Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2021 Exécuté par DAVLEGRAND (administrateur) sur DESKTOP-9BG0R85 (Hewlett-Packard HP EliteBook 8470p) (22-05-2021 07:32:32) Exécuté depuis C:\Users\DAVLEGRAND\Downloads Profils chargés: DAVLEGRAND Platform: Windows 10 Education Version 1803 17134.1304 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Mega Limited -> Mega Limited) C:\Users\DAVLEGRAND\AppData\Local\MEGAsync\MEGAsync.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\DAVLEGRAND\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (Power Software Ltd -> Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (SFX TEAM) [Fichier non signé] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe (Smadsoft) [Fichier non signé] C:\Program Files (x86)\SMADAV\SMΔRTP.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (win.rar GmbH -> Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe (Zainuddin Nafarin -> Smadav Software) C:\Program Files (x86)\SMADAV\SmadavProtect64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-05-31] (Power Software Ltd -> Power Software Ltd) HKLM-x32\...\Run: [SMΔRT-Protection] => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1935704 2021-01-20] (Smadsoft) [Fichier non signé] HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-19\...\Policies\Explorer: [TaskbarNoNotification] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-20\...\Policies\Explorer: [TaskbarNoNotification] 1 HKU\S-1-5-21-2757574433-2502586866-1848713204-1001\...\Run: [SuperCopier2.exe] => C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM) [Fichier non signé] HKU\S-1-5-21-2757574433-2502586866-1848713204-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\DAVLEGRAND\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2757574433-2502586866-1848713204-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\DAVLEGRAND\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2757574433-2502586866-1848713204-1001\...\RunOnce: [Uninstall 17.3.6816.0313\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DAVLEGRAND\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64" HKU\S-1-5-21-2757574433-2502586866-1848713204-1001\...\RunOnce: [Uninstall 17.3.6816.0313] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DAVLEGRAND\AppData\Local\Microsoft\OneDrive\17.3.6816.0313" HKU\S-1-5-21-2757574433-2502586866-1848713204-1001\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-2757574433-2502586866-1848713204-1001\...\Policies\Explorer: [TaskbarNoNotification] 1 HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [251392 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\PDF-XChange4: C:\Windows\system32\pxc40pm.dll [56912 2011-09-16] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-21] (Google LLC -> Google LLC) Startup: C:\Users\DAVLEGRAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-05-21] ShortcutTarget: MEGAsync.lnk -> C:\Users\DAVLEGRAND\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0A24F1DB-8BD5-4A54-A044-DCE196EDC933} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {0ECA32CA-E449-40DA-9CFA-F7EE0E948818} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-08] (Microsoft Windows -> Microsoft Corporation) Task: {1F2F7904-BC6E-49C0-82F1-3CE54D6E6312} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [132732536 2021-05-21] (Microsoft Windows -> Microsoft Corporation) Task: {53CB88A8-F824-42D2-A2D8-A9B72160CC73} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-08] (Microsoft Windows -> Microsoft Corporation) Task: {54819C77-79D4-4A34-B7E6-BA3D15304402} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-21] (Google LLC -> Google LLC) Task: {70D4FA78-F969-4900-AEDB-439FF0771291} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {76CC5E59-FD3C-4E02-B693-153DB3A957AD} - System32\Tasks\Uninstaller_SkipUac_DAVLEGRAND => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6565136 2020-10-15] (IObit Information Technology -> IObit) Task: {91DEB501-7CE2-4AD7-B1B5-0DAA51DE5264} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1935704 2021-01-20] (Smadsoft) [Fichier non signé] Task: {9BBD43F4-52C1-4E65-A917-BA63E0E70FE1} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3806208 2020-06-28] (Easeware) [Fichier non signé] Task: {AB68065A-B37E-482C-9193-6A0D24EED79D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {B157E346-6403-439B-9CDB-476DC91A419B} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe Task: {BAE0FB42-E5FB-43EA-A463-130562E3E11C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [5046784 2021-05-22] () [Fichier non signé] Task: {E47FB99D-88A7-40E7-B9AB-A459038705D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-21] (Google LLC -> Google LLC) Task: {E972CF63-50AC-4D59-B9F7-1A2F8E5278C8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-04] (Mozilla Corporation -> Mozilla Foundation) Task: {F0204A2E-0FF5-415C-8BFC-E5512F7CA693} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2757574433-2502586866-1848713204-1001 => C:\Users\DAVLEGRAND\AppData\Local\MEGAsync\MEGAupdater.exe [1820848 2021-05-13] (Mega Limited -> Mega Limited) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{211afe5a-1638-4f55-98db-42fbfc7afb6f}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\DAVLEGRAND\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-22] Edge Extension: (IObit Surfing Protection) - C:\Users\DAVLEGRAND\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2021-05-21] FireFox: ======== FF DefaultProfile: 0yigzwk4.default FF ProfilePath: C:\Users\DAVLEGRAND\AppData\Roaming\Mozilla\Firefox\Profiles\0yigzwk4.default [2021-05-21] FF ProfilePath: C:\Users\DAVLEGRAND\AppData\Roaming\Mozilla\Firefox\Profiles\m8sahwc0.default-release [2021-05-22] FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) [Fichier non signé] FF Plugin HKU\S-1-5-21-2757574433-2502586866-1848713204-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.) Chrome: ======= CHR Profile: C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default [2021-05-21] CHR HomePage: Default -> hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=DE2C0024816594DB&affID=119357&tsp=4955 CHR DefaultSearchURL: Default -> hxxps://feed.smartstreamsearch.com/?q={searchTerms}&publisher=smartstreamsearch&barcodeid=584030000000000 CHR DefaultSearchKeyword: Default -> SmartStreamSearch CHR DefaultSuggestURL: Default -> hxxps://api.smartstreamsearch.com/suggest/get?q={searchTerms} CHR Extension: (Slides) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-05-21] CHR Extension: (Docs) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-05-21] CHR Extension: (Google Drive) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-21] CHR Extension: (YouTube) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-05-21] CHR Extension: (SmartStreamSearch) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\eplgeocjolljcekonmlblfdoeakklejl [2021-05-21] CHR Extension: (Sheets) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-05-21] CHR Extension: (Google Docs hors connexion) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-21] CHR Extension: (IObit Surfing Protection) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2021-05-21] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-21] CHR Extension: (Gmail) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-21] CHR Extension: (Chrome Media Router) - C:\Users\DAVLEGRAND\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-21] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 fpCsEvtSvc; C:\Windows\system32\fpCSEvtSvc.exe [13824 2021-05-21] (Microsoft Windows Hardware Compatibility Publisher -> ) S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-07-31] (IObit Information Technology -> IObit) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5098408 2020-01-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [85400 2021-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation) S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit) R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit) R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit) S4 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S4 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation) S4 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-05-22 07:29 - 2021-05-22 07:33 - 000000000 ____D C:\FRST 2021-05-22 06:32 - 2021-05-22 06:34 - 000017810 _____ C:\Users\DAVLEGRAND\Downloads\FRST.txt 2021-05-22 06:22 - 2021-05-22 06:22 - 002299904 _____ (Farbar) C:\Users\DAVLEGRAND\Downloads\FRST64.exe 2021-05-22 01:26 - 2021-05-22 01:26 - 000000000 ___HD C:\$WINDOWS.~BT 2021-05-22 01:22 - 2021-05-22 01:22 - 000000000 ___HD C:\$WinREAgent 2021-05-22 00:11 - 2021-05-22 00:11 - 000003808 _____ C:\Windows\system32\Tasks\AutoKMS 2021-05-22 00:11 - 2021-05-22 00:11 - 000000000 ____D C:\Windows\AutoKMS 2021-05-22 00:10 - 2021-05-22 00:10 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\PeerDistRepub 2021-05-22 00:02 - 2021-05-22 00:02 - 000000000 ____D C:\ProgramData\Microsoft Toolkit 2021-05-21 23:55 - 2021-05-21 23:55 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\OneDrive 2021-05-21 23:55 - 2021-05-21 23:55 - 000000000 ____D C:\Program Files\UNP 2021-05-21 23:54 - 2021-05-21 23:55 - 000000000 ____D C:\ProgramData\Packages 2021-05-21 23:54 - 2021-05-21 23:54 - 000003390 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2757574433-2502586866-1848713204-1001 2021-05-21 23:34 - 2021-05-21 23:34 - 000000000 ____D C:\Users\DAVLEGRAND\Recovered data 05-22 00_34_24 2021-05-21 23:19 - 2021-05-21 23:19 - 000000000 __RHD C:\MSOCache 2021-05-21 23:02 - 2021-05-21 23:02 - 000134344 _____ (Intel Corporation) C:\Windows\system32\NicCo4.dll 2021-05-21 23:02 - 2021-05-21 23:02 - 000003113 _____ C:\Windows\system32\e1c65x64.din 2021-05-21 23:01 - 2021-05-21 23:02 - 000091088 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll 2021-05-21 23:01 - 2021-05-21 23:01 - 000080848 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll 2021-05-21 22:39 - 2021-05-21 22:39 - 000000000 ____D C:\Users\DAVLEGRAND\Recovered data 05-21 23_39_08 2021-05-21 22:33 - 2021-05-21 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2021-05-21 22:32 - 2021-05-21 22:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2021-05-21 22:32 - 2021-05-21 22:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-05-21 22:32 - 2021-05-21 22:32 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2021-05-21 22:31 - 2021-05-21 22:32 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2021-05-21 22:31 - 2021-05-21 22:31 - 000000000 ____D C:\Windows\PCHEALTH 2021-05-21 22:31 - 2021-05-21 22:31 - 000000000 ____D C:\Users\DAVLEGRAND\Recovered data 05-21 23_31_33 2021-05-21 22:23 - 2021-05-21 22:33 - 000000000 ____D C:\Windows\SHELLNEW 2021-05-21 22:22 - 2021-05-21 22:22 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\Microsoft Help 2021-05-21 22:22 - 2021-05-21 22:22 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2021-05-21 22:22 - 2021-05-21 22:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-05-21 22:22 - 2021-05-21 22:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2021-05-21 22:21 - 2021-05-21 22:31 - 000000000 ____D C:\Program Files\Microsoft Office 2021-05-21 22:03 - 2021-05-21 22:05 - 008108584 _____ C:\Windows\system32\Drivers\Netwfw01.dat 2021-05-21 22:02 - 2021-05-21 22:03 - 003354384 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwew01.sys 2021-05-21 22:02 - 2021-05-21 22:02 - 000472016 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c65x64.sys 2021-05-21 21:50 - 2021-05-21 21:50 - 000049584 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynRMIHID_Aux.sys 2021-05-21 21:50 - 2021-05-21 21:50 - 000034736 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel_Aux.sys 2021-05-21 21:50 - 2021-05-21 21:50 - 000034224 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2021-05-21 21:46 - 2021-05-21 21:46 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\system32\jmcricon.dll 2021-05-21 21:46 - 2021-05-21 21:46 - 000113400 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll 2021-05-21 21:45 - 2021-05-21 21:45 - 000092336 _____ (Hewlett-Packard) C:\Windows\system32\HPMDPCoInst.dll 2021-05-21 21:45 - 2021-05-21 21:45 - 000054448 _____ (Hewlett-Packard Company) C:\Windows\system32\hpservice.exe 2021-05-21 21:45 - 2021-05-21 21:45 - 000044720 _____ (Hewlett-Packard Company) C:\Windows\system32\accelerometerdll.DLL 2021-05-21 21:27 - 2021-05-21 21:27 - 000413104 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll 2021-05-21 21:26 - 2021-05-21 21:26 - 000292272 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo35-03.dll 2021-05-21 21:18 - 2021-05-21 21:18 - 000262064 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2021-05-21 21:12 - 2021-05-21 23:50 - 000000000 ____D C:\ProgramData\Synaptics 2021-05-21 21:12 - 2021-05-21 21:12 - 000623536 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2021-05-21 21:08 - 2021-05-21 21:08 - 000050488 _____ (Synaptics Incorporated) C:\Windows\system32\secureMigrationCI.dll 2021-05-21 21:07 - 2021-05-21 21:07 - 001308472 _____ (Synaptics Incorporated) C:\Windows\system32\ValEFIResDll.dll 2021-05-21 20:47 - 2021-05-21 20:47 - 000633704 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys 2021-05-21 20:46 - 2021-05-21 20:47 - 002687416 _____ (Sunplus Innovation Technology Inc.) C:\Windows\system32\SPITDevMft64.dll 2021-05-21 20:46 - 2021-05-21 20:46 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\SysWOW64\jmcricon.dll 2021-05-21 20:46 - 2021-05-21 20:46 - 000176880 _____ (JMicron Technology Corporation) C:\Windows\system32\Drivers\jmcr.sys 2021-05-21 20:46 - 2021-05-21 20:46 - 000110096 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys 2021-05-21 20:45 - 2021-05-21 20:45 - 000053424 _____ (Hewlett-Packard) C:\Windows\system32\Drivers\Accelerometer.sys 2021-05-21 20:45 - 2021-05-21 20:45 - 000040624 _____ (Hewlett-Packard) C:\Windows\system32\Drivers\hpdskflt.sys 2021-05-21 20:39 - 2021-05-21 23:50 - 000000448 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job 2021-05-21 20:39 - 2021-05-21 20:39 - 000003932 _____ C:\Windows\system32\Tasks\Driver Easy Scheduled Scan 2021-05-21 20:39 - 2021-05-21 20:39 - 000001012 _____ C:\Users\Public\Desktop\Driver Easy.lnk 2021-05-21 20:39 - 2021-05-21 20:39 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\Easeware 2021-05-21 20:39 - 2021-05-21 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2021-05-21 20:39 - 2021-05-21 20:39 - 000000000 ____D C:\Program Files\Easeware 2021-05-21 20:30 - 2021-05-21 20:30 - 000001074 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk 2021-05-21 20:30 - 2021-05-21 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 2021-05-21 20:29 - 2021-05-21 20:29 - 000000000 ____D C:\Program Files\EaseUS 2021-05-21 19:45 - 2021-05-21 19:45 - 000000000 ____D C:\ProgramData\SystemAcCrux 2021-05-21 18:37 - 2021-05-21 18:43 - 000000000 _RSHD C:\ProgramData\Key-Base 2021-05-21 18:37 - 2021-05-21 18:37 - 000000000 ____D C:\ProgramData\{275D8984-BDC1-522C-7CBA-9815EE8C078E} 2021-05-21 18:17 - 2021-05-21 22:13 - 000000000 ____D C:\Users\DAVLEGRAND\Documents\MEGAsync Downloads 2021-05-21 18:15 - 2021-05-21 18:16 - 000000000 ___RD C:\Users\DAVLEGRAND\Documents\MEGAsync 2021-05-21 18:14 - 2021-05-21 18:14 - 000001144 _____ C:\Users\DAVLEGRAND\Desktop\MEGAsync.lnk 2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 ____D C:\Windows\system32\Tasks\MEGA 2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2021-05-21 18:14 - 2021-05-21 18:14 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\Mega Limited 2021-05-21 18:13 - 2021-05-21 18:14 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\MEGAsync 2021-05-21 17:58 - 2019-08-13 03:51 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\Windows\system32\curl.exe 2021-05-21 17:57 - 2018-06-15 18:30 - 001308672 _____ C:\Windows\system32\FaceProcessor.dll 2021-05-21 17:56 - 2019-08-13 03:49 - 000806328 _____ C:\Windows\system32\locale.nls 2021-05-21 17:55 - 2020-02-05 13:16 - 000810496 _____ C:\Windows\system32\MBR2GPT.EXE 2021-05-21 17:55 - 2020-01-07 10:47 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2021-05-21 17:55 - 2019-09-13 11:39 - 002085888 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2021-05-21 17:55 - 2018-09-08 08:40 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2021-05-21 17:54 - 2020-01-07 10:29 - 000046592 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2021-05-21 17:54 - 2019-07-09 03:50 - 000141312 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-05-21 17:54 - 2019-01-08 04:06 - 000000072 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin 2021-05-21 17:54 - 2018-06-15 18:55 - 000542888 _____ C:\Windows\system32\FaceProcessorCore.dll 2021-05-21 17:48 - 2021-05-21 17:52 - 000000000 ____D C:\Windows\system32\MRT 2021-05-21 17:22 - 2021-05-21 17:22 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\DBG 2021-05-21 17:12 - 2021-05-21 17:12 - 000000000 ___HD C:\OneDriveTemp 2021-05-21 16:58 - 2018-06-06 18:57 - 003733320 _____ C:\Windows\system32\Windows.Mirage.dll 2021-05-21 16:57 - 2021-05-21 23:51 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-21 16:57 - 2021-05-21 23:51 - 000002263 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-21 16:57 - 2019-10-02 08:25 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll 2021-05-21 16:57 - 2018-06-06 04:20 - 002841312 _____ C:\Windows\SysWOW64\Windows.Mirage.dll 2021-05-21 16:56 - 2020-02-05 07:21 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-05-21 16:56 - 2020-02-05 07:21 - 001141504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-05-21 16:56 - 2019-08-13 02:49 - 000806328 _____ C:\Windows\SysWOW64\locale.nls 2021-05-21 16:56 - 2019-02-16 12:57 - 000034104 _____ C:\Windows\system32\SyncAppvPublishingServer.exe 2021-05-21 16:55 - 2020-01-07 08:33 - 000322576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2021-05-21 16:55 - 2019-09-13 08:59 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2021-05-21 16:55 - 2019-06-13 06:47 - 001063224 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-05-21 16:55 - 2019-04-19 10:34 - 000522240 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2021-05-21 16:55 - 2019-04-19 09:25 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2021-05-21 16:54 - 2021-05-21 17:07 - 000000000 ____D C:\Program Files (x86)\BraveSoftware 2021-05-21 16:54 - 2021-05-21 16:54 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\BraveSoftware 2021-05-21 16:54 - 2020-02-05 05:31 - 000001314 _____ C:\Windows\system32\tcbres.wim 2021-05-21 16:54 - 2020-01-07 09:26 - 001210368 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2021-05-21 16:54 - 2020-01-07 08:20 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2021-05-21 16:54 - 2020-01-07 08:17 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2021-05-21 16:54 - 2019-06-20 02:21 - 000058882 _____ C:\Windows\system32\srms.dat 2021-05-21 16:54 - 2019-05-03 06:01 - 000052736 _____ C:\Windows\system32\runexehelper.exe 2021-05-21 16:54 - 2018-09-08 06:57 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2021-05-21 16:38 - 2021-05-21 16:38 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_wbf_vfs_003d_adv_01_09_00.Wdf 2021-05-21 16:37 - 2021-05-21 21:12 - 000000000 ____D C:\ProgramData\Validity 2021-05-21 16:34 - 2021-05-21 16:34 - 000000000 ____D C:\Program Files\WinRAR 2021-05-21 16:34 - 2021-05-21 16:34 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2021-05-21 16:34 - 2021-05-21 16:34 - 000000000 ____D C:\Program Files\AMD 2021-05-21 16:34 - 2021-05-21 16:34 - 000000000 _____ C:\Windows\ativpsrm.bin 2021-05-21 16:32 - 2021-05-22 06:08 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-21 16:32 - 2021-05-22 06:07 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\LocalLow\Mozilla 2021-05-21 16:32 - 2021-05-21 21:46 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-05-21 16:32 - 2021-05-21 16:32 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-21 16:32 - 2021-05-21 16:32 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2021-05-21 16:32 - 2021-05-21 16:32 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-05-21 16:32 - 2021-05-21 16:32 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\Mozilla 2021-05-21 16:32 - 2021-05-21 16:32 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\Mozilla 2021-05-21 16:32 - 2021-05-21 16:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-21 16:28 - 2021-05-21 16:28 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-05-21 16:28 - 2021-05-21 16:28 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-05-21 16:27 - 2021-05-21 16:27 - 000000000 ____D C:\Program Files\Google 2021-05-21 16:23 - 2021-05-21 16:28 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\Google 2021-05-21 16:23 - 2021-05-21 16:23 - 000003588 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-05-21 16:23 - 2021-05-21 16:23 - 000003464 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-05-21 16:23 - 2021-05-21 16:23 - 000000000 ____D C:\Program Files (x86)\Google 2021-05-21 16:17 - 2021-05-21 16:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2021-05-21 16:17 - 2021-05-21 16:17 - 000000000 ____D C:\Program Files\Synaptics 2021-05-21 16:16 - 2021-05-21 16:16 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-05-21 16:16 - 2021-05-21 16:16 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-05-21 16:13 - 2021-05-21 16:13 - 000000000 ___HD C:\Users\DAVLEGRAND\MicrosoftEdgeBackups 2021-05-21 16:05 - 2021-05-21 23:55 - 000000000 ____D C:\Program Files\ruxim 2021-05-21 16:05 - 2021-05-21 16:05 - 000000000 ____D C:\Program Files\rempl 2021-05-21 16:04 - 2021-05-21 16:47 - 000000000 ____D C:\Program Files\CUAssistant 2021-05-21 16:02 - 2021-05-21 16:12 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\PlaceholderTileLogoFolder 2021-05-21 10:55 - 2021-05-21 11:38 - 000000000 __SHD C:\[Smad-Cage] 2021-05-21 10:48 - 2021-05-21 10:49 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\WinRAR 2021-05-21 10:30 - 2011-09-16 21:21 - 000056912 _____ (Tracker Software Products Ltd.) C:\Windows\system32\pxc40pm.dll 2021-05-21 10:29 - 2021-05-21 10:29 - 000001089 _____ C:\Users\Public\Desktop\Office2PDF.lnk 2021-05-21 10:29 - 2021-05-21 10:29 - 000001070 _____ C:\Users\Public\Desktop\PDF-Tools 4.lnk 2021-05-21 10:29 - 2021-05-21 10:29 - 000001063 _____ C:\Users\DAVLEGRAND\Desktop\PDF-Viewer.lnk 2021-05-21 10:29 - 2021-05-21 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 4 Pro 2021-05-21 10:29 - 2021-05-21 10:29 - 000000000 ____D C:\Program Files\Tracker Software 2021-05-21 10:26 - 2021-05-21 10:39 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\vlc 2021-05-21 10:26 - 2021-05-21 10:26 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk 2021-05-21 10:26 - 2021-05-21 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2021-05-21 10:26 - 2021-05-21 10:26 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2021-05-21 10:09 - 2021-05-21 10:09 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\D3DSCache 2021-05-21 10:08 - 2021-05-21 10:08 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\LocalLow\IObit 2021-05-21 10:07 - 2021-05-21 20:09 - 000000000 ____D C:\ProgramData\ProductData 2021-05-21 10:07 - 2021-05-21 10:18 - 000002986 _____ C:\Windows\system32\Tasks\Uninstaller_SkipUac_DAVLEGRAND 2021-05-21 10:07 - 2021-05-21 10:18 - 000001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2021-05-21 10:07 - 2021-05-21 10:18 - 000001416 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2021-05-21 10:07 - 2021-05-21 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2021-05-21 10:07 - 2021-05-21 10:08 - 000000000 ____D C:\ProgramData\IObit 2021-05-21 10:07 - 2021-05-21 10:07 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\IObit 2021-05-21 10:07 - 2021-05-21 10:07 - 000000000 ____D C:\Program Files (x86)\IObit 2021-05-21 10:02 - 2021-05-21 10:02 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\PowerISO 2021-05-21 09:59 - 2021-05-21 20:11 - 000000000 ____D C:\Program Files (x86)\WinRAR 2021-05-21 09:55 - 2021-05-21 23:54 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\Smadav 2021-05-21 09:55 - 2021-05-21 09:56 - 000000000 ____D C:\Program Files (x86)\SMADAV 2021-05-21 09:55 - 2021-05-21 09:55 - 000003218 _____ C:\Windows\system32\Tasks\smadav 2021-05-21 09:55 - 2021-05-21 09:55 - 000001145 _____ C:\Users\Public\Desktop\SMADΔV.lnk 2021-05-21 09:55 - 2021-05-21 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus 2021-05-21 09:37 - 2021-05-21 09:37 - 000000000 _SHDL C:\Documents and Settings 2021-05-21 09:33 - 2021-05-21 09:33 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperCopier2 2021-05-21 09:33 - 2021-05-21 09:33 - 000000000 ____D C:\Program Files (x86)\SuperCopier2 2021-05-21 09:30 - 2021-05-22 00:50 - 000411952 _____ C:\Windows\system32\FNTCACHE.DAT 2021-05-21 09:30 - 2021-05-22 00:28 - 000000000 ____D C:\Windows\Panther 2021-05-21 09:27 - 2021-05-21 09:27 - 000001080 _____ C:\Users\Public\Desktop\PowerISO.lnk 2021-05-21 09:27 - 2021-05-21 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2021-05-21 09:27 - 2021-05-21 09:27 - 000000000 ____D C:\Program Files (x86)\PowerISO 2021-05-21 09:27 - 2012-05-31 04:10 - 000126944 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys 2021-05-21 09:11 - 2021-05-21 09:11 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\Comms 2021-05-21 08:56 - 2021-05-21 23:55 - 000000000 ___RD C:\Users\DAVLEGRAND\OneDrive 2021-05-21 08:55 - 2021-05-21 08:55 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\MicrosoftEdge 2021-05-21 08:55 - 2021-05-21 08:55 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-05-21 08:53 - 2021-05-21 23:52 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-05-21 08:53 - 2021-05-21 23:52 - 000000000 ___RD C:\Users\DAVLEGRAND\3D Objects 2021-05-21 08:53 - 2021-05-21 20:35 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\VirtualStore 2021-05-21 08:53 - 2021-05-21 18:16 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\Packages 2021-05-21 08:53 - 2021-05-21 17:00 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\ConnectedDevicesPlatform 2021-05-21 08:53 - 2021-05-21 08:53 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Roaming\Adobe 2021-05-21 08:53 - 2021-05-21 08:53 - 000000000 ____D C:\Users\DAVLEGRAND\AppData\Local\Publishers 2021-05-21 08:49 - 2021-05-21 23:54 - 000002420 _____ C:\Users\DAVLEGRAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-21 08:49 - 2021-05-21 23:34 - 000000000 ____D C:\Users\DAVLEGRAND 2021-05-21 08:49 - 2021-05-21 08:49 - 000000020 ___SH C:\Users\DAVLEGRAND\ntuser.ini 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Voisinage réseau 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Voisinage d'impression 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Modèles 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Mes documents 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Menu Démarrer 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Documents\Mes vidéos 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Documents\Mes images 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\Documents\Ma musique 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-05-21 08:49 - 2021-05-21 08:49 - 000000000 _SHDL C:\Users\DAVLEGRAND\AppData\Local\Historique 2021-05-21 08:42 - 2021-05-21 23:55 - 001677054 _____ C:\Windows\system32\PerfStringBackup.INI 2021-05-21 08:40 - 2021-05-21 08:40 - 000000000 ____D C:\Windows\CSC 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Public\Documents\Mes vidéos 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Public\Documents\Mes images 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Public\Documents\Ma musique 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Modèles 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Mes documents 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Documents\Mes images 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\Documents\Ma musique 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\ProgramData\Modèles 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\ProgramData\Documents\Mes vidéos 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\ProgramData\Documents\Mes images 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\ProgramData\Documents\Ma musique 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\ProgramData\Bureau 2021-05-21 08:37 - 2021-05-21 08:37 - 000000000 _SHDL C:\Program Files\Fichiers communs 2021-05-21 08:33 - 2021-05-21 08:33 - 000000000 ____D C:\ProgramData\USOShared 2021-05-21 08:31 - 2021-05-22 04:07 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-05-21 08:31 - 2021-05-21 23:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-05-21 08:31 - 2021-05-21 08:31 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2021-05-21 08:31 - 2021-05-21 08:31 - 000000000 ____D C:\Windows\ServiceProfiles ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-05-22 06:38 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-22 06:04 - 2018-04-11 23:36 - 000000000 ____D C:\Windows\INF 2021-05-22 00:46 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\system32\F12 2021-05-22 00:46 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-05-22 00:46 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\appraiser 2021-05-22 00:46 - 2018-04-11 22:04 - 000000000 ____D C:\Windows\system32\Dism 2021-05-22 00:21 - 2018-04-11 23:30 - 000000000 ____D C:\Windows\CbsTemp 2021-05-22 00:10 - 2018-04-11 23:38 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-22 00:10 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\AppReadiness 2021-05-21 23:55 - 2018-04-12 16:19 - 000754608 _____ C:\Windows\system32\perfh00C.dat 2021-05-21 23:55 - 2018-04-12 16:19 - 000141744 _____ C:\Windows\system32\perfc00C.dat 2021-05-21 23:49 - 2018-04-11 21:04 - 000524288 _____ C:\Windows\system32\config\BBI 2021-05-21 23:46 - 2018-04-12 16:24 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ___SD C:\Windows\SysWOW64\F12 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ___SD C:\Windows\system32\UNP 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ___RD C:\Windows\PrintDialog 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\TextInput 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\system32\ShellExperiences 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\system32\oobe 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\ShellExperiences 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\ShellComponents 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\Provisioning 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\bcastdvr 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files\Windows Defender 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-05-21 23:46 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-05-21 23:46 - 2018-04-11 21:04 - 000000000 ____D C:\Windows\servicing 2021-05-21 22:33 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-05-21 22:26 - 2018-04-11 23:38 - 000000167 _____ C:\Windows\win.ini 2021-05-21 22:25 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files\Common Files\system 2021-05-21 22:08 - 2015-06-10 18:16 - 000963232 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120.dll 2021-05-21 22:08 - 2015-06-10 18:16 - 000013824 _____ C:\Windows\system32\fpCSEvtSvc.exe 2021-05-21 21:27 - 2017-09-06 05:09 - 001795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2021-05-21 21:25 - 2017-09-06 05:09 - 000763312 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2021-05-21 21:07 - 2015-06-10 17:16 - 003109688 _____ (Synaptics Incorporated) C:\Windows\system32\vcsAPIFORWBF.dll 2021-05-21 21:07 - 2015-06-10 17:16 - 000085400 _____ (Synaptics Incorporated) C:\Windows\system32\valWBFPolicyService.exe 2021-05-21 21:04 - 2017-02-20 06:32 - 000186424 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys 2021-05-21 17:24 - 2018-04-11 23:38 - 000017800 _____ C:\Windows\system32\OEMDefaultAssociations.xml 2021-05-21 16:06 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\appcompat 2021-05-21 10:51 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\LiveKernelReports 2021-05-21 09:40 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\FxsTmp 2021-05-21 09:29 - 2018-04-11 23:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2021-05-21 08:40 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2021-05-21 08:40 - 2018-04-11 23:38 - 000000000 ____D C:\Windows\system32\spool 2021-05-21 08:37 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files\windows nt 2021-05-21 08:33 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\USOPrivate ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================