Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021 Ran by Lenovo (administrator) on DESKTOP-B92E1JJ (LENOVO 80QQ) (02-05-2021 00:15:08) Running from C:\Users\Lenovo\Downloads Loaded Profiles: Lenovo Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Radius, OOO -> TorrentsTime) [File not signed] C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2017-08-24] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2017-08-24] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1893312 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKU\S-1-5-21-3877004748-189389608-2846572992-1001\...\Run: [com.squirrel.Teams.Teams] => C:\ProgramData\Lenovo\Microsoft\Teams\Update.exe [2453720 2021-03-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3877004748-189389608-2846572992-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Lenovo\AppData\Local\WebEx\ciscowebexstart.exe [2689752 2021-03-19] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-3877004748-189389608-2846572992-1001\...\Run: [Norton Download Manager{NS22110041-SHPD-FSD510053}] => C:\Users\Lenovo\AppData\Local\Temp\{A2F8B0AE-FE4D-4785-B2D7-9ABE224C86A4}\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.) <==== ATTENTION HKU\S-1-5-21-3877004748-189389608-2846572992-1001\...\RunOnce: [Adobe Speed Launcher] => 1619906665 HKU\S-1-5-21-3877004748-189389608-2846572992-1001\...\MountPoints2: {37e2fa6a-8586-11eb-8c7d-c85b76b70199} - "G:\HiSuiteDownLoader.exe" HKLM\...\Print\Monitors\CutePDF Writer Monitor v3.2: C:\Windows\system32\cpwmon64_v32.dll [90096 2017-05-26] (Acro Software Inc -> ) HKLM\...\Print\Monitors\HP CD11 Status Monitor: C:\Windows\system32\hpinkstsCD11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00C2C0B4-2710-4CB1-A028-CF5B6BB580B1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-01] (Avast Software s.r.o. -> Avast Software) Task: {06E61FC9-7582-4F6F-B92F-FF3C7E2D75B0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693632 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0CFDF8C2-350E-46B7-9651-3A5FC349BD43} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2EED14C7-1BFD-4661-A110-910C646001D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-15] (Google Inc -> Google Inc.) Task: {3023B1B7-6131-4AFF-9136-9B0A282CD660} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {4744CCBB-9565-4EC8-94F2-B9ABE5AC2C34} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {4FEAD1D8-2B36-4882-9C12-A5C89408B2F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5406B656-88FC-4883-BB5F-34847D4DBD42} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-B92E1JJ-Lenovo DESKTOP-B92E1JJ => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {6180A360-F7AD-4545-A007-5AA628F420E8} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6B8FE2EB-3244-410B-A213-4C2B86E9C130} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6D062227-2A78-45C2-8C4E-E4449571CBAB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {6D5B0196-2D6D-45D9-9525-73F5DD60560A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {730CE121-1FF4-4AFF-A79D-E408614D82A5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9076E59C-3457-4DCD-BEDC-1330120159C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {94B43F10-0444-40CC-A6BA-7433C92CB9DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {A0EE7D0C-6F8E-42D5-9D26-EF95B35B76EA} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [37000 2021-04-15] (HP Inc. -> HP Inc.) Task: {A5B0E6E9-9A30-4B02-910C-D0C98933DEF5} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [37000 2021-04-15] (HP Inc. -> HP Inc.) Task: {C35A64C4-B598-4938-B821-1CBD77886526} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D200FFB9-E662-445D-B5D1-F594CF1B1A42} - System32\Tasks\Opera scheduled Autoupdate 1548671310 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-26] (Opera Software AS -> Opera Software) Task: {D941F29C-06E4-4852-A36B-23A7C974EE01} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E0AD6AD0-AEB8-4A65-A24F-0B1F0B54EE74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-15] (Google Inc -> Google Inc.) Task: {E885E596-06D0-4599-8C74-66CD05CD5DA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F990B113-192E-40AC-805C-70729315E14D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-06-08] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{67907244-67d8-46ff-97c4-fa8154030455}: [DhcpNameServer] 192.168.43.1 Edge: ======= Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found] Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found] Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found] Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found] Edge DefaultProfile: Default Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-01] FireFox: ======== FF DefaultProfile: 83cxoeft.default FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\83cxoeft.default [2021-01-15] FF Extension: (Avast Online Security) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\83cxoeft.default\Extensions\wrc@avast.com.xpi [2020-10-22] FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\83cxoeft.default\features\{1d7ced51-96ab-4fbc-ad93-f4e39fbaa5c9}\hotfix-bug-1548973@mozilla.org.xpi [2020-10-22] [Legacy] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2006-01-28] (RealNetworks, Inc.) [File not signed] FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2006-01-28] (RealNetworks, Inc.) [File not signed] FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3877004748-189389608-2846572992-1001: @asperasoft.com/AsperaConnect -> C:\Users\Lenovo\AppData\Local\Programs\Aspera\Aspera Connect\bin\npasperaweb_3.11.2.63.dll [2021-03-19] (International Business Machines Corporation -> Aspera, Inc.) FF Plugin HKU\S-1-5-21-3877004748-189389608-2846572992-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-08-01] (Beijing Jiupu Technology Co., Ltd. -> EagleGet) FF Plugin HKU\S-1-5-21-3877004748-189389608-2846572992-1001: torrents-time.com/TTPlugin -> C:\Program Files (x86)\TorrentsTime Media Player\bin\npTTPlugin.dll [2019-09-25] (Torrents Time) [File not signed] Chrome: ======= CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2021-05-02] CHR Notifications: Default -> hxxps://app.slack.com; hxxps://drive.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://popcorntime-online.tv; hxxps://watch.popcorntime-online.tv; hxxps://web.skype.com; hxxps://www.appartoo.com CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23] CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-16] CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-25] CHR Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-04-25] CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-21] CHR Extension: (AdBlock — best ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-01] CHR Extension: (i New Tab) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdkdmoacnkphoadmfidlhfdobieblphn [2019-06-12] CHR Extension: (Norton Identity Safe) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-09-04] CHR Extension: (IBM Aspera Connect) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpoecbkildamnnchnlgoboipnblgikpn [2021-04-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02] CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-15] CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-27] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2017-08-24] CHR HKU\S-1-5-21-3877004748-189389608-2846572992-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-08-24] CHR HKU\S-1-5-21-3877004748-189389608-2846572992-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2017-08-24] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-08-24] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2017-08-24] Opera: ======= OPR Profile: C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable [2021-04-26] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-26] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288392 2021-04-15] (HP Inc. -> HP Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TTService; C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe [3266584 2019-10-01] (Radius, OOO -> TorrentsTime) [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 MpKslf70f05ae; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D1E48EB-525F-4ED5-9B6C-5B8585A3A403}\MpKslDrv.sys [47336 2021-05-01] (Microsoft Windows -> Microsoft Corporation) R2 WCMVCAM; C:\WINDOWS\System32\drivers\wcmvcam64.sys [1071032 2012-04-15] (Tenki Technology Co., Ltd. -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-05-01] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-05-01] (Microsoft Windows -> Microsoft Corporation) S4 SymEvnt; \??\C:\Program Files\Norton Security\NortonData\22.10.0.85\SymPlatform\SymEvnt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-02 00:15 - 2021-05-02 00:17 - 000023074 _____ C:\Users\Lenovo\Downloads\FRST.txt 2021-05-02 00:14 - 2021-05-02 00:16 - 000000000 ____D C:\FRST 2021-05-02 00:13 - 2021-05-02 00:13 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe 2021-05-01 20:38 - 2021-05-01 20:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2021-05-01 12:07 - 2021-05-01 12:07 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\Lenovo\Downloads\NRnR (3).exe 2021-05-01 12:05 - 2021-05-01 12:05 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\Lenovo\Downloads\NRnR (2).exe 2021-05-01 11:57 - 2021-05-01 12:05 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\Lenovo\Downloads\NRnR (1).exe 2021-05-01 11:44 - 2021-05-01 11:44 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-05-01 11:41 - 2021-05-01 11:41 - 012612600 _____ (AVAST Software) C:\Users\Lenovo\Downloads\avastclear.exe 2021-05-01 11:39 - 2021-05-01 11:39 - 000524288 _____ C:\Users\Lenovo\Downloads\Unconfirmed 67045.crdownload 2021-05-01 11:39 - 2021-05-01 11:39 - 000524288 _____ C:\Users\Lenovo\Downloads\Unconfirmed 178937.crdownload 2021-05-01 11:38 - 2021-05-01 11:39 - 002791032 _____ (AVAST Software) C:\Users\Lenovo\Downloads\Unconfirmed 981282.crdownload 2021-05-01 10:46 - 2021-05-01 10:47 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\Lenovo\Downloads\NRnR.exe 2021-04-29 18:09 - 2021-04-29 18:09 - 000020422 _____ C:\Users\Lenovo\Downloads\Invoice-143CAU-0001.pdf 2021-04-29 15:27 - 2021-04-29 15:27 - 000157425 _____ C:\Users\Lenovo\Downloads\AAP Aimer l'été_Association Causons.pdf 2021-04-28 19:07 - 2021-04-28 19:07 - 000155181 _____ C:\Users\Lenovo\Downloads\CV-SAMY-DEFINITIF.pdf 2021-04-28 17:03 - 2021-04-28 17:27 - 2585796297 _____ C:\Users\Lenovo\Downloads\VACHELA_PROG_169_185_ME__FR_2007M15757.MP4 2021-04-28 17:00 - 2021-04-28 17:00 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IBM Aspera 2021-04-28 17:00 - 2021-04-28 17:00 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Aspera 2021-04-28 16:58 - 2021-04-28 16:58 - 044934584 _____ (IBM Corp.) C:\Users\Lenovo\Downloads\IBMAsperaConnectSetup-ML-3.11.2.63.exe 2021-04-27 11:54 - 2021-04-27 11:54 - 000266137 _____ C:\Users\Lenovo\Downloads\Ecodair facture diagnostic ordi.pdf 2021-04-27 11:49 - 2021-04-27 11:49 - 000347755 _____ C:\Users\Lenovo\Downloads\facture ligue de l'enseignement Causons.pdf 2021-04-27 11:47 - 2021-04-27 11:47 - 000171032 _____ C:\Users\Lenovo\Downloads\Coffre à clé facture.pdf 2021-04-27 11:47 - 2021-04-27 11:47 - 000047657 _____ C:\Users\Lenovo\Downloads\facture 872741.pdf 2021-04-26 14:43 - 2021-04-26 14:43 - 000342483 _____ C:\Users\Lenovo\Downloads\Attestation-Minimis (1).pdf 2021-04-26 12:36 - 2021-04-26 12:37 - 000170928 _____ C:\Users\Lenovo\Downloads\Attestation-Minimis.pdf 2021-04-26 12:10 - 2021-04-26 15:12 - 000052196 _____ C:\Users\Lenovo\Downloads\Fiche-identité_UrgencESS-VF.xlsx 2021-04-26 12:09 - 2021-04-26 12:09 - 000038987 _____ C:\Users\Lenovo\Downloads\Bon pour pouvoir Nada.pdf 2021-04-26 12:03 - 2021-04-26 12:08 - 000029850 _____ C:\Users\Lenovo\Downloads\Outil-E.-Formulaire-didentification-bénéficiaires-effectifs-Association.xlsx 2021-04-26 09:02 - 2021-04-28 20:37 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72bfbe554882f 2021-04-25 19:49 - 2021-04-25 19:49 - 000000868 _____ C:\Users\Lenovo\Desktop\ZHPSuite.lnk 2021-04-25 19:48 - 2021-04-25 19:49 - 003468440 _____ (Nicolas Coolman) C:\Users\Lenovo\Downloads\ZHPSuite (1).exe 2021-04-25 13:25 - 2021-05-01 12:27 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\ZHP 2021-04-25 13:25 - 2021-04-25 13:25 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ZHP 2021-04-25 13:24 - 2021-04-25 13:24 - 003468440 _____ (Nicolas Coolman) C:\Users\Lenovo\Downloads\ZHPSuite.exe 2021-04-23 18:22 - 2021-04-23 18:22 - 000078328 _____ C:\Users\Lenovo\Downloads\Budget Projet Causons.xlsm 2021-04-23 15:34 - 2021-04-23 15:34 - 000000169 _____ C:\Users\Lenovo\Desktop\fixPC.txt 2021-04-23 12:56 - 2021-04-23 12:57 - 000590512 _____ C:\Users\Lenovo\Downloads\ID Guillaume Chausse.pdf 2021-04-23 12:52 - 2021-04-23 12:52 - 000744801 _____ C:\Users\Lenovo\Downloads\Plan trésorerie Causons.pdf 2021-04-23 12:49 - 2021-04-23 12:51 - 000052166 _____ C:\Users\Lenovo\Downloads\Plan trésorerie Causons.xlsm 2021-04-23 12:46 - 2021-04-23 12:46 - 000353206 _____ C:\Users\Lenovo\Downloads\Rapport financier 2018-2019.pdf 2021-04-23 12:40 - 2021-04-23 12:40 - 000429987 _____ C:\Users\Lenovo\Downloads\Budget global Causons 2020-21.xlsm 2021-04-23 09:46 - 2021-04-23 09:46 - 000528335 _____ C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip 2021-04-23 09:46 - 2021-04-23 09:46 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder 2021-04-16 15:45 - 2021-04-16 15:45 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-16 15:43 - 2021-04-16 15:43 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-16 15:43 - 2021-04-16 15:43 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-16 10:47 - 2021-04-16 10:47 - 000213042 _____ C:\Users\Lenovo\Downloads\la poste 7 avril.pdf 2021-04-15 17:29 - 2021-04-15 17:29 - 000037794 _____ C:\Users\Lenovo\Downloads\Bilan Rentrée mars 2021.pdf 2021-04-15 16:55 - 2021-04-15 16:57 - 001346178 _____ C:\Users\Lenovo\Downloads\Formulaire d'inscription IDC POUR TOUS.pdf 2021-04-15 16:39 - 2021-04-15 16:39 - 000474760 _____ C:\Users\Lenovo\Downloads\AG2020 - Proces Verbal (1).pdf 2021-04-15 16:39 - 2021-04-15 16:39 - 000148901 _____ C:\Users\Lenovo\Downloads\Statuts Causons nov 2020.pdf 2021-04-15 16:38 - 2021-04-15 16:38 - 000323425 _____ C:\Users\Lenovo\Downloads\declaration_honneur_pieed2021.docx.pdf 2021-04-15 16:36 - 2021-04-15 16:36 - 000535532 _____ C:\Users\Lenovo\Downloads\Causons_dossier_candidature_pieed2021.docx.pdf 2021-04-15 14:15 - 2021-04-15 14:15 - 000325533 _____ C:\Users\Lenovo\Desktop\NOM.pdf 2021-04-15 13:55 - 2021-04-15 13:55 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-04-13 10:56 - 2021-04-13 10:57 - 001528242 _____ C:\Users\Lenovo\Downloads\RecuFiscal.Alixcm.pdf 2021-04-09 17:57 - 2021-04-09 17:57 - 001315912 _____ C:\Users\Lenovo\Downloads\ModeleRecuFiscal.Cerfa_.11580_03.pdf 2021-04-09 10:19 - 2021-04-09 10:19 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-04-08 09:49 - 2021-04-08 09:54 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2021-04-08 09:42 - 2021-04-08 09:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2021-04-08 09:42 - 2021-04-08 09:42 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2021-04-08 09:33 - 2021-04-08 09:33 - 000000000 ____D C:\ProgramData\ssh 2021-04-08 09:20 - 2021-04-08 09:20 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-04-08 09:20 - 2021-04-08 09:20 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll 2021-04-08 09:20 - 2021-04-08 09:20 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-04-08 09:19 - 2021-04-08 09:19 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-04-08 09:19 - 2021-04-08 09:19 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2021-04-08 09:19 - 2021-04-08 09:19 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-04-08 09:19 - 2021-04-08 09:19 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax 2021-04-08 09:19 - 2021-04-08 09:19 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-04-08 09:19 - 2021-04-08 09:19 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll 2021-04-08 09:19 - 2021-04-08 09:19 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-04-08 09:19 - 2021-04-08 09:19 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-04-08 09:18 - 2021-04-08 09:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-04-08 09:18 - 2021-04-08 09:18 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-04-08 09:18 - 2021-04-08 09:18 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-04-08 09:18 - 2021-04-08 09:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax 2021-04-08 09:18 - 2021-04-08 09:18 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-04-08 09:18 - 2021-04-08 09:18 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-04-08 09:18 - 2021-04-08 09:18 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-04-08 09:18 - 2021-04-08 09:18 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-04-08 09:18 - 2021-04-08 09:18 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll 2021-04-08 09:17 - 2021-04-08 09:17 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2021-04-08 09:17 - 2021-04-08 09:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-04-08 09:17 - 2021-04-08 09:17 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-04-08 09:17 - 2021-04-08 09:17 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2021-04-08 09:17 - 2021-04-08 09:17 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2021-04-08 09:17 - 2021-04-08 09:17 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2021-04-08 09:17 - 2021-04-08 09:17 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-04-08 09:17 - 2021-04-08 09:17 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-04-08 09:17 - 2021-04-08 09:17 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-04-08 09:17 - 2021-04-08 09:17 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-04-08 09:17 - 2021-04-08 09:17 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-04-08 09:17 - 2021-04-08 09:17 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2021-04-08 09:16 - 2021-04-08 09:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-04-08 09:16 - 2021-04-08 09:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-04-08 09:16 - 2021-04-08 09:16 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-04-08 09:16 - 2021-04-08 09:16 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-04-08 09:16 - 2021-04-08 09:16 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-04-08 09:16 - 2021-04-08 09:16 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2021-04-08 09:16 - 2021-04-08 09:16 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-04-08 09:16 - 2021-04-08 09:16 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb 2021-04-08 09:16 - 2021-04-08 09:16 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2021-04-08 09:16 - 2021-04-08 09:16 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll 2021-04-08 09:16 - 2021-04-08 09:16 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-04-08 09:15 - 2021-04-08 09:15 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-04-08 09:15 - 2021-04-08 09:15 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-04-08 09:15 - 2021-04-08 09:15 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2021-04-08 09:15 - 2021-04-08 09:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv 2021-04-08 09:15 - 2021-04-08 09:15 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2021-04-08 09:14 - 2021-04-08 09:14 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-04-08 09:14 - 2021-04-08 09:14 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2021-04-08 09:14 - 2021-04-08 09:14 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-04-08 09:14 - 2021-04-08 09:14 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2021-04-08 09:13 - 2021-04-08 09:13 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-04-08 09:13 - 2021-04-08 09:13 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-04-08 09:13 - 2021-04-08 09:13 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-04-08 09:13 - 2021-04-08 09:13 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2021-04-08 09:13 - 2021-04-08 09:13 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-04-08 09:13 - 2021-04-08 09:13 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-04-08 09:13 - 2021-04-08 09:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb 2021-04-08 09:13 - 2021-04-08 09:13 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-04-08 09:13 - 2021-04-08 09:13 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2021-04-08 09:12 - 2021-04-08 09:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-04-08 09:12 - 2021-04-08 09:12 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-04-08 09:12 - 2021-04-08 09:12 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-04-08 09:12 - 2021-04-08 09:12 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-04-08 09:12 - 2021-04-08 09:12 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-04-08 09:12 - 2021-04-08 09:12 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-04-08 09:12 - 2021-04-08 09:12 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-04-08 09:12 - 2021-04-08 09:12 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2021-04-08 09:12 - 2021-04-08 09:12 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2021-04-08 09:11 - 2021-04-08 09:11 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-04-08 09:11 - 2021-04-08 09:11 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-04-08 09:11 - 2021-04-08 09:11 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll 2021-04-08 09:11 - 2021-04-08 09:11 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv 2021-04-08 09:11 - 2021-04-08 09:11 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-04-08 08:14 - 2019-10-15 23:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2021-04-08 08:14 - 2019-04-19 04:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2021-04-08 08:11 - 2021-05-01 20:48 - 000744314 _____ C:\WINDOWS\system32\perfh00C.dat 2021-04-08 08:11 - 2021-05-01 20:48 - 000141620 _____ C:\WINDOWS\system32\perfc00C.dat 2021-04-08 08:11 - 2021-04-08 08:11 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat 2021-04-08 08:11 - 2021-04-08 08:11 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat 2021-04-08 08:11 - 2021-04-08 08:11 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2021-04-08 08:11 - 2021-04-08 08:11 - 000000000 ____D C:\WINDOWS\system32\fr 2021-04-08 07:56 - 2021-04-08 07:56 - 000000000 ____D C:\WINDOWS\system32\ar 2021-04-08 00:42 - 2021-04-08 00:42 - 000000020 ___SH C:\Users\Lenovo\ntuser.ini 2021-04-08 00:40 - 2021-05-01 21:13 - 000005250 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-B92E1JJ-Lenovo DESKTOP-B92E1JJ 2021-04-08 00:40 - 2021-05-01 12:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-08 00:40 - 2021-05-01 11:35 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-04-08 00:40 - 2021-05-01 11:27 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F172DEA2-B44E-418D-98F7-74C01E0C57EF} 2021-04-08 00:40 - 2021-04-29 15:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3877004748-189389608-2846572992-1001 2021-04-08 00:40 - 2021-04-29 10:22 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1548671310 2021-04-08 00:40 - 2021-04-28 20:37 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-08 00:40 - 2021-04-28 20:37 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-08 00:40 - 2021-04-28 20:37 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-08 00:40 - 2021-04-28 20:37 - 000003176 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-08 00:40 - 2021-04-28 20:37 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000002968 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000002956 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000002838 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000002786 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-04-08 00:40 - 2021-04-28 20:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-04-08 00:40 - 2021-04-15 13:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2021-04-08 00:39 - 2021-04-08 00:40 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2021-04-08 00:39 - 2021-04-08 00:40 - 000007623 _____ C:\WINDOWS\diagerr.xml 2021-04-08 00:21 - 2021-05-01 20:48 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-08 00:05 - 2021-04-29 15:43 - 000002368 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-08 00:05 - 2021-04-08 00:42 - 000000000 ____D C:\Users\Lenovo 2021-04-08 00:01 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2021-04-07 23:56 - 2021-05-01 23:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-07 23:56 - 2021-04-16 22:06 - 000464640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-07 23:55 - 2021-05-01 12:15 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-06 11:46 - 2021-04-06 11:47 - 001245809 _____ C:\Users\Lenovo\Downloads\Autodiag DLA - Ingénierie collective - 2021 - Causons.xlsm 2021-04-02 12:04 - 2021-04-19 13:25 - 000000000 ___DC C:\WINDOWS\Panther 2021-04-02 11:57 - 2021-04-02 11:57 - 000000000 ___HD C:\$WinREAgent ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-02 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-02 00:14 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-05-02 00:05 - 2017-09-04 08:34 - 000000000 ____D C:\ProgramData\Norton 2021-05-02 00:03 - 2017-08-24 20:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-05-02 00:03 - 2017-08-24 20:31 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles 2021-05-01 23:34 - 2017-08-24 20:33 - 000000000 ____D C:\ProgramData\NVIDIA 2021-05-01 13:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-01 13:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-05-01 12:47 - 2017-09-04 08:34 - 000000000 ____D C:\Users\Public\Downloads\Norton 2021-05-01 12:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-05-01 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-05-01 12:14 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-05-01 12:13 - 2017-09-04 08:59 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared 2021-05-01 12:06 - 2018-05-25 02:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-01 11:56 - 2019-02-17 19:21 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-05-01 11:50 - 2019-01-28 12:34 - 000000000 ____D C:\Users\Lenovo\AppData\Local\AVAST Software 2021-05-01 11:42 - 2019-01-28 12:28 - 000000000 ____D C:\ProgramData\AVAST Software 2021-05-01 10:49 - 2020-03-20 17:50 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-01 10:49 - 2020-03-20 17:50 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-01 10:49 - 2020-03-20 17:50 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-05-01 10:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-04-30 10:13 - 2020-09-28 18:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-29 16:14 - 2018-03-11 07:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages 2021-04-29 15:43 - 2017-08-25 10:52 - 000000000 ___RD C:\Users\Lenovo\OneDrive 2021-04-29 10:22 - 2019-01-28 12:28 - 000001410 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2021-04-27 10:19 - 2017-12-15 17:45 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-27 10:19 - 2017-12-15 17:45 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-04-27 10:19 - 2017-12-15 17:45 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-04-26 15:16 - 2019-08-26 11:04 - 000000000 ____D C:\Users\Lenovo\Documents\Papiers Admin 2021-04-26 08:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-25 20:22 - 2017-08-24 20:39 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-25 20:22 - 2017-08-24 20:39 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-25 20:21 - 2017-08-24 20:41 - 000000000 ____D C:\ProgramData\Apple Computer 2021-04-25 19:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-22 18:30 - 2017-12-15 20:26 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\WhatsApp 2021-04-22 14:52 - 2017-12-15 20:25 - 000000000 ____D C:\Users\Lenovo\AppData\Local\WhatsApp 2021-04-16 22:02 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-16 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-16 15:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-04-16 15:04 - 2018-03-10 18:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-16 14:59 - 2018-03-10 18:34 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-15 10:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat 2021-04-13 09:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-09 13:12 - 2019-01-15 21:13 - 000000000 ____D C:\Users\Lenovo\Documents\Memoire 2021-04-09 12:00 - 2019-01-14 16:31 - 000000000 ____D C:\Users\Lenovo\Documents\Causons 2021-04-09 10:18 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-04-08 09:54 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup 2021-04-08 09:54 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2021-04-08 09:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-04-08 09:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool 2021-04-08 09:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-08 09:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2021-04-08 09:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help 2021-04-08 09:54 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-04-08 09:54 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-04-08 09:54 - 2019-10-08 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TorrentsTime Media Player 2021-04-08 09:54 - 2019-06-27 15:12 - 000000000 ____D C:\Program Files\UNP 2021-04-08 09:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-04-08 09:54 - 2018-05-24 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Shaper Free 2021-04-08 09:54 - 2018-04-22 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF 2021-04-08 09:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-04-08 09:54 - 2018-01-20 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2021-04-08 09:54 - 2017-12-20 16:31 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2021-04-08 09:54 - 2017-08-24 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-04-08 09:54 - 2017-08-24 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64 2021-04-08 09:54 - 2017-08-24 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2021-04-08 09:54 - 2017-08-24 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebcamMax 2021-04-08 09:54 - 2017-08-24 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2021-04-08 09:54 - 2017-08-24 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2021-04-08 09:54 - 2017-08-24 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EagleGet 2021-04-08 09:54 - 2017-08-24 20:37 - 000000000 ____D C:\WINDOWS\SHELLNEW 2021-04-08 09:54 - 2017-08-24 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2021-04-08 09:54 - 2017-08-24 20:29 - 000000000 ____D C:\Program Files\CONEXANT 2021-04-08 09:54 - 2017-08-24 20:27 - 000000000 ____D C:\Program Files\Intel 2021-04-08 09:53 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries 2021-04-08 09:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources 2021-04-08 09:49 - 2017-08-24 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant 2021-04-08 09:33 - 2019-12-07 11:54 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-04-08 09:33 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-04-08 09:33 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-04-08 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-04-08 09:31 - 2019-12-07 11:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-04-08 09:31 - 2019-12-07 11:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2021-04-08 08:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-04-08 08:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-04-08 08:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-04-08 08:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-04-08 08:14 - 2019-12-07 11:52 - 000000000 ____D C:\WINDOWS\OCR 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\winrm 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\WCN 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\slmgr 2021-04-08 08:11 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2021-04-08 08:11 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc 2021-04-08 04:16 - 2017-08-24 20:27 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2021-04-08 00:45 - 2018-07-11 22:49 - 000000000 ____D C:\ProgramData\Packages 2021-04-08 00:44 - 2018-03-11 08:19 - 000000000 ___RD C:\Users\Lenovo\3D Objects 2021-04-08 00:44 - 2017-08-25 10:49 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-04-08 00:44 - 2017-08-24 20:39 - 000002393 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-08 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate 2021-04-08 00:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-04-08 00:40 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-04-08 00:10 - 2021-01-25 20:01 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-04-08 00:10 - 2020-04-07 15:01 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings Desktop App 2021-04-08 00:10 - 2017-08-24 20:47 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-04-08 00:08 - 2017-12-15 20:26 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-04-08 00:08 - 2017-08-24 20:31 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2021-04-08 00:02 - 2017-08-24 21:25 - 000000000 ____D C:\Program Files\Elantech 2021-04-08 00:02 - 2017-08-24 20:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-04-08 00:01 - 2017-08-24 20:31 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2021-04-02 20:13 - 2017-08-24 20:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps 2021-04-02 17:41 - 2018-05-18 19:45 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================