Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-04-2022 03 Exécuté par Admin R (administrateur) sur RALPHPC (ASUS All Series) (11-04-2022 22:06:48) Exécuté depuis C:\Users\Admin R\Desktop Profils chargés: Admin R Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1586 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (explorer.exe ->) () [Fichier non signé] C:\Users\Admin R\AppData\Local\myCloud Desktop\app\desktopnotification\DesktopClientNotification.net4.exe (explorer.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10> (services.exe ->) () [Fichier non signé] C:\Program Files\D-Link\DWA-171 revC\ALPBCC\ALPBCSVC.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe (services.exe ->) (Proton Technologies AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\D-Link\DWA-171 revC\WifiAutoInstallSrv.exe (services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobePSE18AutoAnalyzer] => C:\Program Files\Adobe\Elements 2020 Organizer\Elements Auto Creations 2020.exe [3560048 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2021-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKU\S-1-5-21-1243922167-2392459145-2998924318-1000 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe [6589600 2021-12-15] (Link64 GmbH -> Link64 GmbH) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [7870568 2021-10-25] (Proton Technologies AG -> ) HKU\S-1-5-21-1243922167-2392459145-2998924318-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [VideoDownloaderUltimate] => C:\ProgramData\VideoDownloaderUltimateWinApp\VideoDownloaderUltimate.exe [6589600 2021-12-15] (Link64 GmbH -> Link64 GmbH) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [7870568 2021-10-25] (Proton Technologies AG -> ) HKU\S-1-5-21-1243922167-2392459145-2998924318-1001\...\Run: [DRScanner] => C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe [6226600 2021-09-10] (Trend Micro, Inc. -> Trend Micro Inc.) HKLM\...\Windows x64\Print Processors\Canon TS8100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDO.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8100 series: C:\Windows\system32\CNMLMDO.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP 5912 Status Monitor: C:\Windows\system32\hpinksts5912LM.dll [331664 2012-06-18] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8600): C:\Windows\system32\HPDiscoPM5912.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\PDF-XChange5: C:\WINDOWS\system32\pxc50pm.dll [57056 2016-01-18] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [115592 2015-04-01] (pdfforge GmbH -> pdfforge GmbH) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop Notification.lnk [2022-04-05] ShortcutTarget: myCloud Desktop Notification.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\app\desktopnotification\DesktopClientNotification.net4.exe () [Fichier non signé] Startup: C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop.lnk [2022-04-05] ShortcutTarget: myCloud Desktop.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\myCloud Desktop.exe (Swisscom (Schweiz) AG -> ) Startup: C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop Notification.lnk [2022-03-02] ShortcutTarget: myCloud Desktop Notification.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\app\desktopnotification\DesktopClientNotification.net4.exe () [Fichier non signé] Startup: C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\myCloud Desktop.lnk [2022-03-02] ShortcutTarget: myCloud Desktop.lnk -> C:\Users\Admin R\AppData\Local\myCloud Desktop\myCloud Desktop.exe (Swisscom (Schweiz) AG -> ) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {021937F4-3356-4AFF-92FF-AE63AEB354B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Pas de fichier) Task: {079CECFE-83E9-4F31-B1D2-53AAD04B9569} - \MyDefrag v4.3.1 Daily -> Pas de fichier <==== ATTENTION Task: {0D42CD02-D792-40AC-9913-1EF04D9FFF12} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339464 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {0DC23569-0AC8-4DDF-A160-C94D9B3DF578} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {1740FBB9-5D8E-4ABD-A1F2-3BF6A957E3CE} - System32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Admin R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {223A401A-922B-4819-B996-693BF186F35B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe /SetTaskbarTask (Pas de fichier) Task: {2AC4D3B9-AECA-4C54-9BFF-B8EACFC2774B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-26] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {2CF76183-9DB9-4EF9-8F47-644F200A4758} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Admin R\Desktop\Outils\Phase 2 antivirus-antispyware\esetonlinescanner_enu.exe SCHED (Pas de fichier) Task: {342771E7-3935-4057-817B-18EC910B0105} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {3556785D-5A55-45E1-9FFF-4C866CEB0F52} - System32\Tasks\HP Officejet Pro 8600.exe_{5901B50E-22E9-4A6D-A055-76F1A4B6D085} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HP Officejet Pro 8600.exe -install -prfn "HP Officejet Pro 8600 (réseau)" -ePCUrl "https://h30495.www3.hp.com/printers/add?jumpID=in_instKarnak8%2F" (Pas de fichier) Task: {3D6B3360-3F31-4FF3-AB94-83A091DA7089} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {405C6921-DC7C-43CE-ACE7-FC02A812C357} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {40A7E1DB-33E7-49D8-A76F-CB7C6514FD9F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (Pas de fichier) Task: {457AB919-2EDA-46F1-88CD-8E50F8595907} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {46F6BA62-1616-44B3-AD65-3688DBE60187} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4EFB59C6-6A35-4DA5-9DA4-21CA02E0B7C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {4F96A489-85E3-466D-8C06-707D0A39EEE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {53AC8C42-CB6C-40F6-872B-51F8F02D0CDB} - System32\Tasks\Opera scheduled Autoupdate 1636829346 => C:\Users\Ralph Ballmer\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-06] (Opera Software AS -> Opera Software) Task: {5564CEA9-5858-4390-8526-96012941AE74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5A2A82DE-4065-4E35-9F8D-A6DD4B679678} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5F97CA51-7475-4FA7-B614-5D736FAC79C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {60CBCD9B-4FD1-4052-9EFF-E8214D229990} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {64618AD9-1F73-4BE7-BF7B-1800F0B6707D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier) Task: {72BAAE6D-662C-4E9E-933C-2EFCF2CB26F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier) Task: {77318C5B-6AF4-4289-8311-3402A6A36182} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (Pas de fichier) Task: {7B369250-851E-4DE8-9394-B5B1C61E92D3} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier) Task: {7D37AAAA-33A4-49E6-B0E5-F9495466A77C} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {840D321B-670E-4C27-B71B-06BE2120A062} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {916B9B7B-A02D-429D-9F4A-A4C2E63EFB8F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {926AB52A-582C-4C54-9F4E-4707D15A50C6} - System32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Ralph Ballmer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {99178ECA-A00D-444D-BEFE-03DF8355CD0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.) Task: {9A5EDAB3-23CB-4B2E-A5CE-DFBD9AF04229} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Admin R\Desktop\Outils\Phase 2 antivirus-antispyware\esetonlinescanner_enu.exe LOGON (Pas de fichier) Task: {9AC2EA3F-3F71-4D25-B25D-9CCD17940C54} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform) Task: {A2DC6E50-0C32-4877-B7F6-294C54E86256} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A9804CE8-70E0-4B98-B596-1731BA8132A1} - System32\Tasks\CCleanerSkipUAC - Admin R => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AD9A53EB-F6C1-44CA-A76D-9069D55ECABA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {AF20C25E-8C01-4222-9DD0-93C1FC624E72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.) Task: {AF763C7E-53F5-4680-9CE2-DAD88BEA0F66} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B690F8E4-D6F4-4FA6-A79D-43C8069A9D16} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe -Daily (Pas de fichier) Task: {D1E128C4-2C20-4B9B-A923-576DC11FC45E} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Pas de fichier) Task: {E0564FDD-5CEE-4437-A531-72049CBC6526} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {E0B384AA-9DF5-44DC-BC37-06E54F5EF544} - \MyDefrag v4.3.1 Monthly -> Pas de fichier <==== ATTENTION Task: {E4278732-7B31-45F0-A8DE-ABDF61DF9313} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {E963C699-B678-4BA4-BFBE-DD3CC38E8DF8} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {EAC42A09-98D1-4D94-AE0A-5DC16C093561} - System32\Tasks\ScanToPCActivationApp.exe_{F16935F3-D81E-405D-ADFB-15307D1F9167} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe -deviceID "CN21HAK19W05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 (Pas de fichier) Task: {ED93B1B1-4F4A-4BC5-932B-AE3D4CE204AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier) Task: {F23F1A7A-0EF3-4D42-8C35-937031D7E096} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-11-26] (Nvidia Corporation -> NVIDIA Corporation) Task: {F9FDC6C4-959A-401A-B583-FF688FEFA530} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.60 Tcpip\..\Interfaces\{2242450a-3988-44d7-8660-1463e06a176e}: [DhcpNameServer] 192.168.150.1 Tcpip\..\Interfaces\{2925a7bc-183d-4578-a20d-710da60684cc}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{623f31aa-0f68-4401-a34a-ff1dced309a0}: [DhcpNameServer] 62.2.24.162 62.2.17.60 Tcpip\..\Interfaces\{7b5f4833-bf18-45b9-8090-5f78871a4d56}: [DhcpNameServer] 192.168.150.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\Admin R\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-11] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin R\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-11] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: c4kelymw.default-1637062101656 FF ProfilePath: C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656 [2022-04-11] FF DownloadDir: C:\Users\Admin R\Desktop FF Homepage: Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656 -> hxxps://duckduckgo.com/?q=&atb=v254-1 FF Extension: (Cookie AutoDelete) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\CookieAutoDelete@kennydo.com.xpi [2021-11-16] FF Extension: (To Google Translate) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-11-16] FF Extension: (Decentraleyes) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-20] FF Extension: (Privacy Badger) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-12-15] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-04-07] FF Extension: (Decodex) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\lemonde-decodex@lemonde.fr.xpi [2021-11-16] FF Extension: (SponsorBlock pour YouTube - Supprime les publicités intégrées) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\sponsorBlocker@ajay.app.xpi [2022-04-07] FF Extension: (uBlock Origin) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\uBlock0@raymondhill.net.xpi [2022-04-11] FF Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2021-11-16] FF Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Admin R\AppData\Roaming\Mozilla\Firefox\Profiles\c4kelymw.default-1637062101656\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2022-04-07] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.13 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.17 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.17.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files (x86)\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] (ASUSTeK Computer Inc. -> ) R2 D-Link DWA-171C_PBC_WPS; C:\Program Files\D-Link\DWA-171 revC\ALPBCC\ALPBCSVC.exe [65536 2013-01-15] () [Fichier non signé] R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-11-08] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [398792 2019-02-28] (Canon Inc. -> ) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-07] (Malwarebytes Inc -> Malwarebytes) R3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [115816 2021-10-25] (Proton Technologies AG -> ) R3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-10-25] (Proton Technologies AG -> ) S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-10-25] (Proton Technologies AG -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WifiAutoInstallSrv; C:\Program Files\D-Link\DWA-171 revC\WifiAutoInstallSrv.exe [138176 2017-11-07] (Realtek Semiconductor Corp. -> Realtek) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_642e50d7b66aa2a4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 Andbus; C:\WINDOWS\System32\drivers\lgandbus64.sys [19456 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndDiag; C:\WINDOWS\System32\drivers\lganddiag64.sys [27648 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndGps; C:\WINDOWS\System32\drivers\lgandgps64.sys [27136 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetDiag; C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [29184 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetDiag2; C:\WINDOWS\System32\drivers\lgandnetdiag264.sys [29184 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetGps; C:\WINDOWS\System32\drivers\lgandnetgps64.sys [28160 2012-07-03] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) R1 anodlwf; C:\WINDOWS\system32\DRIVERS\anodlwfx.sys [15872 2010-05-28] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> ) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-09-03] (Bitdefender SRL -> Bitdefender) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (EldoS Corporation -> /n software, Inc.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-08] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-08] (Disc Soft Ltd -> Disc Soft Ltd) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-22] (Malwarebytes Inc -> Malwarebytes) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> ) R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA64.sys [732928 2012-06-20] (eMPIA Technology, Inc.) [Fichier non signé] S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM64.sys [1232128 2012-06-20] (eMPIA Technology, Inc.) [Fichier non signé] S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 UsbDiag; C:\WINDOWS\System32\drivers\lgx64diag.sys [28160 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 UsbGps; C:\WINDOWS\System32\drivers\lgx64gps.sys [27136 2012-03-02] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-09-09] (EldoS Corporation -> /n software, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489984 2021-11-27] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-11 22:06 - 2022-04-11 22:08 - 000039815 _____ C:\Users\Admin R\Desktop\FRST.txt 2022-04-11 22:06 - 2022-04-11 22:06 - 000000000 ____D C:\Users\Admin R\Desktop\FRST-OlderVersion 2022-04-11 22:05 - 2022-04-11 22:05 - 000000277 _____ C:\Users\Admin R\Desktop\Sujet Logiciels Potentiellement Superflus (LPS) - Zone Antimalware.URL 2022-04-11 22:04 - 2022-04-11 22:04 - 000430871 _____ C:\Users\Admin R\Desktop\ZHPDiag.txt 2022-04-11 21:24 - 2022-04-11 20:42 - 000000000 ____D C:\Windows.old 2022-04-11 21:18 - 2022-04-11 21:18 - 000000020 ___SH C:\Users\Ralph Ballmer\ntuser.ini 2022-04-11 20:52 - 2022-04-11 20:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-04-11 20:50 - 2022-04-11 20:50 - 000000020 ___SH C:\Users\Admin R\ntuser.ini 2022-04-11 20:41 - 2022-04-11 20:41 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-11 20:41 - 2022-04-11 20:41 - 000003556 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1636829346 2022-04-11 20:41 - 2022-04-11 20:41 - 000003518 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-04-11 20:41 - 2022-04-11 20:41 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-04-11 20:41 - 2022-04-11 20:41 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000003368 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6e390dce9aa48 2022-04-11 20:41 - 2022-04-11 20:41 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-11 20:41 - 2022-04-11 20:41 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-04-11 20:41 - 2022-04-11 20:41 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000003052 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2022-04-11 20:41 - 2022-04-11 20:41 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2022-04-11 20:41 - 2022-04-11 20:41 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-04-11 20:41 - 2022-04-11 20:41 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002840 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1243922167-2392459145-2998924318-1001 2022-04-11 20:41 - 2022-04-11 20:41 - 000002828 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Admin R 2022-04-11 20:41 - 2022-04-11 20:41 - 000002768 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-RALPHPC-Ralph Ballmer 2022-04-11 20:41 - 2022-04-11 20:41 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2022-04-11 20:41 - 2022-04-11 20:41 - 000002672 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2022-04-11 20:41 - 2022-04-11 20:41 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2022-04-11 20:41 - 2022-04-11 20:41 - 000002442 _____ C:\WINDOWS\system32\Tasks\HP Officejet Pro 8600.exe_{5901B50E-22E9-4A6D-A055-76F1A4B6D085} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002354 _____ C:\WINDOWS\system32\Tasks\ScanToPCActivationApp.exe_{F16935F3-D81E-405D-ADFB-15307D1F9167} 2022-04-11 20:41 - 2022-04-11 20:41 - 000002258 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Admin R 2022-04-11 20:41 - 2022-04-11 20:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2022-04-11 20:41 - 2022-04-11 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-04-11 20:40 - 2022-04-11 20:41 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2022-04-11 20:40 - 2022-04-11 20:41 - 000011433 _____ C:\WINDOWS\diagerr.xml 2022-04-11 20:36 - 2022-04-11 20:36 - 001930382 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-04-11 20:26 - 2022-04-11 20:26 - 000000000 ____D C:\WINDOWS\system32\lxss 2022-04-11 20:25 - 2022-04-11 22:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-04-11 20:25 - 2022-04-11 20:25 - 000457088 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-04-11 19:43 - 2022-04-11 21:24 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2022-04-11 19:43 - 2022-04-11 19:43 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines 2022-04-11 19:39 - 2022-04-11 21:18 - 000000000 ____D C:\Users\Ralph Ballmer 2022-04-11 19:39 - 2022-04-11 20:50 - 000000000 ____D C:\Users\Admin R 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Voisinage réseau 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Voisinage d'impression 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Modèles 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Mes documents 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\Menu Démarrer 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Voisinage réseau 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Voisinage d'impression 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Modèles 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Mes documents 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Menu Démarrer 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Documents\Mes vidéos 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Documents\Mes images 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\Documents\Ma musique 2022-04-11 19:39 - 2022-04-11 19:39 - 000000000 _SHDL C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-04-11 19:39 - 2019-12-07 11:10 - 000001105 _____ C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-04-11 19:39 - 2019-12-07 11:10 - 000001105 _____ C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-04-11 19:35 - 2022-04-11 19:42 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-04-11 19:29 - 2022-04-11 19:29 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-04-11 19:18 - 2022-04-11 19:18 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2022-04-11 19:17 - 2022-04-11 19:17 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-04-11 19:17 - 2022-04-11 19:17 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-04-11 19:17 - 2022-04-11 19:17 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-04-11 19:16 - 2022-04-11 19:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-04-11 19:15 - 2022-04-11 19:15 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-04-11 19:15 - 2022-04-11 19:15 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-04-11 19:14 - 2022-04-11 19:14 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-04-11 19:13 - 2022-04-11 19:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-04-11 19:13 - 2022-04-11 19:13 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-04-11 19:13 - 2022-04-11 19:13 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\system32\msmq 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files\MSBuild 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-04-11 18:47 - 2022-04-11 18:47 - 000000000 ____D C:\inetpub 2022-04-11 18:40 - 2022-04-11 18:40 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2022-04-11 18:28 - 2022-04-11 18:28 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-04-11 18:11 - 2022-04-11 20:50 - 000000000 ___DC C:\WINDOWS\Panther 2022-04-11 18:03 - 2022-04-11 18:11 - 000000000 ____D C:\ESD 2022-04-11 17:58 - 2022-04-11 17:58 - 000000000 ___HD C:\$Windows.~WS 2022-04-11 16:09 - 2022-04-11 16:09 - 000000000 ___HD C:\$WinREAgent 2022-04-11 15:46 - 2022-04-11 15:46 - 000000247 _____ C:\Users\Admin R\Desktop\[did80] Pc plus lent après une infection.URL 2022-04-11 12:36 - 2022-04-11 22:07 - 000000000 ____D C:\FRST 2022-04-11 12:35 - 2022-04-11 22:06 - 002365952 _____ (Farbar) C:\Users\Admin R\Desktop\FRST64.exe 2022-04-11 12:27 - 2022-04-11 12:27 - 000000904 _____ C:\Users\Admin R\Desktop\ZHPSuite.lnk 2022-04-11 09:31 - 2022-04-11 09:31 - 000000308 _____ C:\Users\Admin R\Desktop\PROCEDURE A SUIVRE POUR UNE DEMANDE DE DIAGNOSTIC.URL 2022-04-09 17:31 - 2022-04-09 17:31 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PayEye.lnk 2022-04-09 17:31 - 2022-04-09 17:31 - 000000000 ____D C:\Program Files\DIFX 2022-04-09 17:31 - 2022-04-09 17:31 - 000000000 ____D C:\Program Files (x86)\CREALOGIX PayEye 2022-04-08 16:00 - 2022-04-11 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2022-04-08 15:59 - 2022-04-08 15:59 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2022-04-08 08:44 - 2022-04-08 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-03-16 10:42 - 2022-03-16 10:42 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\LocalLow\NVIDIA 2022-03-15 18:07 - 2022-04-11 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelPhotoPaint 2022-03-15 18:06 - 1995-11-08 12:06 - 000151552 _____ (Corel Corporation) C:\WINDOWS\crllyrnt.dll 2022-03-03 18:04 - 2022-03-03 18:04 - 000000000 ____D C:\Users\Ralph Ballmer\Apple 2022-02-21 16:18 - 2022-02-21 16:18 - 000000000 ____D C:\Users\Admin R\Documents\Aiseesoft Studio 2022-02-21 16:13 - 2022-02-21 16:15 - 000000000 ____D C:\Program Files (x86)\Visicom Media 2022-02-20 13:31 - 2022-04-11 21:24 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCloud Desktop 2022-02-19 16:39 - 2022-02-19 16:36 - 000001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speedyfox.exe.lnk 2022-02-19 16:35 - 2022-02-19 14:31 - 001520968 _____ (SpeedyFox) C:\Program Files\speedyfox.exe 2022-02-09 00:05 - 2022-04-11 21:35 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-02-08 10:08 - 2022-04-11 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clic & Tax 2021 2022-02-08 10:08 - 2022-03-24 13:00 - 000000000 ____D C:\ProgramData\Clic & Tax 2021 2022-02-08 10:08 - 2022-03-24 13:00 - 000000000 ____D C:\Program Files (x86)\Clic & Tax 2021 2022-01-22 11:19 - 2022-01-22 11:19 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\XnConvert 2022-01-15 22:15 - 2022-01-15 22:15 - 000001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Media Converter.lnk 2022-01-15 22:09 - 2022-04-11 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Media Converter 2022-01-15 22:09 - 2022-01-15 22:09 - 000000000 ____D C:\Program Files (x86)\Icecream Media Converter ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-11 22:04 - 2018-02-13 19:00 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\ZHP 2022-04-11 22:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-04-11 22:03 - 2015-12-27 22:34 - 000000135 _____ C:\Users\Admin 2022-04-11 21:47 - 2014-09-16 10:55 - 000000000 ____D C:\Program Files (x86)\Google 2022-04-11 21:34 - 2016-12-28 16:01 - 000000000 ____D C:\Users\Admin R\AppData\LocalLow\Mozilla 2022-04-11 21:33 - 2018-02-12 12:58 - 000000000 ____D C:\ProgramData\NVIDIA 2022-04-11 21:33 - 2016-12-26 18:25 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\LocalLow\Mozilla 2022-04-11 21:33 - 2014-09-23 22:58 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\vlc 2022-04-11 21:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-04-11 21:24 - 2021-12-31 13:58 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite 2022-04-11 21:24 - 2021-12-15 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2022-04-11 21:24 - 2021-12-15 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-04-11 21:24 - 2021-11-27 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN 2022-04-11 21:24 - 2021-11-01 22:12 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCloud Desktop 2022-04-11 21:24 - 2021-07-17 13:04 - 000000000 ____D C:\Program Files\Intel 2022-04-11 21:24 - 2021-06-23 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HouseCall for Home Networks 2022-04-11 21:24 - 2021-05-16 11:49 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder 2022-04-11 21:24 - 2021-05-10 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey 2022-04-11 21:24 - 2021-03-29 21:54 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2022-04-11 21:24 - 2021-02-28 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSG File Viewer 2022-04-11 21:24 - 2021-02-27 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2022-04-11 21:24 - 2021-02-12 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software 2022-04-11 21:24 - 2021-02-02 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myCloud Desktop 2022-04-11 21:24 - 2021-01-26 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 2022-04-11 21:24 - 2021-01-13 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clic & Tax 2020 2022-04-11 21:24 - 2020-12-27 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PayMaker 2022-04-11 21:24 - 2020-12-12 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnConvert 2022-04-11 21:24 - 2020-12-12 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer 2022-04-11 21:24 - 2020-12-12 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2022-04-11 21:24 - 2020-12-12 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Généatique 2020 2022-04-11 21:24 - 2020-12-12 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2022-04-11 21:24 - 2020-12-10 00:15 - 000000000 ____D C:\Program Files\UNP 2022-04-11 21:24 - 2020-03-24 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2022-04-11 21:24 - 2020-02-12 20:45 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain 2022-04-11 21:24 - 2020-02-12 20:45 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaMonkey 2022-04-11 21:24 - 2020-02-12 20:45 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\captvty-2.3.10.1 2022-04-11 21:24 - 2019-12-07 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2022-04-11 21:24 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\IME 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\schemas 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-04-11 21:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-04-11 21:24 - 2019-09-02 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\captvty-2.3.10.1 2022-04-11 21:24 - 2019-06-10 09:53 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2022-04-11 21:24 - 2019-05-17 21:58 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PayMaker 2022-04-11 21:24 - 2019-05-06 12:34 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Scan 2022-04-11 21:24 - 2019-05-05 12:59 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2022-04-11 21:24 - 2019-01-16 11:19 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2022-04-11 21:24 - 2018-11-14 23:55 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2022-04-11 21:24 - 2018-10-01 19:49 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite 2022-04-11 21:24 - 2018-02-28 19:08 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2022-04-11 21:24 - 2018-02-13 13:57 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2022-04-11 21:24 - 2018-02-12 16:00 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2022-04-11 21:24 - 2018-02-12 15:58 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2022-04-11 21:24 - 2016-12-12 20:32 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Composants Windows 2022-04-11 21:24 - 2016-03-14 00:32 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegSeeker 2022-04-11 21:24 - 2016-02-19 10:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe 2022-04-11 21:24 - 2015-12-24 15:39 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\captvty-2.3.10.1 2022-04-11 21:24 - 2015-07-29 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TPEv2151fr 2022-04-11 21:24 - 2015-05-02 13:47 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Password Safe 2022-04-11 21:24 - 2015-03-29 14:26 - 000000000 ____D C:\WINDOWS\fr 2022-04-11 21:24 - 2015-02-07 09:40 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11 2022-04-11 21:24 - 2014-09-23 19:23 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2022-04-11 21:24 - 2014-09-20 18:30 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2022-04-11 21:24 - 2014-09-20 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11 2022-04-11 21:24 - 2014-09-16 11:47 - 000000000 ____D C:\WINDOWS\system32\SPReview 2022-04-11 21:24 - 2014-09-16 11:47 - 000000000 ____D C:\WINDOWS\system32\EventProviders 2022-04-11 21:24 - 2011-04-12 11:28 - 000000000 ____D C:\WINDOWS\ShellNew 2022-04-11 21:24 - 2009-07-14 05:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-04-11 21:18 - 2020-02-11 23:35 - 000000000 ___RD C:\Users\Ralph Ballmer\3D Objects 2022-04-11 21:18 - 2020-02-07 17:07 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-04-11 21:18 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-04-11 21:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-04-11 20:53 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-04-11 20:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-04-11 20:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-04-11 20:50 - 2020-02-07 17:07 - 000000000 ___RD C:\Users\Admin R\3D Objects 2022-04-11 20:43 - 2020-03-24 18:44 - 000000000 ____D C:\Program Files\CCleaner 2022-04-11 20:42 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-04-11 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-04-11 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT 2022-04-11 20:42 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-04-11 20:41 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2022-04-11 20:36 - 2019-12-07 16:50 - 000831926 _____ C:\WINDOWS\system32\perfh00C.dat 2022-04-11 20:36 - 2019-12-07 16:50 - 000167692 _____ C:\WINDOWS\system32\perfc00C.dat 2022-04-11 20:32 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media 2022-04-11 20:31 - 2021-01-05 20:24 - 000008192 ___SH C:\DumpStack.log.tmp 2022-04-11 20:31 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-04-11 20:26 - 2021-07-28 09:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2022-04-11 20:26 - 2020-03-30 22:25 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-11 20:26 - 2020-02-07 16:51 - 000000000 ____D C:\ProgramData\Audyssey Labs 2022-04-11 20:26 - 2018-02-12 12:58 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2022-04-11 20:26 - 2018-02-12 12:58 - 000000000 ____D C:\WINDOWS\system32\DAX3 2022-04-11 20:26 - 2018-02-12 12:58 - 000000000 ____D C:\WINDOWS\system32\DAX2 2022-04-11 20:23 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup 2022-04-11 20:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate 2022-04-11 20:15 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries 2022-04-11 19:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-04-11 19:43 - 2021-12-29 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft 2022-04-11 19:43 - 2021-09-04 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2022-04-11 19:43 - 2021-02-15 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dows 2022-04-11 19:43 - 2021-02-12 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2022-04-11 19:43 - 2020-03-29 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie 2022-04-11 19:43 - 2020-03-09 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2022-04-11 19:43 - 2019-05-02 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2022-04-11 19:43 - 2018-02-12 12:58 - 000000000 ____D C:\Program Files\Realtek 2022-04-11 19:43 - 2018-02-12 12:58 - 000000000 ____D C:\Program Files\ASUS 2022-04-11 19:40 - 2018-12-31 17:49 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip 2022-04-11 19:40 - 2016-01-07 13:27 - 000000000 ____D C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-04-11 19:40 - 2014-09-16 09:53 - 000000000 ___RD C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intel 2022-04-11 19:39 - 2019-05-06 12:39 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON 2022-04-11 19:39 - 2018-02-12 08:58 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-04-11 19:39 - 2015-03-24 21:01 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GPS 2022-04-11 19:29 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV 2022-04-11 19:29 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-04-11 19:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-04-11 18:55 - 2019-12-07 16:52 - 000000000 ____D C:\WINDOWS\OCR 2022-04-11 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-04-11 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-04-11 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-04-11 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-04-11 18:47 - 2021-10-06 15:31 - 000605696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2022-04-11 18:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2022-04-11 18:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2022-04-11 18:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI 2022-04-11 18:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2022-04-11 18:47 - 2019-12-07 11:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2022-04-11 18:47 - 2019-12-07 11:10 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2022-04-11 18:47 - 2019-12-07 11:10 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2022-04-11 18:47 - 2019-12-07 11:10 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2022-04-11 18:47 - 2019-12-07 11:10 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2022-04-11 18:46 - 2021-10-06 15:32 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2022-04-11 18:46 - 2021-10-06 15:32 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2022-04-11 18:46 - 2021-10-06 15:32 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2022-04-11 18:46 - 2021-10-06 15:31 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2022-04-11 18:46 - 2021-10-06 15:31 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2022-04-11 18:46 - 2021-10-06 15:31 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2022-04-11 18:46 - 2019-12-07 11:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2022-04-11 18:46 - 2019-12-07 11:10 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2022-04-11 18:46 - 2019-12-07 11:10 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2022-04-11 18:46 - 2019-12-07 11:10 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2022-04-11 18:46 - 2019-12-07 11:10 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2022-04-11 18:46 - 2019-12-07 11:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2022-04-11 18:46 - 2019-12-07 11:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2022-04-11 18:46 - 2019-12-07 11:10 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2022-04-11 18:46 - 2019-12-07 11:10 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2022-04-11 18:46 - 2019-12-07 11:10 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2022-04-11 18:46 - 2019-12-07 11:10 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2022-04-11 18:46 - 2019-12-07 11:10 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2022-04-11 18:46 - 2019-12-07 11:10 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2022-04-11 18:46 - 2019-12-07 11:10 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2022-04-11 18:46 - 2019-12-07 11:10 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2022-04-11 17:47 - 2021-11-13 20:49 - 000001544 _____ C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2022-04-11 09:00 - 2019-10-04 09:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-04-08 15:59 - 2014-09-23 22:56 - 000000000 ____D C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoLAN 2022-04-08 12:15 - 2021-01-07 13:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-04-08 09:29 - 2020-02-11 09:24 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-04-08 08:51 - 2020-02-07 16:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-04-07 15:15 - 2021-01-26 11:18 - 000000000 ____D C:\Program Files\MyDefrag v4.3.1 2022-04-07 15:14 - 2016-12-26 18:25 - 000000000 ____D C:\TEMP 2022-04-07 14:56 - 2020-04-16 17:31 - 000001421 _____ C:\Users\Admin R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-04-07 14:49 - 2020-02-13 10:09 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-04-07 14:48 - 2018-12-14 22:51 - 000000000 ____D C:\Program Files\Malwarebytes 2022-04-07 14:48 - 2014-10-28 16:44 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-04-05 11:35 - 2020-12-11 14:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-04-02 15:19 - 2019-05-02 19:35 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-03-23 21:13 - 2020-12-11 14:45 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll 2022-03-23 21:12 - 2020-12-11 14:45 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll 2022-03-15 20:54 - 2021-12-19 09:36 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-03-15 18:08 - 2014-09-20 10:52 - 000000000 ____D C:\WINDOWS\COREL 2022-03-15 18:07 - 2014-10-24 18:08 - 000000000 ____D C:\Program Files\corel 2022-03-13 13:13 - 2017-01-11 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-03-13 13:09 - 2018-10-11 21:13 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2022-02-19 16:35 - 2022-02-19 14:31 - 001520968 _____ (SpeedyFox) C:\Program Files\speedyfox.exe 2014-09-21 13:46 - 2014-09-21 13:40 - 000812530 _____ () C:\Program Files (x86)\PoiMixer.7z 2018-02-28 19:23 - 2021-12-15 12:55 - 000120441 _____ () C:\Users\Admin R\AppData\Local\ars.cache 2018-02-28 19:23 - 2021-12-15 12:56 - 004205075 _____ () C:\Users\Admin R\AppData\Local\census.cache 2018-02-28 19:13 - 2018-02-28 19:13 - 000000036 _____ () C:\Users\Admin R\AppData\Local\housecall.guid.cache 2021-06-18 14:05 - 2021-06-18 14:05 - 000000000 _____ () C:\Users\Admin R\AppData\Local\oobelibMkey.log 2019-01-16 20:24 - 2021-12-15 12:46 - 000000010 _____ () C:\Users\Admin R\AppData\Local\sponge.last.runtime.cache 2018-06-07 23:02 - 2018-06-07 23:02 - 000000000 _____ () C:\Users\Admin R\AppData\Local\{FEFAFFCC-ED1E-404A-A7DD-2C2AF40A658F} ==================== SigCheckExt ========================= 2015-09-02 10:00 - 2015-07-23 02:02 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32(626).dll 2015-09-02 10:00 - 2015-07-23 01:52 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-datetime-l1-1-0(627).dll 2015-09-02 10:00 - 2015-07-23 01:52 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema(628).dll 2015-09-02 10:00 - 2015-06-25 12:01 - 001941504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui(629).dll 2015-08-14 19:30 - 2015-07-15 05:19 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv(630).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp(631).dll 2015-07-15 09:28 - 2015-04-27 21:23 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32(632).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptbase(633).dll 2015-07-15 09:28 - 2015-04-27 21:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet(634).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv(635).dll 2015-08-14 19:30 - 2015-07-01 22:48 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt(636).dll 2021-03-14 14:58 - 2003-05-22 12:26 - 000638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\system32\divx.dll 2011-04-12 11:27 - 2010-11-21 05:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvscres.dll 2015-09-02 10:00 - 2015-07-09 19:58 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi(637).dll 2015-07-15 09:28 - 2015-06-17 19:47 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32(638).dll 2015-08-14 19:30 - 2015-07-16 22:35 - 002885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil(640).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos(641).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 001163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32(642).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase(643).dll 2021-03-14 14:58 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\system32\Lagarith.dll 2015-08-14 19:30 - 2015-07-30 20:06 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk(644).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv(645).dll 2015-09-02 10:00 - 2015-07-23 02:01 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass(646).exe 2021-03-14 14:58 - 2003-05-21 23:50 - 000261632 _____ (MainConcept) C:\WINDOWS\system32\mcdvd_32.dll 2021-03-14 14:58 - 2002-08-20 00:41 - 000413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg4c32.dll 2015-07-15 09:28 - 2015-06-15 23:42 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg(647).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0(648).dll 2015-09-02 09:59 - 2015-08-27 20:18 - 001887232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3(649).dll 2021-03-14 14:58 - 2003-05-21 23:50 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3a.dll 2015-09-02 09:59 - 2015-08-27 20:13 - 000002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r(650).dll 2015-09-02 09:59 - 2015-08-27 20:18 - 002004480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6(651).dll 2015-09-02 09:59 - 2015-08-27 20:13 - 000002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r(652).dll 2014-09-20 15:38 - 2010-05-21 13:11 - 001147392 _____ (J.C. Kessels) C:\WINDOWS\system32\MyDefragScreenSaver_v4.3.1.exe 2015-09-02 10:00 - 2015-07-23 02:02 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt(653).dll 2015-07-15 09:28 - 2015-07-04 20:07 - 002087424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32(655).dll 2018-10-07 16:55 - 2018-09-03 10:22 - 003552256 _____ C:\WINDOWS\system32\pwNative.exe 2015-09-02 10:00 - 2015-07-23 02:02 - 001216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4(656).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel(657).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32(658).dll 2015-08-14 19:30 - 2015-07-10 19:51 - 014177280 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32(659).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss(660).exe 2015-09-02 10:00 - 2015-07-23 02:02 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore(661).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli(662).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv(663).dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg(664).dll 2015-08-14 19:30 - 2015-07-16 21:01 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon(665).dll 2021-03-14 14:58 - 2004-12-10 10:03 - 000438272 _____ (On2.com) C:\WINDOWS\system32\vp6vfw.dll 2015-09-02 10:00 - 2015-07-23 02:02 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest(666).dll 2015-06-24 14:00 - 2012-12-03 15:58 - 000279040 _____ (Nicomsoft Ltd.) C:\WINDOWS\system32\WiFiMan.dll 2015-08-14 19:30 - 2015-07-16 21:12 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet(668).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv(669).dll 2015-07-15 09:28 - 2015-04-27 21:23 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust(670).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64(671).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu(672).dll 2015-09-02 10:00 - 2015-07-23 02:03 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win(673).dll 2015-08-14 19:30 - 2015-07-20 20:12 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi(674).dll 2021-03-14 14:58 - 2004-07-03 20:59 - 000524288 _____ C:\WINDOWS\system32\xvidcore.dll 2021-03-14 14:58 - 2004-07-03 21:08 - 000139264 _____ C:\WINDOWS\system32\xvidvfw.dll 2022-03-15 18:06 - 1995-11-08 12:06 - 000151552 _____ (Corel Corporation) C:\WINDOWS\crllyrnt.dll 2012-06-20 11:27 - 2012-06-20 11:27 - 000085504 _____ (eMPIA Technology, Inc.) C:\WINDOWS\emMON.exe 2014-12-01 12:52 - 1999-12-17 17:13 - 000086016 _____ (MindVision Software) C:\WINDOWS\unvise32.exe 2015-09-02 10:00 - 2015-07-22 19:53 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32(675).dll 2014-09-23 13:26 - 2010-08-27 23:55 - 000040448 _____ (Embarcadero Technologies, Inc.) C:\WINDOWS\SysWOW64\borlndmm.dll 2014-09-23 13:26 - 2009-11-23 23:04 - 001141248 _____ (Embarcadero Technologies Inc.) C:\WINDOWS\SysWOW64\cc32100mt.dll 2014-09-23 13:26 - 2009-11-02 23:02 - 001500160 _____ (Borland Corporation) C:\WINDOWS\SysWOW64\cc3260mt.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000974848 _____ C:\WINDOWS\SysWOW64\cis-2.4.dll 2014-09-20 10:54 - 1996-04-04 03:11 - 000032768 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\cmgr32.dll 2015-07-13 18:29 - 2006-04-30 05:33 - 000053248 _____ () C:\WINDOWS\SysWOW64\CommonDL.dll 2015-07-15 09:28 - 2015-04-27 21:04 - 001174528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32(676).dll 2015-09-02 10:00 - 2015-07-22 19:53 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptbase(677).dll 2007-04-27 10:43 - 2007-04-27 10:43 - 000120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll 2014-09-20 10:53 - 1996-09-06 08:02 - 000960000 _____ (Novell, Inc.) C:\WINDOWS\SysWOW64\evysh7.dll 2014-09-20 10:53 - 1996-12-04 19:01 - 000090112 _____ (Novell, Inc.) C:\WINDOWS\SysWOW64\evysh7fr.dll 2015-07-15 09:28 - 2015-06-17 19:37 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32(678).dll 2018-03-21 16:08 - 2010-06-14 23:46 - 001085440 _____ (XnView) C:\WINDOWS\SysWOW64\GflAx.dll 2014-09-20 10:53 - 1995-08-15 01:00 - 000136704 _____ (Apex Software Corporation) C:\WINDOWS\SysWOW64\grdkrn32.dll 2014-09-23 13:26 - 2003-03-12 19:24 - 000111616 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5DLG32.DLL 2014-09-23 13:26 - 2000-01-12 10:39 - 000188928 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5ICON32.DLL 2014-09-23 13:26 - 2000-01-12 11:26 - 001055744 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5KRNL32.DLL 2014-09-23 13:26 - 1998-12-11 14:59 - 000175104 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5MENU32.DLL 2014-09-23 13:26 - 1998-12-11 15:02 - 000094720 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5RTF32.DLL 2014-09-23 13:26 - 1999-09-20 18:58 - 000051200 _____ (heilerSoftware) C:\WINDOWS\SysWOW64\H5TOOL32.DLL 2015-08-14 19:30 - 2015-07-16 21:45 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil(679).dll 2008-07-04 10:23 - 2008-07-04 10:23 - 001757184 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagX7.dll 2008-07-04 10:23 - 2008-07-04 10:23 - 000258048 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagXR7.dll 2008-07-04 10:23 - 2008-07-04 10:23 - 000802816 _____ (Pegasus Imaging Corp.) C:\WINDOWS\SysWOW64\imagXRA7.dll 2014-09-23 13:26 - 1997-01-24 10:37 - 000240640 _____ (Data Techniques, Inc.) C:\WINDOWS\SysWOW64\imgman31.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000081920 _____ C:\WINDOWS\SysWOW64\issacapi_bs-2.3.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000065536 _____ C:\WINDOWS\SysWOW64\issacapi_pe-2.3.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000057344 _____ C:\WINDOWS\SysWOW64\issacapi_se-2.3.dll 2014-01-31 15:18 - 2014-01-31 15:18 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 2015-09-02 10:00 - 2015-07-22 19:52 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32(680).dll 2015-09-02 10:00 - 2015-07-22 19:52 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase(681).dll 2015-08-14 19:30 - 2015-07-30 19:55 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk(682).dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MACXMLProto.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000118784 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MaDRM.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000049152 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaJGUILib.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000045320 _____ (MARKANY) C:\WINDOWS\SysWOW64\MAMACExtract.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000024576 _____ ((주)마크애니) C:\WINDOWS\SysWOW64\MASetupCleaner.exe 2014-04-30 19:47 - 2014-04-30 19:47 - 000045056 _____ ((주) 마크애니) C:\WINDOWS\SysWOW64\MaXMLProto.dll 2014-09-20 10:53 - 1995-05-19 15:44 - 000322832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc30.dll 2021-03-05 13:40 - 2004-02-27 00:00 - 000962612 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC42D.dll 2014-09-20 10:53 - 1995-05-19 14:49 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcans32.dll 2021-03-05 13:40 - 2004-02-27 00:00 - 000827445 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCO42D.dll 2014-09-20 10:53 - 1995-05-22 14:05 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcuia32.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000057344 _____ (Marktek) C:\WINDOWS\SysWOW64\MK_Lyric.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000245760 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSCLib.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000155648 _____ (Teruten Inc.) C:\WINDOWS\SysWOW64\MSFLib.dll 2015-07-15 09:28 - 2015-06-15 23:43 - 002364416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi(683).dll 2015-07-15 09:28 - 2015-06-15 23:37 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg(684).dll 2014-09-20 10:54 - 1996-03-15 18:15 - 000033552 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT32.DLL 1996-04-11 17:34 - 1996-04-11 17:34 - 000965904 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJT3032.DLL 2014-09-20 10:54 - 1996-03-15 18:47 - 000098356 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER32.DLL 2014-09-20 10:54 - 1995-08-15 01:00 - 000144144 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSLT3032.DLL 2014-04-30 19:47 - 2014-04-30 19:47 - 000352256 _____ (Sample Corporation) C:\WINDOWS\SysWOW64\MSLUR71.dll 2014-09-20 10:54 - 1995-08-07 06:33 - 000043008 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOC95.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 000240912 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPX3032.DLL 2014-09-20 10:54 - 1995-09-20 17:16 - 000245520 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X32.DLL 2014-09-20 10:53 - 1995-07-26 01:00 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrdo32.dll 2014-09-20 10:54 - 1995-07-20 01:00 - 000121104 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSTX3032.DLL 2015-07-13 18:29 - 2011-05-06 10:37 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcm90.dll 2021-03-05 13:40 - 2000-08-29 00:00 - 000516173 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP60D.dll 2014-11-17 19:49 - 2003-03-19 05:14 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2014-11-17 19:49 - 2004-01-12 00:00 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2005-12-09 07:30 - 2005-12-09 07:30 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll 2021-03-05 13:40 - 2004-02-17 00:00 - 000434252 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCRTD.dll 2014-09-20 10:54 - 1995-05-12 01:00 - 000260368 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXB3032.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 000220944 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXL3032.DLL 2015-07-13 18:29 - 2005-09-29 22:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4a.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000040960 _____ (Telechips Inc.,) C:\WINDOWS\SysWOW64\MTTELECHIP.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000057344 _____ (Marktek Inc.) C:\WINDOWS\SysWOW64\MTXSYNCICON.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000135168 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzaf1.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000491520 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.dll 2014-04-30 19:47 - 2014-04-30 19:47 - 000172032 _____ (Musiccity Co.Ltd.) C:\WINDOWS\SysWOW64\muzapp.exe 2014-04-30 19:47 - 2014-04-30 19:47 - 000200704 _____ ( (c) MusicCity) C:\WINDOWS\SysWOW64\muzwmts.dll 2014-09-23 13:26 - 1995-05-22 02:00 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OC30.DLL 2015-07-15 09:28 - 2015-07-04 19:48 - 001414656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32(686).dll 2014-09-23 13:26 - 1996-03-23 16:24 - 000212480 _____ (Eastman Kodak) C:\WINDOWS\SysWOW64\PCDLIB32.DLL 2014-09-20 10:54 - 1996-04-04 03:11 - 000345600 _____ (Apple Computer, Inc.) C:\WINDOWS\SysWOW64\qtim32.dll 2014-09-20 18:25 - 2014-04-30 19:43 - 004659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll 2021-03-05 13:40 - 2007-05-04 15:51 - 000040448 _____ C:\WINDOWS\SysWOW64\RegOBJ.dll 2015-09-02 10:00 - 2015-07-22 19:52 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4(687).dll 2014-09-20 10:52 - 1996-10-29 23:01 - 000409600 _____ (Corel Corporation) C:\WINDOWS\SysWOW64\scint70.dll 2015-08-14 19:30 - 2015-07-10 19:34 - 012875776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32(688).dll 2015-09-02 10:00 - 2015-07-22 19:52 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli(689).dll 2006-03-17 15:49 - 2006-03-17 15:49 - 000368640 _____ (Pegasus Imaging Corporation) C:\WINDOWS\SysWOW64\twnlib4.dll 2015-08-14 19:30 - 2015-07-16 20:38 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon(690).dll 2014-09-20 10:53 - 1996-06-04 23:51 - 000721168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb40032.dll 2014-09-20 10:54 - 1995-07-20 01:00 - 000816720 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBA32.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 000008976 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAEN32.DLL 2014-09-20 10:54 - 1995-07-20 01:00 - 001371436 ____R C:\WINDOWS\SysWOW64\VBAR2132.DLL 2014-09-20 10:54 - 1995-09-24 12:02 - 000243472 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR2232.DLL 2014-09-20 10:54 - 1994-04-13 00:00 - 000095200 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBDB300.DLL 2014-09-20 10:54 - 1993-04-28 01:00 - 000013824 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBOA300.DLL 2014-09-20 10:54 - 1995-07-11 10:50 - 000398416 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBRUN300.DLL 2015-06-24 14:00 - 2012-12-03 15:57 - 000238592 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\WiFiMan.dll 2015-08-14 19:30 - 2015-07-16 20:42 - 001951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet(691).dll 2015-07-15 09:28 - 2015-04-27 21:05 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust(692).dll 2018-10-01 19:49 - 2021-11-08 03:20 - 002149184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll 2022-04-11 12:35 - 2022-04-11 22:06 - 002365952 _____ (Farbar) C:\Users\Admin R\Desktop\FRST64.exe 2020-02-28 21:51 - 2020-02-28 12:17 - 001035848 _____ (www.sordum.org) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fab_x64.exe 2021-08-05 18:24 - 2021-08-05 18:24 - 000000024 _____ C:\Users\Ralph Ballmer\AppData\Roaming\pecodec.dll 2020-02-28 21:51 - 2020-02-28 12:17 - 001035848 _____ (www.sordum.org) C:\Users\Ralph Ballmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fab_x64.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {e86344f2-4c17-11ea-be6d-806e6f6e6963} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {3f21013a-4f83-11eb-a13b-f62ad2b2c56b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {e86344f2-4c17-11ea-be6d-806e6f6e6963} device partition=\Device\HarddiskVolume2 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager Chargeur de d‚marrage Windows ----------------------------- identificateur {3f210138-4f83-11eb-a13b-f62ad2b2c56b} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3f210139-4f83-11eb-a13b-f62ad2b2c56b} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3f210139-4f83-11eb-a13b-f62ad2b2c56b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {da4a51c2-b9c4-11ec-8385-dcbad2091caa} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {3f21013a-4f83-11eb-a13b-f62ad2b2c56b} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {4b1bf647-49b9-11ea-be6a-f241e859d85f} device partition=C: path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice partition=C: systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Installation de Windows ----------------------- identificateur {7254a080-1510-4e85-ac0f-e7fb3d444736} device ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{3f21013c-4f83-11eb-a13b-f62ad2b2c56b} bootstatdevice partition=C: custom:11000083 partition=C: path \windows\system32\winload.efi description Windows Rollback locale fr-FR bootstatfilepath \$WINDOWS.~BT\Sources\SafeOS\bootstat.dat inherit {bootloadersettings} restartonfailure Yes osdevice ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{3f21013c-4f83-11eb-a13b-f62ad2b2c56b} custom:21000152 partition=C: systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {da4a51c2-b9c4-11ec-8385-dcbad2091caa} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{da4a51c3-b9c4-11ec-8385-dcbad2091caa} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{da4a51c3-b9c4-11ec-8385-dcbad2091caa} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {3f210136-4f83-11eb-a13b-f62ad2b2c56b} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {3f210138-4f83-11eb-a13b-f62ad2b2c56b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {3f21013a-4f83-11eb-a13b-f62ad2b2c56b} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {da4a51c2-b9c4-11ec-8385-dcbad2091caa} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {3f210139-4f83-11eb-a13b-f62ad2b2c56b} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {3f21013c-4f83-11eb-a13b-f62ad2b2c56b} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Options de p‚riph‚rique ----------------------- identificateur {da4a51c3-b9c4-11ec-8385-dcbad2091caa} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================