:09 - 000003694 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{8303B450-ECD2-44A9-A419-753C99C10EEE}
2023-07-13 18:09 - 2023-07-13 18:09 - 000003470 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{815D9E11-C34F-4F16-BB12-7786D29CEF63}
2023-07-13 18:09 - 2023-07-13 18:09 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-07-13 18:09 - 2023-07-13 18:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-07-13 18:09 - 2023-07-13 18:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-07-13 18:09 - 2023-07-13 18:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-07-13 18:08 - 2023-07-13 18:09 - 000017148 _____ C:\WINDOWS\diagwrn.xml
2023-07-13 18:08 - 2023-07-13 18:09 - 000017148 _____ C:\WINDOWS\diagerr.xml
2023-07-13 18:08 - 2023-07-13 18:08 - 000000000 ____D C:\WINDOWS\Minidump
2023-07-13 18:08 - 2023-07-13 18:08 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-07-13 18:07 - 2023-07-16 14:07 - 000000292 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\SystemCertificates
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Network
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Crypto
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\SystemCertificates
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Network
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Crypto
2023-07-13 18:02 - 2023-07-13 18:30 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Windows
2023-07-13 18:02 - 2023-07-13 18:30 - 000000000 ____D C:\Users\patrick
2023-07-13 18:02 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Windows
2023-07-13 18:02 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Voisinage réseau
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Voisinage d'impression
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Modèles
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Mes documents
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Menu Démarrer
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\AppData\Local\Historique
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Voisinage réseau
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Voisinage d'impression
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Modèles
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Mes documents
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Menu Démarrer
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\AppData\Local\Historique
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Spelling
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Spelling
2023-07-13 17:59 - 2023-07-16 13:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-13 17:59 - 2023-07-13 17:59 - 000297464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-13 16:13 - 2023-07-13 18:10 - 000000000 ___DC C:\WINDOWS\Panther
2023-07-12 16:13 - 2023-07-12 20:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-08 18:05 - 2023-07-13 18:45 - 000000000 ____D C:\WINDOWS\Containers
2023-07-08 18:05 - 2023-07-13 18:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-07-08 18:05 - 2023-07-13 18:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-08 18:05 - 2023-07-13 18:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\RemotePackages
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\InboxApps
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\ProgramData\ssh
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-07-08 18:03 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\fr
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\0409
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-07-08 12:38 - 2023-07-08 12:38 - 000000000 _SHDL C:\Users\Default User
2023-07-08 12:38 - 2023-07-08 12:38 - 000000000 _SHDL C:\Users\All Users
2023-07-08 12:31 - 2023-07-13 18:51 - 000000000 ____D C:\WINDOWS\Setup
2023-07-08 12:27 - 2023-07-21 14:01 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-08 12:27 - 2023-07-21 13:48 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-08 12:27 - 2023-07-20 13:30 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-08 12:27 - 2023-07-20 13:17 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-08 12:27 - 2023-07-16 14:09 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-07-08 12:27 - 2023-07-16 14:07 - 000000000 ____D C:\WINDOWS\ServiceState
2023-07-08 12:27 - 2023-07-16 09:36 - 000000000 ____D C:\WINDOWS\appcompat
2023-07-08 12:27 - 2023-07-13 18:54 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ___RD C:\Program Files (x86)
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\spool
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-07-08 12:27 - 2023-07-13 18:50 - 000000000 __RHD C:\Users\Public\Libraries
2023-07-08 12:27 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-07-08 12:27 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-07-08 12:27 - 2023-07-13 18:46 - 000000000 ____D C:\ProgramData\USOPrivate
2023-07-08 12:27 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-07-08 12:27 - 2023-07-13 18:22 - 000000000 ____D C:\WINDOWS\OCR
2023-07-08 12:27 - 2023-07-13 18:10 - 000000000 ____D C:\Program Files\Windows NT
2023-07-08 12:27 - 2023-07-13 18:09 - 000000000 ___RD C:\Program Files\Windows Defender
2023-07-08 12:27 - 2023-07-13 18:08 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-07-08 12:27 - 2023-07-13 18:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-08 12:27 - 2023-07-13 18:01 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-07-08 12:27 - 2023-07-13 17:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\SystemApps
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\security
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\schemas
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\te-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\or-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\km-KH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\is-IS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\be-BY
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\as-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\am-ET
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\Globalization
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\Com
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\IME
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\Help
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\BrowserCore
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\Program Files\Common Files\System
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 __RSD C:\WINDOWS\Media
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Web
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\ras
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\Pbr
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\SKB
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Resources
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Registration
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Provisioning
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\PLA
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\InputMethod
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\WUModels
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\WaaS
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Vss
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\UUS
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\tracing
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\TAPI
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\ShellExperiences
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\IME
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\ias
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\System
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SchCache
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\rescache
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Performance
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Cursors
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Branding
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Spelling
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\ProgramData\USOShared
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-07-08 12:27 - 2023-07-08 12:25 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-07-08 12:27 - 2023-07-08 12:25 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-07-08 12:27 - 2023-07-08 12:25 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-07-08 12:25 - 2023-07-16 16:25 - 000000000 ____D C:\WINDOWS\INF
2023-07-08 12:23 - 2023-07-08 12:23 - 000089761 _____ C:\WINDOWS\system32\DiskSnapshot.conf
2023-07-08 12:23 - 2023-07-08 12:23 - 000052009 _____ C:\WINDOWS\SysWOW64\ctac.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000052009 _____ C:\WINDOWS\system32\ctac.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000045056 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\cero.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000040448 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000038400 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000038128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys
2023-07-08 12:23 - 2023-07-08 12:23 - 000037888 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\usk.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000036256 _____ C:\WINDOWS\system32\Microsoft.Management.Deployment.winmd
2023-07-08 12:23 - 2023-07-08 12:23 - 000033280 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000030208 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\grb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000017920 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000013824 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000012288 _____ (Microsoft) C:\WINDOWS\system32\WEB.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000011279 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000010576 _____ C:\WINDOWS\system32\TransformPPSToWlan.xslt
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriUHMImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriLMImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriHMImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004608 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000001820 _____ C:\WINDOWS\SysWOW64\rasctrnm.h
2023-07-08 12:23 - 2023-07-08 12:23 - 000001820 _____ C:\WINDOWS\system32\rasctrnm.h
2023-07-08 12:23 - 2023-07-08 12:23 - 000001688 _____ C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt
2023-07-08 12:23 - 2023-07-08 12:23 - 000000670 ___RH C:\WINDOWS\WindowsShell.Manifest
2023-07-08 12:23 - 2023-07-08 12:23 - 000000146 _____ C:\WINDOWS\system32\UevAppMonitor.exe.config
2023-07-08 12:23 - 2023-07-08 12:23 - 000000112 _____ C:\WINDOWS\SysWOW64\MixedRealityRuntime.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000000112 _____ C:\WINDOWS\system32\MixedRealityRuntime.json
2023-07-08 12:22 - 2023-07-16 14:07 - 078118912 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-07-08 12:22 - 2023-07-16 14:07 - 022806528 _____ C:\WINDOWS\system32\config\SYSTEM
2023-07-08 12:22 - 2023-07-16 14:07 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2023-07-08 12:22 - 2023-07-16 14:07 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-07-08 12:22 - 2023-07-16 14:07 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2023-07-08 12:22 - 2023-07-16 14:07 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2023-07-08 12:22 - 2023-07-13 18:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-08 12:22 - 2023-07-13 18:22 - 000000000 ____D C:\WINDOWS\servicing
2023-07-08 12:22 - 2023-07-13 18:10 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-07-08 12:22 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\SMI
2023-07-01 09:33 - 2023-07-01 09:33 - 000000000 ____D C:\Users\patri\AppData\Local\Comms
2023-06-30 17:25 - 2023-06-30 17:25 - 000000000 ____D C:\Users\patri\AppData\Local\Publishers
2023-06-30 13:59 - 2023-06-30 13:59 - 000000000 ____D C:\Users\patri\AppData\Local\Lenovo
2023-06-30 13:56 - 2023-06-30 13:56 - 000000000 ____D C:\Users\patri\AppData\Local\PlaceholderTileLogoFolder
2023-06-30 13:51 - 2023-07-13 18:02 - 000000000 ____D C:\Users\patri\AppData\Local\Packages
2023-06-30 13:51 - 2023-07-10 20:27 - 000000000 ____D C:\Users\patri\AppData\Local\ConnectedDevicesPlatform
2023-06-30 13:51 - 2023-07-10 20:18 - 000000000 __SHD C:\Users\patri\IntelGraphicsProfiles
2023-06-30 13:51 - 2023-06-30 13:51 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Vault
2023-06-30 13:51 - 2023-06-30 13:51 - 000000000 ____D C:\Users\patri\AppData\Roaming\Adobe
2023-06-30 13:51 - 2023-06-30 13:51 - 000000000 ____D C:\Users\patri\AppData\Local\VirtualStore
2023-06-30 13:50 - 2023-07-10 20:26 - 000000000 ___SD C:\Users\patri\AppData\Roaming\Microsoft\Protect
2023-06-30 13:50 - 2023-06-30 13:50 - 000000000 ___SD C:\Users\patri\AppData\Roaming\Microsoft\Credentials
2023-06-30 13:50 - 2023-04-09 16:08 - 000000000 ___RD C:\Users\patri\OneDrive
2023-06-22 16:19 - 2023-06-22 16:19 - 619052932 _____ C:\WINDOWS\MEMORY.DMP
2023-06-16 17:58 - 2023-06-16 17:58 - 000000028 ____H C:\.GamingRoot
2023-06-16 17:58 - 2023-06-16 17:58 - 000000000 ____D C:\XboxGames
2023-06-15 20:55 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\Lenovo
2023-06-13 18:28 - 2023-06-13 18:28 - 000000000 ____D C:\Users\patrick\AppData\Local\Peters_Software_Solutions
2023-06-13 11:01 - 2023-06-13 11:01 - 000435656 _____ C:\Users\patrick\OneDrive\Documents\1677146275-ligne-642-clermont-creil-a-partir-du-270223.pdf
2023-06-09 04:36 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-06-07 14:07 - 2023-06-07 14:39 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-06-07 14:07 - 2023-06-07 14:39 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-06-07 14:06 - 2023-06-13 14:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-06-07 14:06 - 2023-06-07 14:06 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll.0
2023-05-20 16:58 - 2023-05-20 16:58 - 000001526 _____ C:\Users\patrick\Desktop\Raccourci vers Bureau (OneDrive - Personnel).lnk
2023-05-19 17:49 - 2023-07-13 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peters Software Solutions
2023-05-19 17:49 - 2023-05-19 17:49 - 000001230 _____ C:\Users\Public\Desktop\ViVeTool GUI - Feature Scanner.lnk
2023-05-19 17:49 - 2023-05-19 17:49 - 000001155 _____ C:\Users\Public\Desktop\ViVeTool GUI.lnk
2023-05-19 17:49 - 2023-05-19 17:49 - 000000000 ____D C:\Program Files\Peters Software Solutions
2023-05-15 17:34 - 2023-07-13 15:04 - 000000000 ____D C:\Users\patrick\AppData\Local\ElevatedDiagnostics
2023-05-11 20:00 - 2023-05-11 20:19 - 000000000 ____D C:\Users\patrick\AppData\Local\Plex
2023-05-11 20:00 - 2023-05-11 20:00 - 000000000 ____D C:\Users\patrick\AppData\Local\cache
2023-05-11 19:59 - 2023-07-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex
2023-05-11 19:58 - 2023-05-11 19:58 - 000000000 ____D C:\Program Files\Plex
2023-05-09 11:05 - 2023-07-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-05-09 11:05 - 2023-05-10 20:34 - 000000000 ____D C:\Users\patrick\AppData\Roaming\obs-studio
2023-05-09 11:05 - 2023-05-09 11:05 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2023-05-09 11:05 - 2023-05-09 11:05 - 000000000 ____D C:\ProgramData\obs-studio-hook
2023-05-09 11:04 - 2023-05-09 11:05 - 000000000 ____D C:\Program Files\obs-studio
2023-05-09 11:02 - 2023-05-09 11:03 - 134090488 _____ (OBS Project) C:\Users\patrick\Downloads\OBS-Studio-29.1-Full-Installer-x64.exe
2023-05-09 09:50 - 2023-05-09 09:50 - 000000000 ____D C:\Users\patrick\AppData\Local\INetHistory
2023-05-08 09:25 - 2023-05-09 09:40 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-08 09:25 - 2023-05-08 09:25 - 000000000 ____D C:\ProgramData\Intel
2023-05-03 11:44 - 2023-05-03 11:44 - 000000017 _____ C:\Users\patrick\AppData\Local\resmon.resmoncfg
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-21 13:48 - 2023-04-14 18:13 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-21 13:45 - 2023-04-09 16:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-07-21 13:45 - 2023-04-09 16:09 - 000000000 __SHD C:\Users\patrick\IntelGraphicsProfiles
2023-07-16 14:07 - 2023-04-09 15:56 - 000012288 ___SH C:\DumpStack.log.tmp
2023-07-16 11:13 - 2023-04-09 16:05 - 000000000 ____D C:\Users\patrick\AppData\Local\D3DSCache
2023-07-16 09:26 - 2023-04-09 15:57 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-16 09:26 - 2023-04-09 15:57 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-07-14 08:59 - 2023-04-09 16:19 - 000914872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-13 18:54 - 2023-04-15 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-07-13 18:54 - 2023-03-26 09:53 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-07-13 18:48 - 2023-04-15 12:12 - 000000000 ____D C:\Program Files\Realtek
2023-07-13 18:48 - 2023-04-09 16:10 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-07-13 18:48 - 2023-04-09 16:09 - 000000000 ____D C:\Program Files\Intel
2023-07-13 18:47 - 2023-04-09 16:05 - 000000000 ____D C:\Users\patrick\AppData\Local\Packages
2023-07-13 18:30 - 2023-04-09 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-07-13 18:00 - 2023-04-15 12:12 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-07-13 18:00 - 2023-04-09 16:09 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-07-13 10:24 - 2023-04-09 15:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-07-12 20:39 - 2023-04-14 18:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-12 10:50 - 2023-04-09 16:18 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-12 10:50 - 2023-04-09 16:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-10 20:27 - 2023-04-09 16:09 - 000000000 ____D C:\Intel
2023-07-03 10:49 - 2023-04-09 16:01 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2023-05-03 11:44 - 2023-05-03 11:44 - 000000017 _____ () C:\Users\patrick\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2023-06-07 14:06 - 2023-06-13 14:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-07-21 14:08 - 2023-07-21 14:08 - 002384384 _____ (Farbar) C:\Users\patrick\Desktop\FRST64.exe
2023-07-21 13:52 - 2023-07-21 13:52 - 003511456 _____ (Nicolas Coolman) C:\Users\patrick\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{9a90f883-d6e5-11ed-84f2-880841743a62}
{9a90f881-d6e5-11ed-84f2-880841743a62}
{9a90f882-d6e5-11ed-84f2-880841743a62}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {77470482-219d-11ee-a326-ebfabc9a7aa7}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f881-d6e5-11ed-84f2-880841743a62}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f882-d6e5-11ed-84f2-880841743a62}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f883-d6e5-11ed-84f2-880841743a62}
description EFI Network
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f885-d6e5-11ed-84f2-880841743a62}
description EFI Network 0 for IPv4 (1C-39-47-15-E6-68)
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f886-d6e5-11ed-84f2-880841743a62}
description EFI Network 0 for IPv6 (1C-39-47-15-E6-68)
Installation de Windows
-----------------------
identificateur {7254a080-1510-4e85-ac0f-e7fb3d444736}
device ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{b75def01-2191-11ee-a8f8-b46d83d401f6}
bootstatdevice partition=C:
custom:11000083 partition=C:
path \windows\system32\winload.efi
description Windows Rollback
locale fr-FR
bootstatfilepath \$WINDOWS.~BT\Sources\SafeOS\bootstat.dat
inherit {bootloadersettings}
restartonfailure Yes
osdevice ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{b75def01-2191-11ee-a8f8-b46d83d401f6}
custom:21000152 partition=C:
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {77470484-219d-11ee-a326-ebfabc9a7aa7}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
flightsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {77470482-219d-11ee-a326-ebfabc9a7aa7}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {77470484-219d-11ee-a326-ebfabc9a7aa7}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{77470485-219d-11ee-a326-ebfabc9a7aa7}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{77470485-219d-11ee-a326-ebfabc9a7aa7}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {9a90f8bb-d6e5-11ed-84f2-880841743a62}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9a90f8bc-d6e5-11ed-84f2-880841743a62}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9a90f8bc-d6e5-11ed-84f2-880841743a62}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {77470482-219d-11ee-a326-ebfabc9a7aa7}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {77470484-219d-11ee-a326-ebfabc9a7aa7}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {9a90f8b8-d6e5-11ed-84f2-880841743a62}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {9a90f8bb-d6e5-11ed-84f2-880841743a62}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
badmemorylist 0x104310
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {77470485-219d-11ee-a326-ebfabc9a7aa7}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {9a90f8bc-d6e5-11ed-84f2-880841743a62}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {b75def01-2191-11ee-a8f8-b46d83d401f6}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par patrick (administrateur) sur DESKTOP-2NPGTSS (LENOVO 80LT) (21-07-2023 14:10:15)
Exécuté depuis C:\Users\patrick\Desktop\FRST64.exe
Profils chargés: patrick
Plate-forme: Microsoft Windows 11 Professionnel Insider Preview Version 23H2 25905.1000 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ->) (Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_523.17400.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.82\msedgewebview2.exe <6>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_523.17400.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-1330335189-3289774998-2876471418-1000\...\Run: [MicrosoftEdgeAutoLaunch_3154D86BB033AAEA9477A77EC225BA40] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1330335189-3289774998-2876471418-1002\...\Run: [MicrosoftEdgeAutoLaunch_E659F5BFDCFB836B4EA731A4A853C428] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {9EAD6FAF-861C-4422-8948-FCB4A5795A88} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [4933952 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {90961E1F-D59E-4D0E-9444-5363F85A251B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {07C8D1C4-4EB6-4FCF-9D84-D285E2D6FE88} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [102400 2023-07-08] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {FBD422E4-7229-452B-9A09-E73870453C20} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [106496 2023-07-08] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A67475CE-37F0-45EB-BD0F-F29169EE6DDB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\16e8bb80-3fe0-4420-bb62-423eb57eb7e1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {0484AFA9-2C88-4DFC-93D6-E5A4312379BA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4cadf73b-45fe-4b25-90a4-dd2d212c6bb3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B5A71B00-AE7C-48DF-ADC2-8D131377FD7A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a24dd72c-79ea-451e-8c1c-ace05bbfcddf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5FC8A017-6614-4DD6-AE46-E01BA9B9B8B8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cf4f8c8a-0c1f-48d2-abe8-f3f3c6893780 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {40B74FB3-312E-4234-995F-E9D683256498} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {40B74FB3-312E-4234-995F-E9D683256498} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {40B74FB3-312E-4234-995F-E9D683256498} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {F19D7BFE-ADAB-4A75-B6B7-4595BA3E21D5} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [58880 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {E5CE5B1B-5228-4319-8F0F-53D187963F46} - System32\Tasks\Microsoft\Windows\Containers\CmCleanup => {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4}
Task: {FFFBDFF9-03E4-42F4-98FC-D27C6FA54DF1} - System32\Tasks\Microsoft\Windows\Management\Connectivity\ESIMPM => C:\WINDOWS\system32\esimpm.exe [495616 2023-07-08] (Microsoft Windows -> )
Task: {64FC196F-8C54-4CD9-A5F9-51A72E8E70FD} - System32\Tasks\Microsoft\Windows\ReFsDedupSvc\Initialization => {DCFF735B-64F7-45F3-B39C-6C66BBE2120F}
Task: {9392B30A-A21F-482B-932A-184ABECA9FC6} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => {7750564D-D61C-4557-8A9D-7DF56BDCFF96}
Task: {8FD51411-BEE9-42D4-A65D-50F6D81051E3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {A1F22EE2-DEC0-4844-9464-C5D4E64893D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FB6D7A6-C94F-456B-ABB5-B56CD4E4A325} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9085287D-DEAB-4CFA-9567-FC038504576A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {670947FF-43A0-4E88-AEB0-3D6DBD0D38AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MpCmdRun.exe [1592128 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E3E8A36A-884B-4742-94DC-563AB3BA3835} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [139040 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
Task: {115808FD-6E3A-4501-BBB2-797F3E565C7E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {38565688-6442-4A92-B293-17FA0D6E612E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-12] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58ec27d2-c659-44ff-8046-3755d5223d6f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c0342ce9-5554-4baf-a175-8d8f4b4c2784}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\patrick\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-19]
Edge Extension: (Edge relevant text changes) - C:\Users\patrick\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-30]
FireFox:
========
FF DefaultProfile: lphh24a8.default
FF ProfilePath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lphh24a8.default [2023-04-14]
FF ProfilePath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release [2023-07-21]
FF DownloadDir: C:\Users\patrick\Desktop
FF Extension: (AdGuard AdBlocker) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\adguardadblocker@adguard.com.xpi [2023-07-21]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\firefox@ghostery.com.xpi [2023-06-13]
FF Extension: (uBlock Origin) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-06-13]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uphee94t.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2023-07-13]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1064960 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S3 refsdedupsvc; C:\WINDOWS\System32\ReFsDedupSvc.exe [2027520 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [421832 2023-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\NisSrv.exe [3058992 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23060.1012-0\MsMpEng.exe [133536 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 CDD; C:\WINDOWS\System32\cdd.dll [319488 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 devmap; C:\WINDOWS\System32\DriverStore\FileRepository\devmap.inf_amd64_93056a03a2b2cadf\devmap.sys [36864 2023-07-08] (Microsoft Windows -> )
S3 DisplayMux; C:\WINDOWS\System32\drivers\DisplayMux.sys [57344 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 I3CHost; C:\WINDOWS\System32\DriverStore\FileRepository\i3chost.inf_amd64_1b70f335a5805067\I3CHost.sys [61728 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 kdnic_legacy; C:\WINDOWS\System32\drivers\kdnic_legacy.sys [65824 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S2 NetworkPrivacyPolicy; C:\WINDOWS\System32\DriverStore\FileRepository\networkprivacypolicy.inf_amd64_c5c913661643bbe5\NetworkPrivacyPolicy.sys [73728 2023-07-08] (Microsoft Windows -> )
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [347224 2020-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Technology CO., LTD -> Sonix Co. Ltd.)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R1 Uio; C:\WINDOWS\System32\DriverStore\FileRepository\uio.inf_amd64_22ed683092fd7a0c\Uio.sys [53248 2023-07-08] (Microsoft Windows -> )
S3 UmPass; C:\WINDOWS\System32\DriverStore\FileRepository\umpass.inf_amd64_90d058b348085cab\umpass.sys [53248 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R2 UnionFS; C:\WINDOWS\system32\drivers\UnionFS.sys [426272 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 vwifibus; C:\WINDOWS\System32\DriverStore\FileRepository\netvwifibus.inf_amd64_55698b9042bc5f89\vwifibus.sys [65536 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 vwifimp; C:\WINDOWS\System32\DriverStore\FileRepository\netvwifimp.inf_amd64_a0fa1f18ebde01de\vwifimp.sys [86016 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55752 2023-07-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [216344 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [576792 2023-07-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104728 2023-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 WinAccelCx0101; C:\WINDOWS\System32\drivers\WinAccelCx.sys [123168 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_c9a16057a407466d\WSDPrint.sys [57344 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 ZTDNS; C:\WINDOWS\System32\drivers\ztdns.sys [90400 2023-07-08] (Microsoft Windows -> Microsoft Corporation)
S0 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-21 14:10 - 2023-07-21 14:11 - 000017226 _____ C:\Users\patrick\Desktop\FRST.txt
2023-07-21 14:09 - 2023-07-21 14:10 - 000000000 ____D C:\FRST
2023-07-21 14:08 - 2023-07-21 14:08 - 002384384 _____ (Farbar) C:\Users\patrick\Desktop\FRST64.exe
2023-07-21 14:06 - 2023-07-21 14:06 - 000220802 _____ C:\Users\patrick\Desktop\ZHPDiag.txt
2023-07-21 13:53 - 2023-07-21 14:06 - 000000000 ____D C:\Users\patrick\AppData\Roaming\ZHP
2023-07-21 13:53 - 2023-07-21 13:59 - 000000867 _____ C:\Users\patrick\Desktop\ZHPSuite.lnk
2023-07-21 13:53 - 2023-07-21 13:53 - 000000000 ____D C:\Users\patrick\AppData\Local\ZHP
2023-07-21 13:52 - 2023-07-21 13:52 - 003511456 _____ (Nicolas Coolman) C:\Users\patrick\Desktop\ZHPSuite.exe
2023-07-16 16:25 - 2023-07-16 16:25 - 000753982 _____ C:\WINDOWS\system32\perfh00C.dat
2023-07-16 16:25 - 2023-07-16 16:25 - 000150312 _____ C:\WINDOWS\system32\perfc00C.dat
2023-07-16 14:02 - 2023-07-17 11:38 - 000001384 _____ C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-07-16 11:27 - 2023-07-17 11:38 - 000001278 _____ C:\Users\patrick\Desktop\ESET Online Scanner.lnk
2023-07-16 11:27 - 2023-07-16 11:27 - 000000000 ____D C:\Users\patrick\AppData\Local\ESET
2023-07-13 18:53 - 2023-07-13 18:10 - 000000000 ____D C:\Windows.old
2023-07-13 18:48 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-07-13 18:46 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-07-13 18:46 - 2023-07-13 18:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-07-13 18:43 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-07-13 18:43 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-07-13 18:43 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\addins
2023-07-13 18:33 - 2023-07-13 18:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-07-13 18:30 - 2023-07-13 18:30 - 000000020 ___SH C:\Users\patrick\ntuser.ini
2023-07-13 18:09 - 2023-07-16 16:25 - 001682410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-13 18:09 - 2023-07-16 14:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-13 18:09 - 2023-07-13 18:09 - 000003694 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{8303B450-ECD2-44A9-A419-753C99C10EEE}
2023-07-13 18:09 - 2023-07-13 18:09 - 000003470 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{815D9E11-C34F-4F16-BB12-7786D29CEF63}
2023-07-13 18:09 - 2023-07-13 18:09 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-07-13 18:09 - 2023-07-13 18:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-07-13 18:09 - 2023-07-13 18:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-07-13 18:09 - 2023-07-13 18:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-07-13 18:08 - 2023-07-13 18:09 - 000017148 _____ C:\WINDOWS\diagwrn.xml
2023-07-13 18:08 - 2023-07-13 18:09 - 000017148 _____ C:\WINDOWS\diagerr.xml
2023-07-13 18:08 - 2023-07-13 18:08 - 000000000 ____D C:\WINDOWS\Minidump
2023-07-13 18:08 - 2023-07-13 18:08 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-07-13 18:07 - 2023-07-16 14:07 - 000000292 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\SystemCertificates
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Network
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Crypto
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\SystemCertificates
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Network
2023-07-13 18:07 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Crypto
2023-07-13 18:02 - 2023-07-13 18:30 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Windows
2023-07-13 18:02 - 2023-07-13 18:30 - 000000000 ____D C:\Users\patrick
2023-07-13 18:02 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Windows
2023-07-13 18:02 - 2023-07-13 18:07 - 000000000 ____D C:\Users\patri
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Voisinage réseau
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Voisinage d'impression
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Modèles
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Mes documents
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\Menu Démarrer
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patrick\AppData\Local\Historique
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Voisinage réseau
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Voisinage d'impression
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Modèles
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Mes documents
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\Menu Démarrer
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 _SHDL C:\Users\patri\AppData\Local\Historique
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 ____D C:\Users\patrick\AppData\Roaming\Microsoft\Spelling
2023-07-13 18:02 - 2023-07-13 18:02 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Spelling
2023-07-13 17:59 - 2023-07-16 13:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-13 17:59 - 2023-07-13 17:59 - 000297464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-13 16:13 - 2023-07-13 18:10 - 000000000 ___DC C:\WINDOWS\Panther
2023-07-12 16:13 - 2023-07-12 20:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-08 18:05 - 2023-07-13 18:45 - 000000000 ____D C:\WINDOWS\Containers
2023-07-08 18:05 - 2023-07-13 18:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-07-08 18:05 - 2023-07-13 18:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-08 18:05 - 2023-07-13 18:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\RemotePackages
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\InboxApps
2023-07-08 18:05 - 2023-07-08 18:05 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-07-08 18:04 - 2023-07-08 18:04 - 000000000 ____D C:\ProgramData\ssh
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-07-08 18:03 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-07-08 18:03 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\fr
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\0409
2023-07-08 18:03 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-07-08 12:38 - 2023-07-08 12:38 - 000000000 _SHDL C:\Users\Default User
2023-07-08 12:38 - 2023-07-08 12:38 - 000000000 _SHDL C:\Users\All Users
2023-07-08 12:31 - 2023-07-13 18:51 - 000000000 ____D C:\WINDOWS\Setup
2023-07-08 12:27 - 2023-07-21 14:01 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-08 12:27 - 2023-07-21 13:48 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-08 12:27 - 2023-07-20 13:30 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-08 12:27 - 2023-07-20 13:17 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-08 12:27 - 2023-07-16 14:09 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-07-08 12:27 - 2023-07-16 14:07 - 000000000 ____D C:\WINDOWS\ServiceState
2023-07-08 12:27 - 2023-07-16 09:36 - 000000000 ____D C:\WINDOWS\appcompat
2023-07-08 12:27 - 2023-07-13 18:54 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ___RD C:\Program Files (x86)
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\spool
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-08 12:27 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-07-08 12:27 - 2023-07-13 18:50 - 000000000 __RHD C:\Users\Public\Libraries
2023-07-08 12:27 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-07-08 12:27 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-07-08 12:27 - 2023-07-13 18:46 - 000000000 ____D C:\ProgramData\USOPrivate
2023-07-08 12:27 - 2023-07-13 18:43 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-07-08 12:27 - 2023-07-13 18:40 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-07-08 12:27 - 2023-07-13 18:22 - 000000000 ____D C:\WINDOWS\OCR
2023-07-08 12:27 - 2023-07-13 18:10 - 000000000 ____D C:\Program Files\Windows NT
2023-07-08 12:27 - 2023-07-13 18:09 - 000000000 ___RD C:\Program Files\Windows Defender
2023-07-08 12:27 - 2023-07-13 18:08 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-07-08 12:27 - 2023-07-13 18:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-08 12:27 - 2023-07-13 18:01 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-07-08 12:27 - 2023-07-13 17:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\SystemApps
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\security
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\schemas
2023-07-08 12:27 - 2023-07-08 18:05 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\te-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\or-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\km-KH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\is-IS
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\be-BY
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\as-IN
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\am-ET
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2023-07-08 12:27 - 2023-07-08 18:04 - 000000000 ____D C:\WINDOWS\Globalization
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\system32\Com
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\IME
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\Help
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\WINDOWS\BrowserCore
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\Program Files\Common Files\System
2023-07-08 12:27 - 2023-07-08 18:03 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 __RSD C:\WINDOWS\Media
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Web
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\ras
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\Pbr
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\SKB
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Resources
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Registration
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\Provisioning
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\PLA
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\InputMethod
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-07-08 12:27 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\WUModels
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\WaaS
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Vss
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\UUS
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\tracing
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\TAPI
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\ShellExperiences
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\IME
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\ias
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\System
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\SchCache
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\rescache
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Performance
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Cursors
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\Branding
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Spelling
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\ProgramData\USOShared
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-07-08 12:27 - 2023-07-08 12:27 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-07-08 12:27 - 2023-07-08 12:25 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-07-08 12:27 - 2023-07-08 12:25 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-07-08 12:27 - 2023-07-08 12:25 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-07-08 12:25 - 2023-07-16 16:25 - 000000000 ____D C:\WINDOWS\INF
2023-07-08 12:23 - 2023-07-08 12:23 - 000089761 _____ C:\WINDOWS\system32\DiskSnapshot.conf
2023-07-08 12:23 - 2023-07-08 12:23 - 000052009 _____ C:\WINDOWS\SysWOW64\ctac.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000052009 _____ C:\WINDOWS\system32\ctac.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000045056 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\cero.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000040448 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000038400 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000038128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys
2023-07-08 12:23 - 2023-07-08 12:23 - 000037888 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\usk.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000036256 _____ C:\WINDOWS\system32\Microsoft.Management.Deployment.winmd
2023-07-08 12:23 - 2023-07-08 12:23 - 000033280 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000030208 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\grb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000017920 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000013824 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000012288 _____ (Microsoft) C:\WINDOWS\system32\WEB.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000011279 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000010576 _____ C:\WINDOWS\system32\TransformPPSToWlan.xslt
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriUHMImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriLMImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2023-07-08 12:23 - 2023-07-08 12:23 - 000004805 _____ C:\WINDOWS\system32\ResPriHMImageList
2023-07-08 12:23 - 2023-07-08 12:23 - 000004608 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs
2023-07-08 12:23 - 2023-07-08 12:23 - 000001820 _____ C:\WINDOWS\SysWOW64\rasctrnm.h
2023-07-08 12:23 - 2023-07-08 12:23 - 000001820 _____ C:\WINDOWS\system32\rasctrnm.h
2023-07-08 12:23 - 2023-07-08 12:23 - 000001688 _____ C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt
2023-07-08 12:23 - 2023-07-08 12:23 - 000000670 ___RH C:\WINDOWS\WindowsShell.Manifest
2023-07-08 12:23 - 2023-07-08 12:23 - 000000146 _____ C:\WINDOWS\system32\UevAppMonitor.exe.config
2023-07-08 12:23 - 2023-07-08 12:23 - 000000112 _____ C:\WINDOWS\SysWOW64\MixedRealityRuntime.json
2023-07-08 12:23 - 2023-07-08 12:23 - 000000112 _____ C:\WINDOWS\system32\MixedRealityRuntime.json
2023-07-08 12:22 - 2023-07-16 14:07 - 078118912 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-07-08 12:22 - 2023-07-16 14:07 - 022806528 _____ C:\WINDOWS\system32\config\SYSTEM
2023-07-08 12:22 - 2023-07-16 14:07 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2023-07-08 12:22 - 2023-07-16 14:07 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-07-08 12:22 - 2023-07-16 14:07 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2023-07-08 12:22 - 2023-07-16 14:07 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2023-07-08 12:22 - 2023-07-13 18:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-08 12:22 - 2023-07-13 18:22 - 000000000 ____D C:\WINDOWS\servicing
2023-07-08 12:22 - 2023-07-13 18:10 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-07-08 12:22 - 2023-07-08 12:39 - 000000000 ____D C:\WINDOWS\system32\SMI
2023-07-01 09:33 - 2023-07-01 09:33 - 000000000 ____D C:\Users\patri\AppData\Local\Comms
2023-06-30 17:25 - 2023-06-30 17:25 - 000000000 ____D C:\Users\patri\AppData\Local\Publishers
2023-06-30 13:59 - 2023-06-30 13:59 - 000000000 ____D C:\Users\patri\AppData\Local\Lenovo
2023-06-30 13:56 - 2023-06-30 13:56 - 000000000 ____D C:\Users\patri\AppData\Local\PlaceholderTileLogoFolder
2023-06-30 13:51 - 2023-07-13 18:02 - 000000000 ____D C:\Users\patri\AppData\Local\Packages
2023-06-30 13:51 - 2023-07-10 20:27 - 000000000 ____D C:\Users\patri\AppData\Local\ConnectedDevicesPlatform
2023-06-30 13:51 - 2023-07-10 20:18 - 000000000 __SHD C:\Users\patri\IntelGraphicsProfiles
2023-06-30 13:51 - 2023-06-30 13:51 - 000000000 ____D C:\Users\patri\AppData\Roaming\Microsoft\Vault
2023-06-30 13:51 - 2023-06-30 13:51 - 000000000 ____D C:\Users\patri\AppData\Roaming\Adobe
2023-06-30 13:51 - 2023-06-30 13:51 - 000000000 ____D C:\Users\patri\AppData\Local\VirtualStore
2023-06-30 13:50 - 2023-07-10 20:26 - 000000000 ___SD C:\Users\patri\AppData\Roaming\Microsoft\Protect
2023-06-30 13:50 - 2023-06-30 13:50 - 000000000 ___SD C:\Users\patri\AppData\Roaming\Microsoft\Credentials
2023-06-30 13:50 - 2023-04-09 16:08 - 000000000 ___RD C:\Users\patri\OneDrive
2023-06-22 16:19 - 2023-06-22 16:19 - 619052932 _____ C:\WINDOWS\MEMORY.DMP
2023-06-16 17:58 - 2023-06-16 17:58 - 000000028 ____H C:\.GamingRoot
2023-06-16 17:58 - 2023-06-16 17:58 - 000000000 ____D C:\XboxGames
2023-06-15 20:55 - 2023-07-13 18:48 - 000000000 ____D C:\WINDOWS\Lenovo
2023-06-13 18:28 - 2023-06-13 18:28 - 000000000 ____D C:\Users\patrick\AppData\Local\Peters_Software_Solutions
2023-06-13 11:01 - 2023-06-13 11:01 - 000435656 _____ C:\Users\patrick\OneDrive\Documents\1677146275-ligne-642-clermont-creil-a-partir-du-270223.pdf
2023-06-09 04:36 - 2023-07-13 18:54 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-06-07 14:07 - 2023-06-07 14:39 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-06-07 14:07 - 2023-06-07 14:39 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-06-07 14:06 - 2023-06-13 14:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-06-07 14:06 - 2023-06-07 14:06 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll.0
2023-05-20 16:58 - 2023-05-20 16:58 - 000001526 _____ C:\Users\patrick\Desktop\Raccourci vers Bureau (OneDrive - Personnel).lnk
2023-05-19 17:49 - 2023-07-13 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peters Software Solutions
2023-05-19 17:49 - 2023-05-19 17:49 - 000001230 _____ C:\Users\Public\Desktop\ViVeTool GUI - Feature Scanner.lnk
2023-05-19 17:49 - 2023-05-19 17:49 - 000001155 _____ C:\Users\Public\Desktop\ViVeTool GUI.lnk
2023-05-19 17:49 - 2023-05-19 17:49 - 000000000 ____D C:\Program Files\Peters Software Solutions
2023-05-15 17:34 - 2023-07-13 15:04 - 000000000 ____D C:\Users\patrick\AppData\Local\ElevatedDiagnostics
2023-05-11 20:00 - 2023-05-11 20:19 - 000000000 ____D C:\Users\patrick\AppData\Local\Plex
2023-05-11 20:00 - 2023-05-11 20:00 - 000000000 ____D C:\Users\patrick\AppData\Local\cache
2023-05-11 19:59 - 2023-07-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex
2023-05-11 19:58 - 2023-05-11 19:58 - 000000000 ____D C:\Program Files\Plex
2023-05-09 11:05 - 2023-07-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-05-09 11:05 - 2023-05-10 20:34 - 000000000 ____D C:\Users\patrick\AppData\Roaming\obs-studio
2023-05-09 11:05 - 2023-05-09 11:05 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2023-05-09 11:05 - 2023-05-09 11:05 - 000000000 ____D C:\ProgramData\obs-studio-hook
2023-05-09 11:04 - 2023-05-09 11:05 - 000000000 ____D C:\Program Files\obs-studio
2023-05-09 11:02 - 2023-05-09 11:03 - 134090488 _____ (OBS Project) C:\Users\patrick\Downloads\OBS-Studio-29.1-Full-Installer-x64.exe
2023-05-09 09:50 - 2023-05-09 09:50 - 000000000 ____D C:\Users\patrick\AppData\Local\INetHistory
2023-05-08 09:25 - 2023-05-09 09:40 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-08 09:25 - 2023-05-08 09:25 - 000000000 ____D C:\ProgramData\Intel
2023-05-03 11:44 - 2023-05-03 11:44 - 000000017 _____ C:\Users\patrick\AppData\Local\resmon.resmoncfg
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-07-21 13:48 - 2023-04-14 18:13 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-21 13:45 - 2023-04-09 16:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-07-21 13:45 - 2023-04-09 16:09 - 000000000 __SHD C:\Users\patrick\IntelGraphicsProfiles
2023-07-16 14:07 - 2023-04-09 15:56 - 000012288 ___SH C:\DumpStack.log.tmp
2023-07-16 11:13 - 2023-04-09 16:05 - 000000000 ____D C:\Users\patrick\AppData\Local\D3DSCache
2023-07-16 09:26 - 2023-04-09 15:57 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-16 09:26 - 2023-04-09 15:57 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-07-14 08:59 - 2023-04-09 16:19 - 000914872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-13 18:54 - 2023-04-15 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-07-13 18:54 - 2023-03-26 09:53 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-07-13 18:48 - 2023-04-15 12:12 - 000000000 ____D C:\Program Files\Realtek
2023-07-13 18:48 - 2023-04-09 16:10 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-07-13 18:48 - 2023-04-09 16:09 - 000000000 ____D C:\Program Files\Intel
2023-07-13 18:47 - 2023-04-09 16:05 - 000000000 ____D C:\Users\patrick\AppData\Local\Packages
2023-07-13 18:30 - 2023-04-09 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-07-13 18:00 - 2023-04-15 12:12 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-07-13 18:00 - 2023-04-09 16:09 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-07-13 10:24 - 2023-04-09 15:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-07-12 20:39 - 2023-04-14 18:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-12 10:50 - 2023-04-09 16:18 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-12 10:50 - 2023-04-09 16:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-10 20:27 - 2023-04-09 16:09 - 000000000 ____D C:\Intel
2023-07-03 10:49 - 2023-04-09 16:01 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2023-05-03 11:44 - 2023-05-03 11:44 - 000000017 _____ () C:\Users\patrick\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2023-06-07 14:06 - 2023-06-13 14:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-07-21 14:08 - 2023-07-21 14:08 - 002384384 _____ (Farbar) C:\Users\patrick\Desktop\FRST64.exe
2023-07-21 13:52 - 2023-07-21 13:52 - 003511456 _____ (Nicolas Coolman) C:\Users\patrick\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{9a90f883-d6e5-11ed-84f2-880841743a62}
{9a90f881-d6e5-11ed-84f2-880841743a62}
{9a90f882-d6e5-11ed-84f2-880841743a62}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {77470482-219d-11ee-a326-ebfabc9a7aa7}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f881-d6e5-11ed-84f2-880841743a62}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f882-d6e5-11ed-84f2-880841743a62}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f883-d6e5-11ed-84f2-880841743a62}
description EFI Network
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f885-d6e5-11ed-84f2-880841743a62}
description EFI Network 0 for IPv4 (1C-39-47-15-E6-68)
Application logicielle (101fffff)
--------------------------------
identificateur {9a90f886-d6e5-11ed-84f2-880841743a62}
description EFI Network 0 for IPv6 (1C-39-47-15-E6-68)
Installation de Windows
-----------------------
identificateur {7254a080-1510-4e85-ac0f-e7fb3d444736}
device ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{b75def01-2191-11ee-a8f8-b46d83d401f6}
bootstatdevice partition=C:
custom:11000083 partition=C:
path \windows\system32\winload.efi
description Windows Rollback
locale fr-FR
bootstatfilepath \$WINDOWS.~BT\Sources\SafeOS\bootstat.dat
inherit {bootloadersettings}
restartonfailure Yes
osdevice ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{b75def01-2191-11ee-a8f8-b46d83d401f6}
custom:21000152 partition=C:
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {77470484-219d-11ee-a326-ebfabc9a7aa7}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
flightsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {77470482-219d-11ee-a326-ebfabc9a7aa7}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {77470484-219d-11ee-a326-ebfabc9a7aa7}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{77470485-219d-11ee-a326-ebfabc9a7aa7}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{77470485-219d-11ee-a326-ebfabc9a7aa7}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {9a90f8bb-d6e5-11ed-84f2-880841743a62}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9a90f8bc-d6e5-11ed-84f2-880841743a62}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{9a90f8bc-d6e5-11ed-84f2-880841743a62}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {77470482-219d-11ee-a326-ebfabc9a7aa7}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {77470484-219d-11ee-a326-ebfabc9a7aa7}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {9a90f8b8-d6e5-11ed-84f2-880841743a62}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {9a90f8bb-d6e5-11ed-84f2-880841743a62}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
badmemorylist 0x104310
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {77470485-219d-11ee-a326-ebfabc9a7aa7}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {9a90f8bc-d6e5-11ed-84f2-880841743a62}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options de périphérique
-----------------------
identificateur {b75def01-2191-11ee-a8f8-b46d83d401f6}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
==================== Fin de FRST.txt ========================