Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2022 Exécuté par NICOLAS (administrateur) sur LAPTOP-FGLE0HN7 (LENOVO 80T7) (30-05-2022 14:17:26) Exécuté depuis C:\Users\NICOLAS\Downloads Profils chargés: NICOLAS Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1706 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe (svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\NICOLAS\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230616 2015-11-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-04-22] (LENOVO -> ) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.) HKU\S-1-5-21-1056684034-25804902-2605536285-1001\...\Run: [MicrosoftEdgeAutoLaunch_EE7314AB2FAB7C240F841ECFFCD4C24C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547064 2022-05-19] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [388792 2016-02-23] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-18] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {05CE7A0B-B457-4813-B1A2-8DC926DB2291} - \Microsoft\Windows\PLA\LSC Memory -> Pas de fichier <==== ATTENTION Task: {0627B6F6-28FF-4F95-9D22-6D74DAA356D2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\777271e5-cc8a-483d-945b-87bee6dafcd4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {0AFCDF25-F120-4DA5-8844-7CED5EE122F8} - \Lenovo\Lenovo Solution Center Launcher -> Pas de fichier <==== ATTENTION Task: {0BD0F351-4721-4803-B8B3-ED08FD1E709A} - \App Explorer -> Pas de fichier <==== ATTENTION Task: {1D5DE9C2-9E34-4084-97AB-50D5B11F0053} - \Lenovo\Lenovo Customer Feedback Program 64 35 -> Pas de fichier <==== ATTENTION Task: {22B6042C-DD13-498A-8D21-0110F94B8365} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2708BB94-854E-4B19-9FE5-904B52D724BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\270ad4e0-c2a7-4db9-92c4-2b81e62f6147 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {2822750E-41F5-4378-B1F6-2727A1EB3FAB} - System32\Tasks\GoogleUpdateTaskMachineCore{3B9CFFAE-F027-484B-8C2F-75F82BC18931} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC) Task: {2B67B8A9-844E-4990-B5D9-32EA5AA18675} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> Pas de fichier <==== ATTENTION Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> Pas de fichier <==== ATTENTION Task: {358BEEC4-2065-47EB-870D-72F81B57C175} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION Task: {46F7663B-9BC8-48AC-BA5E-38E8D2CDAFFE} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Pas de fichier <==== ATTENTION Task: {48A98229-5C8E-4DDD-8139-CF35F7262A95} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> Pas de fichier <==== ATTENTION Task: {4D6AE9B1-99BC-435D-B708-49BBEB4284E7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cdb5ebe-04ae-4762-8d98-1097e3b422f7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {4DFBD6DD-AC99-4D84-B871-980BD0044620} - \PDVDServ12 Task -> Pas de fichier <==== ATTENTION Task: {4ED62474-1794-41E8-8CFC-EF847472E4C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5587F1DC-15D0-4331-A673-6EF75E5CD9C0} - \Microsoft\Windows\AppID\SmartScreenSpecific -> Pas de fichier <==== ATTENTION Task: {62108F85-18CA-4902-B8CB-75971CDB0B3A} - \CyberLink\Photo Master Gadget startup -> Pas de fichier <==== ATTENTION Task: {6548F5C8-786D-4EC2-9FD3-FA9025D45B92} - \Lenovo\REACHit Agent Update -> Pas de fichier <==== ATTENTION Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> Pas de fichier <==== ATTENTION Task: {754CE82A-A246-431B-802C-B7D3486DE43B} - \Lenovo\LSC\Lenovo Solution Center Notifications -> Pas de fichier <==== ATTENTION Task: {7DB69B72-FB82-4373-B1ED-7786E5AD04FD} - System32\Tasks\GoogleUpdateTaskMachineUA{55917BF7-079C-4796-BB14-BE573DA320A3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-27] (Google LLC -> Google LLC) Task: {92F49A3A-23B7-474D-AC63-7A8A77280F83} - \Lenovo\REACHit Agent Startup -> Pas de fichier <==== ATTENTION Task: {AA3EFF6E-7E46-4360-BDC3-00F8A0C6E3D2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {B6F2B20A-19E0-4D78-A655-824DB513B00C} - \Lenovo\LSC\LSCHardwareScan -> Pas de fichier <==== ATTENTION Task: {B93509CA-4C4E-49D1-BAC3-DDFF4C934C26} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.) Task: {BD3D51B4-19D6-46B0-BB7F-A5E1689F06B8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {C0087A58-710E-4CB8-B649-E6E4B844030A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5208f1b6-981b-4e8f-b91b-dce1f2376ace => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {C0C1C407-6785-4D56-B33E-127F08E4850C} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Pas de fichier <==== ATTENTION Task: {C349BB67-3672-4975-AE02-517BAD9318EE} - \Microsoft\Windows\WindowsUpdate\sih -> Pas de fichier <==== ATTENTION Task: {E379BAD4-CDDF-4897-8340-91058E78076F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EB4E6C95-29EE-4E0E-81D5-8F6ADD11DB62} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Pas de fichier <==== ATTENTION Task: {F903A328-6730-4FAA-8467-5DC7E7629A90} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ff6ab8af-2a41-495e-9542-ebd2ce4705f0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {FA625267-66E0-464A-AE95-8754007E78AD} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> Pas de fichier <==== ATTENTION Task: {FC07EE0C-CA8A-4F4C-A9BC-E466AE0069FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{038d4c6e-c271-4f59-b500-d57d0d4c29ff}: [DhcpNameServer] 150.201.1.3 Tcpip\..\Interfaces\{f0f8b683-7089-42f0-b30b-6cedbd039c7e}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-30] Edge Extension: (White Rabbit) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikfjdigkaodnikkepcclccgpbokkmfe [2022-03-27] Edge Extension: (MEGA) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jemjknhgpjaacbghpdhgchbgccbpkkgf [2022-05-22] Edge Extension: (Plus) - C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlihfhenloklceecaibhfbjppmleoiob [2022-03-27] Edge Profile: C:\Users\NICOLAS\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-03-27] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-27] CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-22] CHR Notifications: Profile 1 -> hxxps://www.futura-sciences.com CHR DefaultSearchURL: Profile 1 -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&enableSearch=true&rdrct=no&redirect=CPC CHR DefaultSearchKeyword: Profile 1 -> askwebs CHR DefaultSuggestURL: Profile 1 -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}&enableSearch=true&rdrct=no CHR Extension: (MEGA) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-05-22] CHR Extension: (Google Docs hors connexion) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-15] CHR Extension: (Ask Web Search) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hapkhkcjeoklmeklalckjempdbgbagai [2022-04-09] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-27] CHR Profile: C:\Users\NICOLAS\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-27] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo) R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2015-12-10] (LENOVO -> Lenovo) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 GoodixTouchDriver; C:\WINDOWS\System32\drivers\GoodixTouchDriver.sys [53760 2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 MpKsl835de01e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DF8F6777-89CC-473E-BE5D-88A2A9A74C40}\MpKslDrv.sys [137464 2022-05-30] (Microsoft Windows -> Microsoft Corporation) R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.) R3 RtkA2dp; C:\WINDOWS\System32\drivers\RtkA2dp.sys [222760 2016-08-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [78616 2016-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [87832 2016-08-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R3 RtkHandsfree; C:\WINDOWS\System32\drivers\RtkHandsfree.sys [48680 2016-08-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [282272 2021-03-10] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 USBDEVICEDRV; C:\WINDOWS\system32\drivers\USBDEVICEDRV.sys [94704 2014-01-27] (Future Technology Devices International Ltd -> FTDI Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-25] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-25] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-30 14:17 - 2022-05-30 14:20 - 000021461 _____ C:\Users\NICOLAS\Downloads\FRST.txt 2022-05-30 14:15 - 2022-05-30 14:19 - 000000000 ____D C:\FRST 2022-05-30 14:14 - 2022-05-30 14:14 - 000001039 _____ C:\Users\NICOLAS\Desktop\FRST64 - Raccourci.lnk 2022-05-30 14:12 - 2022-05-30 14:14 - 002367488 _____ (Farbar) C:\Users\NICOLAS\Downloads\FRST64.exe 2022-05-30 13:56 - 2022-05-30 13:56 - 000265646 _____ C:\Users\NICOLAS\Desktop\ZHPDiag.txt 2022-05-30 13:28 - 2022-05-30 13:56 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\ZHP 2022-05-30 13:28 - 2022-05-30 13:28 - 000000874 _____ C:\Users\NICOLAS\Desktop\ZHPSuite.lnk 2022-05-30 13:28 - 2022-05-30 13:28 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\ZHP 2022-05-30 13:27 - 2022-05-30 13:28 - 003483848 _____ (Nicolas Coolman) C:\Users\NICOLAS\Downloads\ZHPSuite.exe 2022-05-29 11:03 - 2022-05-29 11:03 - 000002719 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Barre Edge de Microsoft Edge.lnk 2022-05-18 12:48 - 2022-05-18 12:48 - 000000000 ___RD C:\Users\NICOLAS\Downloads\1253QUANTUMVM.UNRARMETRO_ckbnxvahp5f44!App 2022-05-18 12:42 - 2022-05-18 12:42 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-05-18 12:40 - 2022-05-18 12:40 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-05-18 12:39 - 2022-05-18 12:39 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-05-18 11:37 - 2022-05-18 11:37 - 000000000 ___HD C:\$WinREAgent 2022-05-02 21:08 - 2022-05-02 21:08 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-05-02 21:08 - 2022-05-02 21:08 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-04-20 13:33 - 2022-04-20 13:33 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-04-20 13:32 - 2022-04-20 13:32 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-04-20 13:30 - 2022-04-20 13:30 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-04-08 09:22 - 2022-05-29 10:18 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\CrashDumps 2022-04-04 10:33 - 2022-04-04 10:55 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\mbam 2022-04-03 15:01 - 2022-04-03 15:01 - 000314441 _____ C:\Users\NICOLAS\Downloads\fiche-de-cours.htm 2022-04-02 14:57 - 2022-04-02 14:57 - 000084766 _____ C:\Users\NICOLAS\Downloads\photo-pyramide-de-gizeh-dm7915.webp 2022-04-02 14:53 - 2022-04-02 14:53 - 000115478 _____ C:\Users\NICOLAS\Downloads\11452165.webp 2022-04-02 14:48 - 2022-04-02 14:48 - 000102323 _____ C:\Users\NICOLAS\Downloads\File_Louvre-antiquites-egyptiennes-p1020372-gradient.htm 2022-03-30 09:21 - 2022-05-18 12:28 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\PlaceholderTileLogoFolder 2022-03-29 11:10 - 2022-04-08 08:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-03-29 10:44 - 2022-03-29 10:44 - 000001944 _____ C:\Users\NICOLAS\Desktop\PC Health Check.lnk 2022-03-29 10:44 - 2022-03-29 10:44 - 000001362 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-03-29 10:44 - 2022-03-29 10:44 - 000000000 ___RD C:\Users\NICOLAS\AppData\Local\PCHealthCheck 2022-03-29 10:33 - 2022-03-29 10:33 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\OneDrive 2022-03-28 11:24 - 2022-03-28 11:24 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\D3DSCache 2022-03-28 10:53 - 2022-05-18 11:26 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-03-27 17:13 - 2022-03-27 17:13 - 000000000 ___HD C:\OneDriveTemp 2022-03-27 17:12 - 2022-03-27 17:12 - 000000000 ____D C:\Users\Public\Lenovo App Explorer 2022-03-27 14:23 - 2022-05-18 13:07 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-03-27 14:23 - 2022-05-18 13:07 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-03-27 14:22 - 2022-03-27 14:22 - 000000000 ____D C:\Program Files\Google 2022-03-27 14:20 - 2022-04-25 16:16 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{55917BF7-079C-4796-BB14-BE573DA320A3} 2022-03-27 14:20 - 2022-04-25 16:16 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3B9CFFAE-F027-484B-8C2F-75F82BC18931} 2022-03-27 14:19 - 2022-05-30 14:17 - 000000000 ____D C:\Program Files (x86)\Google 2022-03-27 14:19 - 2022-03-30 10:26 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Google 2022-03-27 10:55 - 2022-03-27 10:55 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\LSC 2022-03-27 10:45 - 2022-03-27 11:02 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Lenovo 2022-03-27 10:45 - 2022-03-27 10:45 - 000000000 ____D C:\Users\NICOLAS\REACHit 2022-03-27 10:41 - 2022-03-27 13:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo 2022-03-27 10:41 - 2022-03-27 10:41 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\CyberLink 2022-03-26 12:04 - 2022-03-26 12:04 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Comms 2022-03-25 19:16 - 2022-03-25 19:17 - 000000000 ____D C:\ProgramData\HP 2022-03-24 20:51 - 2022-05-20 11:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1056684034-25804902-2605536285-1001 2022-03-24 20:50 - 2022-05-20 11:45 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1056684034-25804902-2605536285-1001 2022-03-24 20:47 - 2022-03-24 20:47 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Power2Go8 2022-03-24 20:42 - 2022-03-24 20:42 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Publishers 2022-03-24 20:41 - 2022-05-18 13:14 - 000000000 ____D C:\ProgramData\Packages 2022-03-24 20:37 - 2022-05-18 13:18 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Packages 2022-03-24 20:37 - 2022-05-18 11:48 - 000000000 ____D C:\Users\NICOLAS\Documents\My Bluetooth 2022-03-24 20:37 - 2022-03-24 20:37 - 000000000 ____D C:\Users\NICOLAS\AppData\Roaming\Adobe 2022-03-24 20:37 - 2022-03-24 20:37 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\VirtualStore 2022-03-24 20:36 - 2022-03-25 19:11 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\ConnectedDevicesPlatform 2022-03-24 20:36 - 2022-03-24 20:36 - 000000020 ___SH C:\Users\NICOLAS\ntuser.ini 2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\Default User 2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Users\All Users 2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Modèles 2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\ProgramData\Bureau 2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 _SHDL C:\Program Files\Fichiers communs 2022-03-24 17:26 - 2022-03-24 17:26 - 000010168 _____ C:\Users\defaultuser100000\Desktop\Applications supprimées.html 2022-03-24 17:20 - 2022-03-24 17:20 - 000023108 _____ C:\WINDOWS\system32\emptyregdb.dat 2022-03-24 16:39 - 2022-05-30 11:00 - 000000000 ____D C:\Users\NICOLAS\AppData\Local\Host App Service 2022-03-24 16:39 - 2022-05-20 11:45 - 000002430 _____ C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-03-24 16:39 - 2022-03-27 10:45 - 000000000 ____D C:\Users\NICOLAS 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Voisinage réseau 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Voisinage d'impression 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Modèles 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Mes documents 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Menu Démarrer 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Mes vidéos 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Mes images 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\Documents\Ma musique 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\NICOLAS\AppData\Local\Historique 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage réseau 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Voisinage d'impression 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Modèles 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Mes documents 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Menu Démarrer 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes vidéos 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Mes images 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\Documents\Ma musique 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-03-24 16:39 - 2022-03-24 16:39 - 000000000 _SHDL C:\Users\defaultuser100000\AppData\Local\Historique 2022-03-24 16:38 - 2022-03-24 17:23 - 000000000 ____D C:\Users\defaultuser100000 2022-03-24 16:38 - 2022-03-24 16:18 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Host App Service 2022-03-24 16:38 - 2019-12-07 11:10 - 000001105 _____ C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-03-24 16:11 - 2022-03-24 16:11 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2022-03-24 15:32 - 2022-03-24 15:33 - 000000000 ____D C:\Program Files\Realtek 2022-03-24 15:32 - 2022-03-24 15:32 - 000241015 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____D C:\WINDOWS\system32\DAX3 2022-03-24 15:32 - 2022-03-24 15:32 - 000000000 ____D C:\WINDOWS\system32\DAX2 2022-03-24 15:31 - 2022-05-30 10:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-03-24 15:31 - 2022-03-24 16:21 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2022-03-24 15:31 - 2022-03-24 16:12 - 000000000 ____D C:\Program Files\Intel 2022-03-24 15:31 - 2022-03-24 15:31 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2022-03-24 15:31 - 2022-03-24 15:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf 2022-03-24 15:31 - 2022-03-24 15:31 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2022-03-24 15:31 - 2017-06-12 02:56 - 000103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2022-03-24 15:31 - 2017-06-12 02:56 - 000099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2022-03-24 15:29 - 2022-05-02 21:07 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-03-24 15:29 - 2022-05-02 21:07 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-03-24 15:28 - 2022-03-24 16:18 - 000000000 ____D C:\ProgramData\Realtek 2022-03-24 15:27 - 2022-05-19 15:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-03-24 15:27 - 2022-04-25 16:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-03-24 14:58 - 2022-05-23 15:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-03-24 14:58 - 2022-05-18 16:02 - 000258768 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-03-24 14:56 - 2015-04-28 20:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp 2022-03-24 14:54 - 2022-03-24 18:32 - 000000000 ____D C:\WINDOWS\Panther 2022-03-24 14:23 - 2022-03-28 11:26 - 000000000 ____D C:\Windows.old 2022-03-24 14:21 - 2022-03-24 14:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-03-24 14:18 - 2022-03-24 14:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2022-03-24 14:17 - 2022-03-24 14:17 - 000000000 ____D C:\WINDOWS\Lenovo 2022-03-24 14:16 - 2022-03-24 15:30 - 000000000 ____D C:\Program Files\Elantech 2022-03-24 14:14 - 2022-03-24 14:14 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-03-24 14:12 - 2022-03-24 14:12 - 000000000 ____D C:\WINDOWS\Setup 2022-03-24 14:10 - 2022-03-24 18:32 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-03-24 14:10 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\OCR 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ___RD C:\WINDOWS\WebManagement 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\addins 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\ProgramData\ssh 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files\MSBuild 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-03-24 14:10 - 2022-03-24 14:10 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-03-24 14:08 - 2022-05-19 15:45 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat 2022-03-24 14:08 - 2022-05-19 15:45 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat 2022-03-24 14:08 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2022-03-24 14:08 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\fr 2022-03-24 14:08 - 2022-03-24 14:07 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat 2022-03-24 14:08 - 2022-03-24 14:07 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\winrm 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\WCN 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\slmgr 2022-03-24 14:04 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\system32\0409 2022-03-24 14:04 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\DigitalLocker 2022-03-24 13:53 - 2022-05-19 15:37 - 000000000 ____D C:\WINDOWS\ServiceState 2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\SystemResources 2022-03-24 13:53 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\Provisioning 2022-03-24 13:53 - 2022-04-20 16:55 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-03-24 13:53 - 2022-03-30 10:25 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-03-24 13:53 - 2022-03-25 19:12 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-03-24 13:53 - 2022-03-24 17:26 - 000000000 ____D C:\WINDOWS\Registration 2022-03-24 13:53 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\system32\spool 2022-03-24 13:53 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\Resources 2022-03-24 13:53 - 2022-03-24 14:51 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2022-03-24 13:53 - 2022-03-24 14:50 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\SystemApps 2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\setup 2022-03-24 13:53 - 2022-03-24 14:10 - 000000000 ____D C:\WINDOWS\system32\MUI 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\F12 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\dsc 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-03-24 13:53 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Com 2022-03-24 13:53 - 2022-03-24 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2022-03-24 13:53 - 2022-03-24 13:54 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\system32\Nui 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Web 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\WaaS 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Vss 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\tracing 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\TAPI 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\winevt 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ti-et 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ta-in 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\si-lk 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ras 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\my-mm 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Macromed 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Keywords 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\IME 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\icsxml 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ias 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\DriverState 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\downlevel 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\am-et 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\System 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SKB 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\security 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\schemas 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\SchCache 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\rescache 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\PLA 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Performance 2022-03-24 13:53 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\ModemLogs 2022-03-24 13:53 - 2022-03-24 13:47 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2022-03-24 13:53 - 2022-03-24 13:47 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2022-03-24 13:53 - 2022-03-24 13:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2022-03-24 13:53 - 2022-03-24 13:47 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2022-03-24 13:53 - 2022-03-24 13:47 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config 2022-03-24 13:53 - 2022-03-24 13:47 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config 2022-03-24 13:53 - 2022-03-24 13:47 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2022-03-24 13:53 - 2022-03-24 13:47 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2022-03-24 13:53 - 2022-03-24 13:47 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2022-03-24 13:52 - 2022-05-30 13:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-03-24 13:52 - 2022-05-30 13:49 - 000000000 ___HD C:\Program Files\WindowsApps 2022-03-24 13:52 - 2022-05-30 13:49 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-03-24 13:52 - 2022-05-18 15:57 - 000000000 ____D C:\Program Files\Common Files\System 2022-03-24 13:52 - 2022-04-25 16:15 - 000000000 ____D C:\Program Files\Windows Defender 2022-03-24 13:52 - 2022-04-20 17:00 - 000000000 ___RD C:\Program Files (x86) 2022-03-24 13:52 - 2022-04-20 16:35 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-03-24 13:52 - 2022-03-27 10:43 - 000000000 ____D C:\WINDOWS\appcompat 2022-03-24 13:52 - 2022-03-24 17:34 - 000000000 ____D C:\Program Files\Windows NT 2022-03-24 13:52 - 2022-03-24 17:20 - 000000000 __RHD C:\Users\Public\Libraries 2022-03-24 13:52 - 2022-03-24 16:20 - 000000000 ____D C:\WINDOWS\Help 2022-03-24 13:52 - 2022-03-24 16:18 - 000000000 ____D C:\ProgramData\USOPrivate 2022-03-24 13:52 - 2022-03-24 16:12 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-03-24 13:52 - 2022-03-24 15:08 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-03-24 13:52 - 2022-03-24 14:08 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\WINDOWS\IME 2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-03-24 13:52 - 2022-03-24 14:07 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2022-03-24 13:52 - 2022-03-24 14:04 - 000000000 ____D C:\Program Files (x86)\Windows NT 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 __RSD C:\WINDOWS\Media 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\L2Schemas 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\IdentityCRL 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\DiagTrack 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\Cursors 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Windows Portable Devices 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files\Common Files\Services 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2022-03-24 13:52 - 2022-03-24 13:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 __SHD C:\Program Files\Windows Sidebar 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\InputMethod 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Globalization 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Containers 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\WINDOWS\Branding 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\ProgramData\USOShared 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\Program Files\Windows Security 2022-03-24 13:52 - 2022-03-24 13:52 - 000000000 ____D C:\Program Files\ModifiableWindowsApps 2022-03-24 13:49 - 2022-05-23 11:15 - 000000000 ____D C:\WINDOWS\INF 2022-03-24 13:36 - 2022-05-18 13:02 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-03-24 13:21 - 2022-05-18 16:12 - 084672512 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-03-24 13:21 - 2022-05-18 16:12 - 019660800 _____ C:\WINDOWS\system32\config\SYSTEM 2022-03-24 13:21 - 2022-05-18 16:12 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT 2022-03-24 13:21 - 2022-05-18 16:12 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2022-03-24 13:21 - 2022-05-18 16:12 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY 2022-03-24 13:21 - 2022-05-18 16:12 - 000065536 _____ C:\WINDOWS\system32\config\SAM 2022-03-24 13:21 - 2022-04-20 14:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-03-24 13:21 - 2022-03-29 11:09 - 000000000 ____D C:\WINDOWS\servicing 2022-03-24 13:21 - 2022-03-24 13:53 - 000000000 ____D C:\WINDOWS\system32\SMI 2022-03-18 12:52 - 2022-03-18 12:52 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-03-18 12:51 - 2022-03-18 12:51 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-03-18 12:50 - 2022-03-18 12:50 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-03-18 12:49 - 2022-03-18 12:49 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-03-10 12:21 - 2022-03-10 12:21 - 000000751 _____ C:\Users\NICOLAS\Downloads\Musique - Raccourci.lnk 2022-03-10 12:04 - 2022-03-10 12:42 - 000001631 _____ C:\Users\NICOLAS\Desktop\Driver.lnk 2022-03-10 12:04 - 2022-03-10 12:04 - 000000000 ____D C:\APPLIC ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-30 12:37 - 2021-01-25 19:27 - 000000000 ____D C:\Users\NICOLAS\Documents\1 DOSSIER NICOLAS 2022-05-30 10:53 - 2019-03-13 21:37 - 000000000 __SHD C:\Users\NICOLAS\IntelGraphicsProfiles 2022-05-20 11:44 - 2020-06-25 09:56 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-05-20 11:44 - 2020-06-25 09:56 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-05-19 15:45 - 2015-11-03 21:28 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-05-19 15:37 - 2020-09-24 19:09 - 000008192 ___SH C:\DumpStack.log.tmp 2022-05-18 13:30 - 2020-12-18 09:22 - 000000000 ____D C:\Users\NICOLAS\Documents\2 DOSSIER SANDRA ==================== Fichiers à la racine de certains dossiers ======== 2022-03-24 20:37 - 2022-05-30 10:55 - 000178034 _____ () C:\Users\NICOLAS\AppData\Local\BTServer.log ==================== SigCheckExt ========================= 2016-04-22 19:11 - 2016-01-18 08:33 - 000189440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4364.dll 2016-06-06 03:26 - 2016-01-27 14:29 - 000001700 _____ C:\WINDOWS\system32\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll 2016-06-06 03:26 - 2016-03-10 10:25 - 000037084 _____ C:\WINDOWS\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2016-06-06 03:26 - 2016-01-27 14:20 - 000022232 _____ C:\WINDOWS\system32\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2016-06-06 03:24 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2015-09-03 10:59 - 2015-09-03 10:59 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 2022-05-30 14:12 - 2022-05-30 14:14 - 002367488 _____ (Farbar) C:\Users\NICOLAS\Downloads\FRST64.exe 2022-05-30 13:27 - 2022-05-30 13:28 - 003483848 _____ (Nicolas Coolman) C:\Users\NICOLAS\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {9426218e-2bd5-11e6-9cc7-806e6f6e6963} {7783abf5-b87d-11e6-af14-806e6f6e6963} {9426218c-2bd5-11e6-9cc7-806e6f6e6963} {9426218d-2bd5-11e6-9cc7-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {393f3b06-ab6d-11ec-a791-f405824e5376} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {539b7b80-88a9-11e6-af0b-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description EFI Network 0 for IPv6 (C8-5B-76-0F-60-26) Application logicielle (101fffff) -------------------------------- identificateur {7783abf4-b87d-11e6-af14-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager Application logicielle (101fffff) -------------------------------- identificateur {7783abf5-b87d-11e6-af14-806e6f6e6963} device partition=\Device\HarddiskVolume7 path \EFI\Microsoft\Boot\LrsBootMgr.efi description Lenovo Recovery System Application logicielle (101fffff) -------------------------------- identificateur {7783abf6-b87d-11e6-af14-806e6f6e6963} description EFI Network 0 for IPv4 (C8-5B-76-0F-60-26) Application logicielle (101fffff) -------------------------------- identificateur {9426218c-2bd5-11e6-9cc7-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {9426218d-2bd5-11e6-9cc7-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {9426218e-2bd5-11e6-9cc7-806e6f6e6963} description EFI Network Chargeur de d‚marrage Windows ----------------------------- identificateur {09647ae6-fe91-11ea-a26e-fdb38a979b42} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{09647ae7-fe91-11ea-a26e-fdb38a979b42} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery displaymessageoverride PushButtonReset osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{09647ae7-fe91-11ea-a26e-fdb38a979b42} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {09647ae6-fe91-11ea-a26e-fdb38a979b42} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {393f3b06-ab6d-11ec-a791-f405824e5376} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {393f3b06-ab6d-11ec-a791-f405824e5376} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {09647ae6-fe91-11ea-a26e-fdb38a979b42} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {09647ae7-fe91-11ea-a26e-fdb38a979b42} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================