Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01
Ran by RRRIO (administrator) on RRRIO (Alienware Alienware 17) (29-02-2024 10:24:03)
Running from C:\Users\EMI\Desktop\FRST64 (2).exe
Loaded Profiles: RRRIO
Platform: Microsoft Windows 10 Home Version 22H2 19045.4046 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3989_none_7ddb45627cb30e03\TiWorker.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [14056 2014-10-30] (Dell Inc. -> Alienware)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-10-14] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-3082767965-3652706906-2016044323-1001\...\Run: [Native Instruments Maschine MK3 Control Panel] => C:\Program Files\Native Instruments\Maschine MK3 Driver\nimc3cpl.exe [10499696 2017-08-08] (Native Instruments GmbH -> Native Instruments GmbH)
HKU\S-1-5-21-3082767965-3652706906-2016044323-1001\...\Run: [MicrosoftEdgeAutoLaunch_915AF156048C6E34903DA16F370929C0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\WINDOWS\system32\custmon64.dll [87040 2016-12-16] () [File not signed]
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\WINDOWS\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\MPE3 Port: C:\WINDOWS\system32\mpelocalmon.dll [26112 2019-12-03] (Copyright (c) Code Industry Ltd) [File not signed]
Startup: C:\Users\EMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 4500 series.lnk [2020-11-13]
ShortcutAndArgument: Monitor Ink Alerts - HP ENVY 4500 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP ENVY 4500 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN56O354WN05X4;CONNECTION=USB;MONITOR=1;
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2023-04-17]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-03-12]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {9A31BD0F-DF3E-4152-B267-0DC6BA559102} - System32\Tasks\AdobeAAMUpdater-1.0-RRRIO-RRRIO => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1F56F72E-25FE-4F57-A3DD-C8F324A83C49} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1C07886B-D6C7-476D-83C8-BF14A28E0F8D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [739168 2023-10-09] (Dell Inc -> Dell Inc.)
Task: {D93D2F83-C6B8-4152-8D15-0DE716587AF6} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {ECF9327F-6EEC-4477-AADB-87006AD10DA9} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {AA6A185B-E9E7-4CCB-B086-2FF0D34C8218} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {4AD39422-2123-4B85-83CE-3984DDE20669} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C10773C-BCA6-4762-A0CB-81E2FF7B81C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {11116EDD-B42C-4486-ACC3-3D55D4507EBA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3BA3968-ED87-4CC4-B80B-D3FAD59C9EA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A854247F-A49C-44F4-BE49-21426C369409} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3082767965-3652706906-2016044323-1001 => C:\Users\EMI\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-10-21] () [File not signed]
Task: {A2867FCA-771B-44A2-9773-1E4FFA941291} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3082767965-3652706906-2016044323-1001 => C:\Users\EMI\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-10-21] () [File not signed]
Task: {0592B3C9-526D-46A2-9088-8A5536378D4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3082767965-3652706906-2016044323-500 => C:\Users\EMI\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-10-21] () [File not signed]
Task: {3D712841-DD0D-47AA-946F-B7EB923B2267} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{06b6628b-95ff-465a-872d-c523baf8c59e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{06b6628b-95ff-465a-872d-c523baf8c59e}: [DhcpDomain] home
Tcpip\..\Interfaces\{4a7eccec-c505-40ee-b01b-9a980c42a6ef}: [DhcpNameServer] 192.168.80.53
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}: [DhcpNameServer] 192.168.140.42
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\341607D2055726C69636: [DhcpNameServer] 192.168.203.245
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\341607D2055726C69636: [DhcpDomain] access.network
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\34163796E6F60224162727965627560254E676869656E6: [DhcpNameServer] 10.197.0.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\34163796E6F60224162727965627560254E676869656E6: [DhcpDomain] wifirst.net
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\35471676961696275637: [DhcpNameServer] 195.36.145.100 195.36.228.100
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\563707163656023657C647572756C6: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\563707163656023657C647572756C6: [DhcpDomain] home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\7416C61687970214132353030334: [DhcpNameServer] 192.168.249.18
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\845514755494D224532383D25374D293447323: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\845514755494D224532383D293447323: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F523E24374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F523E24374: [DhcpDomain] .home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F55374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F55374: [DhcpDomain] .home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\C496675626F687D213632403: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\C496675626F687D213632403: [DhcpDomain] home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\E454452554749454: [DhcpNameServer] 185.48.254.18 85.14.174.253
Edge:
=======
Edge Profile: C:\Users\EMI\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-28]
Edge Extension: (Google Docs Offline) - C:\Users\EMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-25]
Edge Extension: (Edge relevant text changes) - C:\Users\EMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-27]
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default [2024-02-29]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-02-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Screenshot YouTube) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjoijpfmdhbjkkgnmahganhoinjjpohk [2021-12-21]
CHR Extension: (Shazam : le nom des chansons en un clic) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Profile: C:\Users\EMI\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-28]
Opera:
=======
OPR Profile: C:\Users\EMI\AppData\Roaming\Opera Software\Opera Stable [2024-02-28]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [115648 2015-08-03] (Andrea Electronics -> Andrea Electronics Corporation)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AlienFusionService; C:\Program Files\Alienware\Command Center\AlienFusionService.exe [16104 2014-10-30] (Dell Inc. -> Alienware)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S4 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2023-07-06] (Dell Inc -> Dell Technologies Inc.)
S4 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2023-07-06] (Dell Inc -> Dell Technologies Inc.)
S4 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2023-07-06] (Dell Inc -> Dell Technologies Inc.)
S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-06-02] (Dell Inc -> )
S4 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-12-09] (Dell Inc -> Dell)
S4 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC -> iolo technologies, LLC)
S4 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [24607464 2022-08-05] (Native Instruments GmbH -> Native Instruments GmbH)
S4 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [405136 2016-12-16] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S4 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1261200 2016-12-14] (SafeNet Canada, Inc. -> SafeNet, Inc)
S4 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.)
S4 slpd; C:\Windows\SysWOW64\slpd.exe [102400 2011-02-17] () [File not signed]
S4 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160608 2023-10-09] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [17720 2012-07-10] (Compal Electronics, Inc. -> )
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2020-11-08] (Martin Malik - REALiX -> REALiX(tm))
S3 nimc3audio; C:\WINDOWS\System32\Drivers\nimc3audio.sys [374296 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nimc3usb; C:\WINDOWS\System32\drivers\nimc3usb.sys [91088 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [23216 2015-01-09] (STMicroelectronics -> ST Microelectronics)
S3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-07] (Tobias Erichsen -> Tobias Erichsen)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [27064 2016-07-06] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 bomebus; \SystemRoot\System32\drivers\bomebus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 08:46 - 2024-02-29 08:46 - 000024744 _____ C:\Users\EMI\Desktop\cinlbtkflxnrpqbina.txt
2024-02-28 21:55 - 2024-02-28 21:55 - 000000008 _____ C:\ProgramData\ntuser.pol
2024-02-28 21:46 - 2024-02-29 09:14 - 000170117 _____ C:\Users\EMI\Desktop\Fixlog.txt
2024-02-28 21:32 - 2024-02-28 21:32 - 000000000 ____D C:\WINDOWS\InboxApps
2024-02-28 18:15 - 2024-02-28 18:15 - 000000000 ____D C:\Users\EMI\AppData\LocalLow\webviewdata
2024-02-28 14:58 - 2024-02-28 14:58 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-28 14:56 - 2024-02-28 14:56 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-28 14:46 - 2024-02-28 14:46 - 000000000 ___HD C:\$WinREAgent
2024-02-28 14:11 - 2024-02-28 14:11 - 000000000 ____D C:\Users\EMI\Documents\AlienFX
2024-02-28 14:10 - 2024-02-28 14:10 - 000000000 ____D C:\Users\EMI\Documents\Native Instruments
2024-02-28 14:10 - 2024-02-28 14:10 - 000000000 ____D C:\Users\EMI\Documents\Alienware TactX
2024-02-28 11:21 - 2024-02-28 11:21 - 000043490 _____ C:\Users\EMI\Desktop\ZHPCleaner (R).txt
2024-02-27 14:50 - 2024-02-28 10:00 - 000043284 _____ C:\Users\EMI\Desktop\ZHPCleaner (S).txt
2024-02-27 13:50 - 2024-02-27 13:19 - 005915672 _____ (Crystal Dew World ) C:\Users\EMI\Desktop\crystaldiskinfo-windows-9.2.3-33454.exe
2024-02-27 13:23 - 2024-02-27 13:51 - 000001828 _____ C:\Users\EMI\Desktop\CrystalDiskInfo.lnk
2024-02-27 13:23 - 2024-02-27 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2024-02-27 13:23 - 2024-02-27 13:51 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2024-02-27 11:55 - 2024-02-27 11:55 - 000071384 _____ C:\Users\EMI\Desktop\Shortcut.txt
2024-02-27 11:54 - 2024-02-27 11:55 - 000084013 _____ C:\Users\EMI\Desktop\Addition.txt
2024-02-27 11:50 - 2024-02-29 10:24 - 000021627 _____ C:\Users\EMI\Desktop\FRST.txt
2024-02-27 11:50 - 2024-02-29 10:24 - 000000000 ____D C:\FRST
2024-02-27 11:44 - 2024-02-28 17:44 - 000334101 _____ C:\Users\EMI\Desktop\ZHPDiag.html
2024-02-27 11:44 - 2024-02-28 17:44 - 000264140 _____ C:\Users\EMI\Desktop\ZHPDiag.txt
2024-02-27 11:34 - 2024-02-29 08:51 - 000000000 ____D C:\Users\EMI\AppData\Roaming\ZHP
2024-02-27 11:34 - 2024-02-27 14:39 - 000000000 ____D C:\Users\EMI\AppData\Local\ZHP
2024-02-27 11:34 - 2024-02-27 11:19 - 003538592 _____ (Nicolas Coolman) C:\Users\EMI\Desktop\ZHPSuite.exe
2024-02-27 11:34 - 2024-02-27 11:17 - 002386944 _____ (Farbar) C:\Users\EMI\Desktop\FRST64 (2).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-29 10:23 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-29 10:23 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-29 10:23 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-02-29 10:22 - 2018-10-14 19:50 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-29 10:22 - 2018-10-14 19:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-02-29 10:19 - 2021-12-19 20:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-29 10:19 - 2019-08-21 08:47 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-29 10:18 - 2021-05-26 12:50 - 001241978 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-29 10:18 - 2021-05-26 12:50 - 000356358 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-29 10:18 - 2021-05-26 11:20 - 000006144 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-29 10:18 - 2019-09-09 20:27 - 000000000 ____D C:\Users\EMI\AppData\Local\D3DSCache
2024-02-29 10:16 - 2021-05-26 11:13 - 000000000 ____D C:\Users\EMI
2024-02-29 10:11 - 2020-09-27 07:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-29 09:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-29 08:42 - 2019-12-14 11:54 - 000000000 ____D C:\Users\EMI\AppData\Local\Adobe
2024-02-28 22:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-28 22:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-28 21:53 - 2021-11-19 17:28 - 000000000 ____D C:\Users\EMI\AppData\LocalLow\Temp
2024-02-28 21:49 - 2018-10-14 17:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-28 21:40 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-28 21:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-28 21:34 - 2020-09-27 07:50 - 000439224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-28 21:33 - 2021-05-26 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2024-02-28 21:33 - 2021-05-26 12:50 - 000000000 ____D C:\WINDOWS\system32\fr
2024-02-28 21:33 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-02-28 21:32 - 2023-10-19 09:53 - 004291804 _____ C:\WINDOWS\ntbtlog.txt
2024-02-28 21:32 - 2019-12-07 15:48 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-02-28 21:32 - 2019-12-07 15:48 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-02-28 21:32 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\en-GB
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-02-28 21:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-02-28 18:39 - 2023-10-19 09:53 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-02-28 15:03 - 2019-12-07 15:48 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-02-28 15:03 - 2019-12-07 15:48 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-02-28 15:03 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-02-28 15:03 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-02-28 14:56 - 2020-09-27 08:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-28 14:45 - 2020-11-16 14:57 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-02-28 14:34 - 2019-09-07 14:49 - 000000000 ____D C:\Users\EMI\AppData\Local\ElevatedDiagnostics
2024-02-28 14:33 - 2018-10-14 20:21 - 000000000 ____D C:\Users\EMI\AppData\Local\Publishers
2024-02-28 14:22 - 2020-09-27 08:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-28 14:19 - 2019-08-20 17:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-28 14:18 - 2019-12-18 21:06 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-02-28 14:15 - 2019-08-20 17:25 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-28 14:11 - 2020-09-27 08:53 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-28 14:11 - 2020-09-27 08:53 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-28 14:11 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-27 14:48 - 2020-03-24 11:41 - 000000000 ___RD C:\Users\EMI\Documents\LECTURES JULIE
2024-02-27 14:48 - 2020-03-23 13:03 - 000000000 ___RD C:\Users\EMI\Documents\lectures julie Project
2024-02-27 14:47 - 2021-06-24 15:11 - 000000000 ____D C:\Users\EMI\Documents\RESIDENCE MUR-LIEVIN- LIGHT
2024-02-27 14:47 - 2020-07-13 15:07 - 000000000 ___RD C:\Users\EMI\Documents\credito Project
2024-02-27 14:46 - 2023-09-01 20:14 - 000000000 ___RD C:\Users\EMI\Documents\DREPACTION 2023
2024-02-27 14:46 - 2023-06-15 13:06 - 000000000 ____D C:\Users\EMI\Documents\JAZZ 2023
2024-02-27 14:13 - 2020-03-22 11:50 - 000000000 ___RD C:\Users\EMI\Documents\TECH EP PROJECTS
2024-02-27 14:13 - 2019-12-14 13:52 - 000000000 ___RD C:\Users\EMI\Documents\BOOM BAP EPs
2024-02-27 13:42 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-27 13:41 - 2020-02-17 18:50 - 000000000 ____D C:\Program Files (x86)\HP
2024-02-27 13:40 - 2019-08-30 09:59 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-27 13:39 - 2020-04-01 18:10 - 000000000 ____D C:\Program Files (x86)\Mediafour
2024-02-27 13:39 - 2019-08-20 15:17 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-02-27 13:35 - 2022-07-20 20:51 - 000000000 ____D C:\Program Files\MALightingTechnology
2024-02-27 13:35 - 2019-11-27 18:50 - 000000000 ____D C:\Program Files (x86)\4dots Software
2024-02-27 13:35 - 2019-09-05 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MA Lighting
2024-02-27 11:24 - 2019-08-31 14:35 - 000000000 ____D C:\ProgramData\boost_interprocess
==================== Files in the root of some directories ========
2020-05-29 21:30 - 2020-05-29 21:30 - 000304864 _____ () C:\Users\EMI\AppData\Roaming\Bacagude
2020-05-16 23:30 - 2020-05-16 23:30 - 000310915 _____ () C:\Users\EMI\AppData\Roaming\Bomiponohe
2020-06-12 10:59 - 2020-06-12 10:59 - 000352786 _____ () C:\Users\EMI\AppData\Roaming\Gifepe
2020-12-23 19:22 - 2023-04-18 09:29 - 000000016 _____ () C:\Users\EMI\AppData\Roaming\msregsvv.dll
2020-04-09 23:01 - 2020-09-08 17:59 - 000000381 _____ () C:\Users\EMI\AppData\Roaming\WB.CFG
2021-10-01 11:17 - 2021-10-01 11:17 - 000000091 _____ () C:\Users\EMI\AppData\Local\fusioncache.dat
2019-11-13 08:27 - 2019-11-13 08:27 - 000000079 _____ () C:\Users\EMI\AppData\Local\Temp{8E2FF397-A327-4B40-962D-61A48186742A}.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by RRRIO (administrator) on RRRIO (Alienware Alienware 17) (29-02-2024 10:24:03)
Running from C:\Users\EMI\Desktop\FRST64 (2).exe
Loaded Profiles: RRRIO
Platform: Microsoft Windows 10 Home Version 22H2 19045.4046 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3989_none_7ddb45627cb30e03\TiWorker.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [14056 2014-10-30] (Dell Inc. -> Alienware)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-10-14] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-3082767965-3652706906-2016044323-1001\...\Run: [Native Instruments Maschine MK3 Control Panel] => C:\Program Files\Native Instruments\Maschine MK3 Driver\nimc3cpl.exe [10499696 2017-08-08] (Native Instruments GmbH -> Native Instruments GmbH)
HKU\S-1-5-21-3082767965-3652706906-2016044323-1001\...\Run: [MicrosoftEdgeAutoLaunch_915AF156048C6E34903DA16F370929C0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\WINDOWS\system32\custmon64.dll [87040 2016-12-16] () [File not signed]
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\WINDOWS\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\MPE3 Port: C:\WINDOWS\system32\mpelocalmon.dll [26112 2019-12-03] (Copyright (c) Code Industry Ltd) [File not signed]
Startup: C:\Users\EMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 4500 series.lnk [2020-11-13]
ShortcutAndArgument: Monitor Ink Alerts - HP ENVY 4500 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP ENVY 4500 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN56O354WN05X4;CONNECTION=USB;MONITOR=1;
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2023-04-17]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-03-12]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {9A31BD0F-DF3E-4152-B267-0DC6BA559102} - System32\Tasks\AdobeAAMUpdater-1.0-RRRIO-RRRIO => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1F56F72E-25FE-4F57-A3DD-C8F324A83C49} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1C07886B-D6C7-476D-83C8-BF14A28E0F8D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [739168 2023-10-09] (Dell Inc -> Dell Inc.)
Task: {D93D2F83-C6B8-4152-8D15-0DE716587AF6} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {ECF9327F-6EEC-4477-AADB-87006AD10DA9} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {AA6A185B-E9E7-4CCB-B086-2FF0D34C8218} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {4AD39422-2123-4B85-83CE-3984DDE20669} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C10773C-BCA6-4762-A0CB-81E2FF7B81C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {11116EDD-B42C-4486-ACC3-3D55D4507EBA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3BA3968-ED87-4CC4-B80B-D3FAD59C9EA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A854247F-A49C-44F4-BE49-21426C369409} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3082767965-3652706906-2016044323-1001 => C:\Users\EMI\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-10-21] () [File not signed]
Task: {A2867FCA-771B-44A2-9773-1E4FFA941291} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3082767965-3652706906-2016044323-1001 => C:\Users\EMI\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-10-21] () [File not signed]
Task: {0592B3C9-526D-46A2-9088-8A5536378D4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3082767965-3652706906-2016044323-500 => C:\Users\EMI\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-10-21] () [File not signed]
Task: {3D712841-DD0D-47AA-946F-B7EB923B2267} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{06b6628b-95ff-465a-872d-c523baf8c59e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{06b6628b-95ff-465a-872d-c523baf8c59e}: [DhcpDomain] home
Tcpip\..\Interfaces\{4a7eccec-c505-40ee-b01b-9a980c42a6ef}: [DhcpNameServer] 192.168.80.53
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}: [DhcpNameServer] 192.168.140.42
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\341607D2055726C69636: [DhcpNameServer] 192.168.203.245
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\341607D2055726C69636: [DhcpDomain] access.network
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\34163796E6F60224162727965627560254E676869656E6: [DhcpNameServer] 10.197.0.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\34163796E6F60224162727965627560254E676869656E6: [DhcpDomain] wifirst.net
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\35471676961696275637: [DhcpNameServer] 195.36.145.100 195.36.228.100
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\563707163656023657C647572756C6: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\563707163656023657C647572756C6: [DhcpDomain] home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\7416C61687970214132353030334: [DhcpNameServer] 192.168.249.18
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\845514755494D224532383D25374D293447323: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\845514755494D224532383D293447323: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F523E24374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F523E24374: [DhcpDomain] .home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F55374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\848473236513F554543454F55374: [DhcpDomain] .home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\C496675626F687D213632403: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\C496675626F687D213632403: [DhcpDomain] home
Tcpip\..\Interfaces\{6d1b940e-f4f9-4cf0-b675-c55c1650c4ce}\E454452554749454: [DhcpNameServer] 185.48.254.18 85.14.174.253
Edge:
=======
Edge Profile: C:\Users\EMI\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-28]
Edge Extension: (Google Docs Offline) - C:\Users\EMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-25]
Edge Extension: (Edge relevant text changes) - C:\Users\EMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-27]
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default [2024-02-29]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-02-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Screenshot YouTube) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjoijpfmdhbjkkgnmahganhoinjjpohk [2021-12-21]
CHR Extension: (Shazam : le nom des chansons en un clic) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-02-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\EMI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Profile: C:\Users\EMI\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-28]
Opera:
=======
OPR Profile: C:\Users\EMI\AppData\Roaming\Opera Software\Opera Stable [2024-02-28]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [115648 2015-08-03] (Andrea Electronics -> Andrea Electronics Corporation)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AlienFusionService; C:\Program Files\Alienware\Command Center\AlienFusionService.exe [16104 2014-10-30] (Dell Inc. -> Alienware)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S4 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2023-07-06] (Dell Inc -> Dell Technologies Inc.)
S4 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2023-07-06] (Dell Inc -> Dell Technologies Inc.)
S4 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2023-07-06] (Dell Inc -> Dell Technologies Inc.)
S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-06-02] (Dell Inc -> )
S4 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-12-09] (Dell Inc -> Dell)
S4 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC -> iolo technologies, LLC)
S4 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [24607464 2022-08-05] (Native Instruments GmbH -> Native Instruments GmbH)
S4 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [405136 2016-12-16] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S4 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1261200 2016-12-14] (SafeNet Canada, Inc. -> SafeNet, Inc)
S4 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.)
S4 slpd; C:\Windows\SysWOW64\slpd.exe [102400 2011-02-17] () [File not signed]
S4 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160608 2023-10-09] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2023-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [17720 2012-07-10] (Compal Electronics, Inc. -> )
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2020-11-08] (Martin Malik - REALiX -> REALiX(tm))
S3 nimc3audio; C:\WINDOWS\System32\Drivers\nimc3audio.sys [374296 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nimc3usb; C:\WINDOWS\System32\drivers\nimc3usb.sys [91088 2017-08-16] (Native Instruments GmbH -> Native Instruments GmbH)
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [23216 2015-01-09] (STMicroelectronics -> ST Microelectronics)
S3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-07] (Tobias Erichsen -> Tobias Erichsen)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [27064 2016-07-06] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 bomebus; \SystemRoot\System32\drivers\bomebus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 08:46 - 2024-02-29 08:46 - 000024744 _____ C:\Users\EMI\Desktop\cinlbtkflxnrpqbina.txt
2024-02-28 21:55 - 2024-02-28 21:55 - 000000008 _____ C:\ProgramData\ntuser.pol
2024-02-28 21:46 - 2024-02-29 09:14 - 000170117 _____ C:\Users\EMI\Desktop\Fixlog.txt
2024-02-28 21:32 - 2024-02-28 21:32 - 000000000 ____D C:\WINDOWS\InboxApps
2024-02-28 18:15 - 2024-02-28 18:15 - 000000000 ____D C:\Users\EMI\AppData\LocalLow\webviewdata
2024-02-28 14:58 - 2024-02-28 14:58 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-28 14:56 - 2024-02-28 14:56 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-28 14:46 - 2024-02-28 14:46 - 000000000 ___HD C:\$WinREAgent
2024-02-28 14:11 - 2024-02-28 14:11 - 000000000 ____D C:\Users\EMI\Documents\AlienFX
2024-02-28 14:10 - 2024-02-28 14:10 - 000000000 ____D C:\Users\EMI\Documents\Native Instruments
2024-02-28 14:10 - 2024-02-28 14:10 - 000000000 ____D C:\Users\EMI\Documents\Alienware TactX
2024-02-28 11:21 - 2024-02-28 11:21 - 000043490 _____ C:\Users\EMI\Desktop\ZHPCleaner (R).txt
2024-02-27 14:50 - 2024-02-28 10:00 - 000043284 _____ C:\Users\EMI\Desktop\ZHPCleaner (S).txt
2024-02-27 13:50 - 2024-02-27 13:19 - 005915672 _____ (Crystal Dew World ) C:\Users\EMI\Desktop\crystaldiskinfo-windows-9.2.3-33454.exe
2024-02-27 13:23 - 2024-02-27 13:51 - 000001828 _____ C:\Users\EMI\Desktop\CrystalDiskInfo.lnk
2024-02-27 13:23 - 2024-02-27 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2024-02-27 13:23 - 2024-02-27 13:51 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2024-02-27 11:55 - 2024-02-27 11:55 - 000071384 _____ C:\Users\EMI\Desktop\Shortcut.txt
2024-02-27 11:54 - 2024-02-27 11:55 - 000084013 _____ C:\Users\EMI\Desktop\Addition.txt
2024-02-27 11:50 - 2024-02-29 10:24 - 000021627 _____ C:\Users\EMI\Desktop\FRST.txt
2024-02-27 11:50 - 2024-02-29 10:24 - 000000000 ____D C:\FRST
2024-02-27 11:44 - 2024-02-28 17:44 - 000334101 _____ C:\Users\EMI\Desktop\ZHPDiag.html
2024-02-27 11:44 - 2024-02-28 17:44 - 000264140 _____ C:\Users\EMI\Desktop\ZHPDiag.txt
2024-02-27 11:34 - 2024-02-29 08:51 - 000000000 ____D C:\Users\EMI\AppData\Roaming\ZHP
2024-02-27 11:34 - 2024-02-27 14:39 - 000000000 ____D C:\Users\EMI\AppData\Local\ZHP
2024-02-27 11:34 - 2024-02-27 11:19 - 003538592 _____ (Nicolas Coolman) C:\Users\EMI\Desktop\ZHPSuite.exe
2024-02-27 11:34 - 2024-02-27 11:17 - 002386944 _____ (Farbar) C:\Users\EMI\Desktop\FRST64 (2).exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-29 10:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-29 10:23 - 2020-09-27 08:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-29 10:23 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-29 10:23 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-02-29 10:22 - 2018-10-14 19:50 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-29 10:22 - 2018-10-14 19:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-02-29 10:19 - 2021-12-19 20:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-29 10:19 - 2019-08-21 08:47 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-29 10:18 - 2021-05-26 12:50 - 001241978 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-29 10:18 - 2021-05-26 12:50 - 000356358 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-29 10:18 - 2021-05-26 11:20 - 000006144 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-29 10:18 - 2019-09-09 20:27 - 000000000 ____D C:\Users\EMI\AppData\Local\D3DSCache
2024-02-29 10:16 - 2021-05-26 11:13 - 000000000 ____D C:\Users\EMI
2024-02-29 10:11 - 2020-09-27 07:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-29 09:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-29 08:42 - 2019-12-14 11:54 - 000000000 ____D C:\Users\EMI\AppData\Local\Adobe
2024-02-28 22:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-28 22:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-28 21:53 - 2021-11-19 17:28 - 000000000 ____D C:\Users\EMI\AppData\LocalLow\Temp
2024-02-28 21:49 - 2018-10-14 17:10 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-28 21:40 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-28 21:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-28 21:34 - 2020-09-27 07:50 - 000439224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-28 21:33 - 2021-05-26 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2024-02-28 21:33 - 2021-05-26 12:50 - 000000000 ____D C:\WINDOWS\system32\fr
2024-02-28 21:33 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-28 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-02-28 21:32 - 2023-10-19 09:53 - 004291804 _____ C:\WINDOWS\ntbtlog.txt
2024-02-28 21:32 - 2019-12-07 15:48 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-02-28 21:32 - 2019-12-07 15:48 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-02-28 21:32 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\en-GB
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-02-28 21:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-02-28 21:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-02-28 18:39 - 2023-10-19 09:53 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-02-28 15:03 - 2019-12-07 15:48 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-02-28 15:03 - 2019-12-07 15:48 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-02-28 15:03 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-02-28 15:03 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-02-28 14:56 - 2020-09-27 08:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-28 14:45 - 2020-11-16 14:57 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-02-28 14:34 - 2019-09-07 14:49 - 000000000 ____D C:\Users\EMI\AppData\Local\ElevatedDiagnostics
2024-02-28 14:33 - 2018-10-14 20:21 - 000000000 ____D C:\Users\EMI\AppData\Local\Publishers
2024-02-28 14:22 - 2020-09-27 08:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-28 14:19 - 2019-08-20 17:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-28 14:18 - 2019-12-18 21:06 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-02-28 14:15 - 2019-08-20 17:25 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-28 14:11 - 2020-09-27 08:53 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-28 14:11 - 2020-09-27 08:53 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-28 14:11 - 2020-09-27 08:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-27 14:48 - 2020-03-24 11:41 - 000000000 ___RD C:\Users\EMI\Documents\LECTURES JULIE
2024-02-27 14:48 - 2020-03-23 13:03 - 000000000 ___RD C:\Users\EMI\Documents\lectures julie Project
2024-02-27 14:47 - 2021-06-24 15:11 - 000000000 ____D C:\Users\EMI\Documents\RESIDENCE MUR-LIEVIN- LIGHT
2024-02-27 14:47 - 2020-07-13 15:07 - 000000000 ___RD C:\Users\EMI\Documents\credito Project
2024-02-27 14:46 - 2023-09-01 20:14 - 000000000 ___RD C:\Users\EMI\Documents\DREPACTION 2023
2024-02-27 14:46 - 2023-06-15 13:06 - 000000000 ____D C:\Users\EMI\Documents\JAZZ 2023
2024-02-27 14:13 - 2020-03-22 11:50 - 000000000 ___RD C:\Users\EMI\Documents\TECH EP PROJECTS
2024-02-27 14:13 - 2019-12-14 13:52 - 000000000 ___RD C:\Users\EMI\Documents\BOOM BAP EPs
2024-02-27 13:42 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-27 13:41 - 2020-02-17 18:50 - 000000000 ____D C:\Program Files (x86)\HP
2024-02-27 13:40 - 2019-08-30 09:59 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-27 13:39 - 2020-04-01 18:10 - 000000000 ____D C:\Program Files (x86)\Mediafour
2024-02-27 13:39 - 2019-08-20 15:17 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-02-27 13:35 - 2022-07-20 20:51 - 000000000 ____D C:\Program Files\MALightingTechnology
2024-02-27 13:35 - 2019-11-27 18:50 - 000000000 ____D C:\Program Files (x86)\4dots Software
2024-02-27 13:35 - 2019-09-05 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MA Lighting
2024-02-27 11:24 - 2019-08-31 14:35 - 000000000 ____D C:\ProgramData\boost_interprocess
==================== Files in the root of some directories ========
2020-05-29 21:30 - 2020-05-29 21:30 - 000304864 _____ () C:\Users\EMI\AppData\Roaming\Bacagude
2020-05-16 23:30 - 2020-05-16 23:30 - 000310915 _____ () C:\Users\EMI\AppData\Roaming\Bomiponohe
2020-06-12 10:59 - 2020-06-12 10:59 - 000352786 _____ () C:\Users\EMI\AppData\Roaming\Gifepe
2020-12-23 19:22 - 2023-04-18 09:29 - 000000016 _____ () C:\Users\EMI\AppData\Roaming\msregsvv.dll
2020-04-09 23:01 - 2020-09-08 17:59 - 000000381 _____ () C:\Users\EMI\AppData\Roaming\WB.CFG
2021-10-01 11:17 - 2021-10-01 11:17 - 000000091 _____ () C:\Users\EMI\AppData\Local\fusioncache.dat
2019-11-13 08:27 - 2019-11-13 08:27 - 000000079 _____ () C:\Users\EMI\AppData\Local\Temp{8E2FF397-A327-4B40-962D-61A48186742A}.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================