Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022 Exécuté par pabiot (administrateur) sur DESKTOP-TFP1UFE (Acer Nitro AN515-44) (28-09-2022 19:33:05) Exécuté depuis C:\Users\pabio\Desktop Profils chargés: pabiot Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.2006 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe (drivers\RivetNetworks\Killer\KAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe (drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe (DriverStore\FileRepository\u0357176.inf_amd64_828ff99cacd4aa89\B356563\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0357176.inf_amd64_828ff99cacd4aa89\B356563\atieclxx.exe (explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\pabio\Desktop\ZHPSuite.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <23> (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0357176.inf_amd64_828ff99cacd4aa89\B356563\atiesrxx.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe (services.exe ->) (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe (services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe (services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.yourphone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076016 2020-04-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-2716339065-3639594985-3930625846-1001\...\Run: [MicrosoftEdgeAutoLaunch_200E027ADB248BC486B1147510BAA2DE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2716339065-3639594985-3930625846-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pabio\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2716339065-3639594985-3930625846-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pabio\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2716339065-3639594985-3930625846-1001\...\RunOnce: [Uninstall 22.186.0904.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pabio\AppData\Local\Microsoft\OneDrive\22.186.0904.0001" (Pas de fichier) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0808EEA4-143F-4D14-87B9-097E716D22CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2B1475C6-6103-4DC9-94D9-82E98BA5555F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {548A0634-AB0F-497E-9E8C-0E595A1658A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-25] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {76559CEA-DC5D-4A87-902E-C06A2A018739} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {A3891152-EE41-46D8-917E-DA643547DE21} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {B6E6C6B9-D000-41A5-AB05-06117DAF41BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-25] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{df733063-c98b-4491-9a68-0a0ab140164d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\pabio\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-28] FireFox: ======== FF DefaultProfile: aam7nukn.default FF ProfilePath: C:\Users\pabio\AppData\Roaming\Mozilla\Firefox\Profiles\aam7nukn.default [2022-09-25] FF ProfilePath: C:\Users\pabio\AppData\Roaming\Mozilla\Firefox\Profiles\f25ap1sc.default-release [2022-09-28] FF DownloadDir: C:\Users\pabio\Desktop FF Homepage: Mozilla\Firefox\Profiles\f25ap1sc.default-release -> about:blank FF Session Restore: Mozilla\Firefox\Profiles\f25ap1sc.default-release -> est activé. FF Extension: (Hoxx VPN Proxy) - C:\Users\pabio\AppData\Roaming\Mozilla\Firefox\Profiles\f25ap1sc.default-release\Extensions\@hoxx-vpn.xpi [2022-09-26] FF Extension: (Dashlane) - C:\Users\pabio\AppData\Roaming\Mozilla\Firefox\Profiles\f25ap1sc.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2022-09-25] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\pabio\AppData\Roaming\Mozilla\Firefox\Profiles\f25ap1sc.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-09-25] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243432 2022-07-08] (DTS, Inc. -> DTS Inc.) R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1747464 2019-12-06] (Rivet Networks LLC -> Rivet Networks) R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2651656 2019-12-06] (Rivet Networks LLC -> Rivet Networks) R3 Killer Wifi Optimization Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73720 2019-12-06] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73720 2019-12-06] (Rivet Networks LLC -> Rivet Networks, LLC.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-25] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-25] (Microsoft Windows Publisher -> Microsoft Corporation) S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73728 2019-12-06] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73736 2019-12-06] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_50ffce48b1e8519d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 a2djusb_svc; C:\WINDOWS\System32\Drivers\a2djusb.sys [98664 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 a4djusb_svc; C:\WINDOWS\System32\Drivers\a4djusb.sys [99688 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 a8djusb_svc; C:\WINDOWS\System32\Drivers\a8djusb.sys [100712 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 HDJCtrl; C:\WINDOWS\System32\Drivers\HDJCtrl.sys [72712 2021-05-25] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2019. All rights reserved.) S3 kf1usb_svc; C:\WINDOWS\System32\Drivers\kf1usb.sys [47696 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [177288 2019-12-06] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 ks2m2usb_svc; C:\WINDOWS\System32\Drivers\ks2m2usb.sys [85200 2013-07-24] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 ks2usb_svc; C:\WINDOWS\System32\Drivers\ks2usb.sys [83816 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 ks4m2usb_svc; C:\WINDOWS\System32\Drivers\ks4m2usb.sys [89296 2013-07-24] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 kx1m2usb_svc; C:\WINDOWS\System32\Drivers\kx1m2usb.sys [49360 2013-05-17] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 kz1usb_svc; C:\WINDOWS\System32\Drivers\kz1usb.sys [83152 2013-05-17] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 kz2usb_svc; C:\WINDOWS\System32\Drivers\kz2usb.sys [84328 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 nikd2usb; C:\WINDOWS\System32\drivers\nikd2usb.sys [42072 2015-01-30] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 nikkbdusb; C:\WINDOWS\System32\drivers\nikkbdusb.sys [101192 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 niks8usb; C:\WINDOWS\System32\drivers\niks8usb.sys [85320 2014-10-28] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 ta10usb_svc; C:\WINDOWS\System32\Drivers\ta10usb.sys [83304 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 ta2m2usb_svc; C:\WINDOWS\System32\Drivers\ta2m2usb.sys [74960 2013-10-02] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 ta2usb_svc; C:\WINDOWS\System32\Drivers\ta2usb.sys [82792 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S3 ta6usb_svc; C:\WINDOWS\System32\Drivers\ta6usb.sys [78696 2012-12-18] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-25] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-25] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-09-28 19:32 - 2022-09-28 19:33 - 000015290 _____ C:\Users\pabio\Desktop\FRST.txt 2022-09-28 19:32 - 2022-09-28 19:33 - 000000000 ____D C:\FRST 2022-09-28 19:31 - 2022-09-28 19:31 - 002371072 _____ (Farbar) C:\Users\pabio\Desktop\FRST64.exe 2022-09-28 19:27 - 2022-09-28 19:29 - 075694609 _____ C:\Users\pabio\Desktop\Floxytek Sample Pack Vol.2 180-190 BPM.zip 2022-09-28 19:27 - 2022-09-28 19:27 - 000267209 _____ C:\Users\pabio\Desktop\ZHPDiag.txt 2022-09-28 19:26 - 2022-09-28 19:34 - 501188860 _____ C:\Users\pabio\Desktop\FL Studio Producer Edition 20.UC-0Okgu.8.4.2576 WiN by Zom.rar.part 2022-09-28 19:26 - 2022-09-28 19:26 - 000000000 _____ C:\Users\pabio\Desktop\FL Studio Producer Edition 20.8.4.2576 WiN by Zom.rar 2022-09-28 19:23 - 2022-09-28 19:23 - 000000865 _____ C:\Users\pabio\Desktop\ZHPSuite.lnk 2022-09-28 19:22 - 2022-09-28 19:22 - 003508424 _____ (Nicolas Coolman) C:\Users\pabio\Desktop\ZHPSuite.exe 2022-09-28 18:04 - 2022-09-28 18:04 - 000000849 _____ C:\Users\pabio\Desktop\Icarus.lnk 2022-09-28 09:49 - 2022-09-28 09:54 - 000259648 _____ C:\Users\pabio\Desktop\RAPPORT DE DIAGNOSTIC DE ZHPDIAG.txt 2022-09-28 09:46 - 2022-09-28 19:27 - 000000000 ____D C:\Users\pabio\AppData\Roaming\ZHP 2022-09-28 09:46 - 2022-09-28 19:23 - 000000000 ____D C:\Users\pabio\AppData\Local\ZHP 2022-09-28 09:46 - 2022-09-28 09:46 - 000000865 _____ C:\Users\pabio\Desktop\ZHPDiag.lnk 2022-09-28 00:57 - 2022-09-28 00:57 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2022-09-27 23:50 - 2022-09-27 23:51 - 000000000 ____D C:\Program Files\Sugar Bytes 2022-09-27 20:09 - 2022-09-27 20:09 - 000000000 ____D C:\Users\pabio\Documents\Metric Halo 2022-09-27 20:08 - 2022-09-27 20:08 - 000000000 ____D C:\Users\pabio\AppData\Roaming\MH Plugin Preferences 2022-09-27 19:59 - 2022-09-27 19:59 - 000000000 ___HD C:\$AV_AVG 2022-09-27 19:20 - 2022-09-27 19:20 - 000000000 ____D C:\Users\pabio\AppData\Local\Xfer 2022-09-27 18:58 - 2022-09-27 18:58 - 000000019 _____ C:\Users\pabio\Desktop\Nouveau document texte.txt 2022-09-27 18:48 - 2022-09-27 18:48 - 000000000 ____D C:\Users\pabio\AppData\Local\CEF 2022-09-27 18:40 - 2022-09-27 19:20 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Xfer 2022-09-27 18:40 - 2022-09-27 18:41 - 000000000 ____D C:\Users\pabio\AppData\Local\iZotope 2022-09-27 18:35 - 2022-09-28 01:12 - 000000000 ____D C:\ProgramData\AVG 2022-09-27 18:33 - 2022-09-27 18:41 - 000000000 ____D C:\Users\pabio\AppData\Roaming\iZotope 2022-09-27 18:33 - 2022-09-27 18:33 - 000000000 ____D C:\Users\pabio\Documents\iZotope 2022-09-27 18:33 - 2022-09-27 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope 2022-09-27 18:33 - 2022-09-27 18:33 - 000000000 ____D C:\Program Files\Celemony 2022-09-27 18:32 - 2022-09-27 18:32 - 000000000 ____D C:\Program Files\Common Files\Celemony 2022-09-27 18:31 - 2022-09-27 18:33 - 000000000 ___RD C:\Program Files\iZotope 2022-09-27 18:31 - 2022-09-27 18:31 - 000000000 ____D C:\Program Files (x86)\iZotope 2022-09-27 18:30 - 2022-09-27 18:30 - 000000000 ____D C:\Users\pabio\Documents\Xfer 2022-09-27 18:30 - 2022-09-27 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfer Records 2022-09-27 18:30 - 2022-09-27 18:30 - 000000000 ____D C:\Program Files\Xfer Records 2022-09-26 10:57 - 2022-09-26 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camel Audio 2022-09-26 10:57 - 2022-09-26 10:57 - 000000000 ____D C:\ProgramData\Camel Audio 2022-09-26 10:57 - 2022-09-26 10:57 - 000000000 ____D C:\Program Files\Camel Audio 2022-09-25 17:39 - 2022-09-25 17:39 - 000000000 ____D C:\Users\pabio\AppData\Roaming\ValhallaShimmer 2022-09-25 17:39 - 2022-09-25 17:39 - 000000000 ____D C:\Users\pabio\AppData\Roaming\ValhallaPlate 2022-09-25 17:39 - 2022-09-25 17:39 - 000000000 ____D C:\Users\pabio\AppData\Roaming\FabFilter 2022-09-25 17:36 - 2022-09-25 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SoundToys 2022-09-25 17:36 - 2022-09-25 17:36 - 000000000 ____D C:\Program Files (x86)\Soundtoys 2022-09-25 17:35 - 2022-09-25 17:35 - 000000000 ____D C:\Users\Public\Documents\Soundtoys 2022-09-25 17:35 - 2022-09-25 17:35 - 000000000 ____D C:\ProgramData\AudioUTOPiA 2022-09-25 17:33 - 2022-09-25 17:33 - 000001064 _____ C:\Users\pabio\Desktop\Adobe Photoshop 2020.lnk 2022-09-25 17:29 - 2022-09-25 17:29 - 000000000 ____D C:\Users\pabio\AppData\Roaming\ValhallaVintageVerbPreferences 2022-09-25 17:29 - 2022-09-25 17:29 - 000000000 ____D C:\Users\pabio\AppData\Roaming\ValhallaDelay 2022-09-25 17:28 - 2022-09-28 01:34 - 000000000 ____D C:\ProgramData\ValhallaVintageVerbPreferences 2022-09-25 17:28 - 2022-09-25 17:39 - 000000000 ____D C:\Users\pabio\AppData\Local\Roland Cloud 2022-09-25 17:28 - 2022-09-25 17:29 - 000000000 ____D C:\Users\pabio\AppData\Roaming\ValhallaVintageVerb 2022-09-25 17:21 - 2022-09-25 17:39 - 000000000 ____D C:\Users\pabio\Documents\FabFilter 2022-09-25 17:21 - 2022-09-25 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FabFilter 2022-09-25 17:21 - 2022-09-25 17:21 - 000000000 ____D C:\Program Files\FabFilter 2022-09-25 17:17 - 2022-09-28 01:34 - 000000000 ____D C:\ProgramData\ValhallaVintageVerb 2022-09-25 17:17 - 2022-09-28 01:33 - 000000000 ____D C:\ProgramData\ValhallaDelay 2022-09-25 17:17 - 2022-09-25 17:39 - 000000000 ____D C:\ProgramData\ValhallaShimmer 2022-09-25 17:17 - 2022-09-25 17:39 - 000000000 ____D C:\ProgramData\ValhallaRoom 2022-09-25 17:17 - 2022-09-25 17:39 - 000000000 ____D C:\ProgramData\ValhallaPlate 2022-09-25 17:17 - 2022-09-25 17:17 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Valhalla DSP, LLC 2022-09-25 17:17 - 2022-09-25 17:17 - 000000000 ____D C:\ProgramData\ValhallaUberMod 2022-09-25 17:17 - 2022-09-25 17:17 - 000000000 ____D C:\ProgramData\Valhalla DSP, LLC 2022-09-25 17:17 - 2022-09-25 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valhalla DSP 2022-09-25 17:17 - 2022-09-25 17:17 - 000000000 ____D C:\Program Files\Valhalla DSP 2022-09-25 17:16 - 2022-09-25 17:16 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Endless Smile 2022-09-25 17:16 - 2022-09-25 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman 2022-09-25 17:16 - 2022-09-25 17:16 - 000000000 ____D C:\Program Files\MediaHuman 2022-09-25 17:14 - 2022-09-25 17:14 - 000001174 _____ C:\Users\Public\Desktop\TmUnitedForever.lnk 2022-09-25 17:14 - 2022-09-25 17:14 - 000000000 ____D C:\Users\pabio\Documents\TrackMania 2022-09-25 17:14 - 2022-09-25 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever 2022-09-25 17:13 - 2022-09-25 17:14 - 000000000 ____D C:\Program Files (x86)\TmUnitedForever 2022-09-25 17:13 - 2022-09-25 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roland 2022-09-25 17:12 - 2022-09-25 17:12 - 000000000 ___RD C:\ProgramData\Roland Cloud 2022-09-25 17:12 - 2022-09-25 17:12 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Roland Cloud 2022-09-25 17:12 - 2022-09-25 17:12 - 000000000 ____D C:\Program Files\Steinberg 2022-09-25 17:12 - 2022-09-25 17:12 - 000000000 ____D C:\Program Files (x86)\Roland 2022-09-25 17:09 - 2022-09-25 17:09 - 000000000 ____D C:\Users\pabio\AppData\Roaming\WinRAR 2022-09-25 17:09 - 2022-09-25 17:09 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-09-25 17:09 - 2022-09-25 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-09-25 17:09 - 2022-09-25 17:09 - 000000000 ____D C:\Program Files\WinRAR 2022-09-25 17:06 - 2022-09-25 17:06 - 000001167 _____ C:\Users\Public\Desktop\Traktor 2.lnk 2022-09-25 17:06 - 2022-09-25 17:06 - 000000000 __HDC C:\ProgramData\{9E7BD413-9B42-4EEC-96F4-6FF3CF9791A2} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2022-09-25 17:05 - 2022-09-25 17:05 - 000000000 __HDC C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{AD2628D6-C822-4033-AC55-33D833EF2EC9} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{8D4C602D-E844-4297-BB00-303F1AFBDCBE} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{07D05344-6233-4934-88BF-C7E4EEFF9D28} 2022-09-25 17:04 - 2022-09-25 17:04 - 000000000 __HDC C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE} 2022-09-25 17:01 - 2022-09-25 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2022-09-25 17:01 - 2022-09-25 17:05 - 000000000 ____D C:\Program Files\Native Instruments 2022-09-25 17:01 - 2022-09-25 17:04 - 000000000 ____D C:\Program Files\Common Files\Native Instruments 2022-09-25 17:01 - 2022-09-25 17:02 - 000000000 ____D C:\ProgramData\Native Instruments 2022-09-25 17:01 - 2022-09-25 17:01 - 000000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} 2022-09-25 16:59 - 2022-09-28 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2022-09-25 16:59 - 2022-09-28 09:23 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2022-09-25 16:59 - 2022-09-28 09:22 - 000000000 ____D C:\Program Files (x86)\VstPlugins 2022-09-25 16:59 - 2022-09-25 17:16 - 000000000 ____D C:\Program Files\Common Files\VST2 2022-09-25 16:59 - 2022-09-25 16:59 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2022-09-25 16:59 - 2022-09-25 16:59 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software 2022-09-25 16:59 - 2022-09-25 16:59 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2 2022-09-25 16:58 - 2022-09-27 23:51 - 000000000 ____D C:\Program Files\VSTPlugins 2022-09-25 16:58 - 2022-09-27 18:31 - 000000000 ____D C:\Program Files\Common Files\VST3 2022-09-25 16:58 - 2022-09-25 16:58 - 000000000 ____D C:\Users\pabio\AppData\Roaming\IgniteVST 2022-09-25 16:55 - 2022-09-25 16:55 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk 2022-09-25 16:55 - 2022-09-25 16:55 - 000000000 ____D C:\Users\pabio\Documents\Adobe 2022-09-25 16:54 - 2022-09-25 17:10 - 000000000 ____D C:\Users\pabio\Documents\Tone2 2022-09-25 16:54 - 2022-09-25 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 2022-09-25 16:53 - 2022-09-25 16:53 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2022-09-25 16:53 - 2022-09-25 16:53 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2022-09-25 16:53 - 2022-09-25 16:53 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dada Life 2022-09-25 16:53 - 2022-09-25 16:53 - 000000000 ____D C:\Program Files (x86)\Steinberg 2022-09-25 16:52 - 2022-09-25 16:55 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-09-25 16:52 - 2022-09-25 16:53 - 000000000 ____D C:\ProgramData\Adobe 2022-09-25 16:52 - 2022-09-25 16:52 - 000000000 ____D C:\Users\pabio\AppData\Local\Adobe 2022-09-25 16:52 - 2022-09-25 16:52 - 000000000 ____D C:\Program Files\Adobe 2022-09-25 16:52 - 2022-09-25 16:52 - 000000000 ____D C:\Program Files (x86)\Adobe 2022-09-25 16:51 - 2022-09-25 17:04 - 000000000 ____D C:\ProgramData\Package Cache 2022-09-25 16:51 - 2022-09-25 16:52 - 000000000 ____D C:\Program Files\MH Thump 2022-09-25 16:51 - 2022-09-25 16:51 - 000000000 ____D C:\Program Files\Metric Halo 2022-09-25 16:51 - 2022-09-25 16:51 - 000000000 ____D C:\Program Files\Common Files\Steinberg 2022-09-25 16:51 - 2022-09-25 16:51 - 000000000 ____D C:\Program Files\Common Files\Digidesign 2022-09-25 16:51 - 2022-09-25 16:51 - 000000000 ____D C:\Program Files\Common Files\Avid 2022-09-25 16:51 - 2022-09-25 16:51 - 000000000 ____D C:\Program Files (x86)\Metric Halo 2022-09-25 16:41 - 2022-09-25 16:41 - 000000000 ____D C:\WINDOWS\OEM 2022-09-25 16:40 - 2022-09-25 16:09 - 000000000 ____D C:\WINDOWS\Panther 2022-09-25 16:38 - 2022-09-25 16:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\Setup 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\OCR 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\addins 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\ProgramData\ssh 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\Program Files\MSBuild 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-09-25 16:38 - 2022-09-25 16:38 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-09-25 16:38 - 2022-09-25 16:11 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-09-25 16:37 - 2022-09-28 15:47 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat 2022-09-25 16:37 - 2022-09-28 15:47 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat 2022-09-25 16:37 - 2022-09-25 16:37 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat 2022-09-25 16:37 - 2022-09-25 16:37 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\winrm 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\WCN 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\slmgr 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\fr 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\0409 2022-09-25 16:37 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\DigitalLocker 2022-09-25 16:36 - 2022-09-28 19:29 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-09-25 16:36 - 2022-09-28 19:28 - 000000000 ___HD C:\Program Files\WindowsApps 2022-09-25 16:36 - 2022-09-28 19:28 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-09-25 16:36 - 2022-09-28 00:57 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2022-09-25 16:36 - 2022-09-27 18:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-09-25 16:36 - 2022-09-27 18:31 - 000000000 ___RD C:\Program Files (x86) 2022-09-25 16:36 - 2022-09-26 10:56 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2022-09-25 16:36 - 2022-09-25 16:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-09-25 16:36 - 2022-09-25 16:40 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2022-09-25 16:36 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2022-09-25 16:36 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\SystemResources 2022-09-25 16:36 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-09-25 16:36 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\system32\setup 2022-09-25 16:36 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-09-25 16:36 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\system32\MUI 2022-09-25 16:36 - 2022-09-25 16:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ___SD C:\WINDOWS\system32\F12 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ___SD C:\WINDOWS\system32\dsc 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\system32\Com 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\IME 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\WINDOWS\Help 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\Program Files\Common Files\System 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\Program Files (x86)\Windows NT 2022-09-25 16:36 - 2022-09-25 16:37 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 __SHD C:\Program Files\Windows Sidebar 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 __RSD C:\WINDOWS\Media 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 __RHD C:\Users\Public\Libraries 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___SD C:\WINDOWS\system32\Nui 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Web 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\WaaS 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Vss 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\tracing 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\TAPI 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SystemApps 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\winevt 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ti-et 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ta-in 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\si-lk 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ras 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\my-mm 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\Macromed 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\Keywords 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\IME 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\icsxml 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ias 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\DriverState 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\downlevel 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\am-et 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\System 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SKB 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\security 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\schemas 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\SchCache 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Resources 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\rescache 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Registration 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Provisioning 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\PLA 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Performance 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\ModemLogs 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\L2Schemas 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\InputMethod 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\IdentityCRL 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Globalization 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\DiagTrack 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Cursors 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Containers 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\Branding 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\ProgramData\USOShared 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\Program Files\Windows Security 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\Program Files\Windows Portable Devices 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\Program Files\ModifiableWindowsApps 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\Program Files\Common Files\Services 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2022-09-25 16:36 - 2022-09-25 16:36 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2022-09-25 16:36 - 2022-09-25 16:35 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2022-09-25 16:36 - 2022-09-25 16:35 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2022-09-25 16:36 - 2022-09-25 16:35 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2022-09-25 16:36 - 2022-09-25 16:35 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services 2022-09-25 16:36 - 2022-09-25 16:35 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2022-09-25 16:36 - 2022-09-25 16:35 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config 2022-09-25 16:36 - 2022-09-25 16:35 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config 2022-09-25 16:36 - 2022-09-25 16:35 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2022-09-25 16:36 - 2022-09-25 16:35 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2022-09-25 16:36 - 2022-09-25 16:35 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2022-09-25 16:36 - 2022-09-25 16:35 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2022-09-25 16:36 - 2022-09-25 16:35 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2022-09-25 16:36 - 2022-09-25 16:35 - 000000219 _____ C:\WINDOWS\system.ini 2022-09-25 16:36 - 2022-09-25 16:35 - 000000092 _____ C:\WINDOWS\win.ini 2022-09-25 16:36 - 2022-09-25 16:35 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-09-25 16:36 - 2022-09-25 16:35 - 000000000 ____D C:\WINDOWS\ServiceState 2022-09-25 16:36 - 2022-09-25 16:33 - 000000000 ____D C:\Program Files\Windows Defender 2022-09-25 16:36 - 2022-09-25 16:18 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-09-25 16:36 - 2022-09-25 16:12 - 000000000 ____D C:\ProgramData\USOPrivate 2022-09-25 16:36 - 2022-09-25 16:11 - 000000000 ____D C:\WINDOWS\system32\spool 2022-09-25 16:36 - 2022-09-25 16:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2022-09-25 16:36 - 2022-09-25 16:09 - 000000000 ____D C:\Program Files\Windows NT 2022-09-25 16:36 - 2022-09-25 16:08 - 000000000 ____D C:\WINDOWS\appcompat 2022-09-25 16:35 - 2022-09-28 15:47 - 000000000 ____D C:\WINDOWS\INF 2022-09-25 16:35 - 2022-09-25 16:35 - 000000000 ____D C:\Users\pabio\AppData\Local\Comms 2022-09-25 16:33 - 2022-09-25 16:47 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-09-25 16:32 - 2022-09-28 15:06 - 077332480 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-09-25 16:32 - 2022-09-28 15:06 - 014680064 _____ C:\WINDOWS\system32\config\SYSTEM 2022-09-25 16:32 - 2022-09-28 15:06 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-09-25 16:32 - 2022-09-28 15:06 - 000262144 _____ C:\WINDOWS\system32\config\DEFAULT 2022-09-25 16:32 - 2022-09-28 15:06 - 000131072 _____ C:\WINDOWS\system32\config\SAM 2022-09-25 16:32 - 2022-09-28 15:06 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY 2022-09-25 16:32 - 2022-09-28 01:12 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-09-25 16:32 - 2022-09-25 16:47 - 000000000 ____D C:\WINDOWS\servicing 2022-09-25 16:32 - 2022-09-25 16:36 - 000000000 ____D C:\WINDOWS\system32\SMI 2022-09-25 16:32 - 2022-09-25 16:32 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2022-09-25 16:30 - 2022-09-25 17:06 - 000000000 ___HD C:\$SysReset 2022-09-25 16:24 - 2022-09-28 17:29 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-09-25 16:24 - 2022-09-28 17:28 - 000000000 ____D C:\Users\pabio\AppData\LocalLow\Mozilla 2022-09-25 16:24 - 2022-09-25 16:25 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-09-25 16:24 - 2022-09-25 16:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-09-25 16:24 - 2022-09-25 16:24 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2022-09-25 16:24 - 2022-09-25 16:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-09-25 16:24 - 2022-09-25 16:24 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Mozilla 2022-09-25 16:24 - 2022-09-25 16:24 - 000000000 ____D C:\Users\pabio\AppData\Local\Mozilla 2022-09-25 16:24 - 2022-09-25 16:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-09-25 16:24 - 2022-09-25 16:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-09-25 16:23 - 2022-09-25 16:23 - 000000000 ____D C:\Users\pabio\AppData\Local\NVIDIA 2022-09-25 16:22 - 2022-09-28 18:27 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2716339065-3639594985-3930625846-1001 2022-09-25 16:22 - 2022-09-25 16:22 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-09-25 16:22 - 2022-09-25 16:22 - 000000000 ___HD C:\OneDriveTemp 2022-09-25 16:22 - 2022-09-25 16:22 - 000000000 ___HD C:\$WinREAgent 2022-09-25 16:22 - 2022-09-25 16:22 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-09-25 16:22 - 2022-09-25 16:22 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-09-25 16:21 - 2022-09-25 16:21 - 000351696 _____ (Mozilla) C:\Users\pabio\Downloads\Firefox Installer.exe 2022-09-25 16:20 - 2022-09-28 18:33 - 000000000 ___RD C:\Users\pabio\OneDrive 2022-09-25 16:20 - 2022-09-28 18:27 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2716339065-3639594985-3930625846-1001 2022-09-25 16:20 - 2022-09-28 15:42 - 000000000 ____D C:\Users\pabio\AppData\Local\PlaceholderTileLogoFolder 2022-09-25 16:20 - 2022-09-25 16:20 - 000000000 ____D C:\Users\pabio\AppData\LocalLow\AMD 2022-09-25 16:20 - 2022-09-25 16:20 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-09-25 16:18 - 2022-09-28 15:42 - 000000000 ____D C:\Users\pabio\AppData\Local\Packages 2022-09-25 16:18 - 2022-09-28 15:42 - 000000000 ____D C:\ProgramData\Packages 2022-09-25 16:18 - 2022-09-28 13:15 - 000000000 ____D C:\Users\pabio\AppData\Local\D3DSCache 2022-09-25 16:18 - 2022-09-27 23:53 - 000000000 ____D C:\Users\pabio\AppData\Local\VirtualStore 2022-09-25 16:18 - 2022-09-26 10:56 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-09-25 16:18 - 2022-09-26 10:55 - 000000000 ____D C:\Users\pabio\AppData\Local\ConnectedDevicesPlatform 2022-09-25 16:18 - 2022-09-25 17:28 - 000000000 ____D C:\Users\pabio\AppData\Local\AMD 2022-09-25 16:18 - 2022-09-25 16:55 - 000000000 ____D C:\Users\pabio\AppData\Roaming\Adobe 2022-09-25 16:18 - 2022-09-25 16:18 - 000000000 ___RD C:\Users\pabio\3D Objects 2022-09-25 16:18 - 2022-09-25 16:18 - 000000000 ____D C:\Users\pabio\AppData\Local\Publishers 2022-09-25 16:15 - 2022-09-28 18:27 - 000002421 _____ C:\Users\pabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-09-25 16:15 - 2022-09-28 15:47 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-09-25 16:15 - 2022-09-26 10:55 - 000000000 ____D C:\Users\pabio 2022-09-25 16:15 - 2022-09-25 16:15 - 000000020 ___SH C:\Users\pabio\ntuser.ini 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Voisinage réseau 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Voisinage d'impression 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Modèles 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Mes documents 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Menu Démarrer 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Documents\Mes vidéos 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Documents\Mes images 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\Documents\Ma musique 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-09-25 16:15 - 2022-09-25 16:15 - 000000000 _SHDL C:\Users\pabio\AppData\Local\Historique 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Public\Documents\Mes vidéos 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Public\Documents\Mes images 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Public\Documents\Ma musique 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Modèles 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Mes documents 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Documents\Mes images 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\Documents\Ma musique 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\Default User 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Users\All Users 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\ProgramData\Modèles 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\ProgramData\Bureau 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Program Files\Fichiers communs 2022-09-25 16:09 - 2022-09-25 16:09 - 000000000 _SHDL C:\Documents and Settings 2022-09-25 16:08 - 2022-09-28 19:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-09-25 16:08 - 2022-09-28 16:49 - 000000000 ____D C:\ProgramData\NVIDIA 2022-09-25 16:08 - 2022-09-28 15:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-09-25 16:08 - 2022-09-26 12:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-09-25 16:08 - 2022-09-25 16:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-09-25 16:08 - 2022-09-25 16:18 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-09-25 16:08 - 2022-09-25 16:18 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-09-25 16:08 - 2022-09-25 16:08 - 000000000 ____D C:\WINDOWS\system32\lxss 2022-09-25 16:08 - 2022-09-25 16:08 - 000000000 ____D C:\WINDOWS\system32\DTS 2022-09-25 16:08 - 2022-09-25 16:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\RivetNetworks 2022-09-25 16:08 - 2022-09-25 16:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2022-09-25 16:08 - 2022-09-25 16:08 - 000000000 ____D C:\WINDOWS\system32\AMD 2022-09-25 16:08 - 2022-09-25 16:08 - 000000000 ____D C:\ProgramData\RivetNetworks 2022-09-25 16:07 - 2022-09-28 19:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-09-25 16:07 - 2022-09-28 15:40 - 000008192 ___SH C:\DumpStack.log.tmp 2022-09-25 16:07 - 2022-09-25 16:07 - 000258128 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-09-25 16:07 - 2022-09-25 16:07 - 000000112 ___SH C:\bootTel.dat 2022-09-25 16:07 - 2022-09-25 16:07 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-09-14 09:36 - 2022-09-14 09:36 - 000413696 ____N C:\WINDOWS\system32\AzureCheck.dll 2022-09-14 09:36 - 2022-09-14 09:36 - 000288768 ____N C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-09-14 09:36 - 2022-09-14 09:36 - 000098816 ____N C:\WINDOWS\system32\Drivers\cimfs.sys 2022-09-14 09:36 - 2022-09-14 09:36 - 000060928 ____N C:\WINDOWS\system32\runexehelper.exe 2022-09-14 09:36 - 2022-09-14 09:36 - 000011813 ____N C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-09-08 21:15 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys 2022-09-08 21:15 - 2021-10-08 11:00 - 000065144 _____ (QUALCOMM Incorporated) C:\WINDOWS\system32\Drivers\ssudqcfilter.sys 2022-08-19 14:04 - 2018-05-16 17:23 - 000056376 _____ (Bome Software GmbH & Co. KG) C:\WINDOWS\system32\Drivers\bomebus.sys 2022-08-10 14:40 - 2022-08-10 14:40 - 000581120 ____N (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-10 14:40 - 2022-08-10 14:40 - 000499200 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-10 14:40 - 2022-08-10 14:40 - 000162304 ____N C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-10 14:40 - 2022-08-10 14:40 - 000089088 ____N C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-10 14:40 - 2022-08-10 14:40 - 000073216 ____N C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 002260480 ____N C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000693248 ____N C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000640512 ____N C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000530944 ____N (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-19 14:16 - 2022-07-19 14:16 - 000470528 ____N (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-19 14:16 - 2022-07-19 14:16 - 000270848 ____N C:\WINDOWS\system32\EsclScan.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000152064 ____N C:\WINDOWS\system32\EsclProtocol.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000061952 ____N C:\WINDOWS\system32\printticketvalidation.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000057344 ____N C:\WINDOWS\system32\APMonUI.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000033280 ____N (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-19 14:16 - 2022-07-19 14:16 - 000026624 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-19 14:16 - 2022-07-19 14:16 - 000024576 ____N C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000020992 ____N (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-19 14:16 - 2022-07-19 14:16 - 000018944 ____N C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-19 14:16 - 2022-07-19 14:16 - 000017920 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-19 14:16 - 2022-07-19 14:16 - 000014848 ____N (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-19 14:16 - 2022-07-19 14:16 - 000012800 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) ==================== SigCheckExt ========================= 2022-09-25 16:53 - 2022-09-25 16:53 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2022-09-25 16:53 - 2022-09-25 16:53 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2022-09-28 19:31 - 2022-09-28 19:31 - 002371072 _____ (Farbar) C:\Users\pabio\Desktop\FRST64.exe 2022-09-28 19:22 - 2022-09-28 19:22 - 003508424 _____ (Nicolas Coolman) C:\Users\pabio\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {1da1f84f-7381-11ec-afa1-c52ffcb2b51a} {1da1f850-7381-11ec-afa1-c52ffcb2b51a} {1da1f851-7381-11ec-afa1-c52ffcb2b51a} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {db9f3849-3cdf-11ed-a232-c7152c28e004} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {1da1f84f-7381-11ec-afa1-c52ffcb2b51a} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {1da1f850-7381-11ec-afa1-c52ffcb2b51a} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {1da1f851-7381-11ec-afa1-c52ffcb2b51a} description EFI Network Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {db9f3849-3cdf-11ed-a232-c7152c28e004} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {db9f3849-3cdf-11ed-a232-c7152c28e004} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} ==================== Fin de FRST.txt ========================