Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2024 01 Ran by rufus (administrator) on BEELINKU59 (AZW U59) (16-12-2024 16:35:38) Running from C:\Users\rufus\OneDrive\Bureau\FRST64.exe Loaded Profiles: rufus Platform: Microsoft Windows 11 Pro Version 24H2 26100.2605 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.290\DiscoverySrv.exe (C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe (C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <4> (C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe (C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\Google\Drive File Stream\100.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\100.0.2.0\crashpad_handler.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe <7> (cmd.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdtrackersnmh.exe (explorer.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\100.0.2.0\GoogleDriveFS.exe <7> (explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE <2> (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3> (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnService.exe (services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe (services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_5207db0559876a61\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_2ca0a47853f51398\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_401fde8782680631\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8378bbc5c6d71266\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24111.37.0_x64__cw5n1h2txyewy\CrossDeviceService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088776 2024-12-13] (Bitdefender SRL -> Bitdefender) HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [501424 2024-11-27] (Bitdefender SRL -> Bitdefender) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.99\Installer\setup.exe [6871592 2024-12-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\100.0.2.0\GoogleDriveFS.exe [61417568 2024-11-20] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2012-07-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [241280 2012-07-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\rufus\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [83426848 2024-12-12] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\rufus\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File) HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\...\RunOnce: [Uninstall 24.221.1103.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\rufus\AppData\Local\Microsoft\OneDrive\24.221.1103.0003" [0 2024-12-12] () <==== ATTENTION [zero byte File/Folder] HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.140\Installer\chrmstp.exe [2024-12-13] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {AB8A43D3-7196-42EA-B35C-147E9C790E46} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.290\WatchDog.exe [1156904 2024-11-20] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.0.1.290\repair Task: {202CB2C6-50D9-4962-A38F-21BE26A32657} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) Task: {4D18A47B-B18E-42A9-A442-D1982D521C86} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b905b5e2-0c9f-4e53-b8b4-dbe632a94d71" --version "6.31.11415" --silent Task: {67B040C9-7AB7-4380-A577-F23CEDA502DA} - System32\Tasks\CCleanerSkipUAC - rufus => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) Task: {44457728-9B41-498F-9A89-2EF8A6CFA82B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{D5477139-C043-44CD-BBDC-88C3C05219A7} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC) Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{62387fb7-4c3e-4885-8299-904c95ee2c4d}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{62387fb7-4c3e-4885-8299-904c95ee2c4d}: [DhcpDomain] home Tcpip\..\Interfaces\{722d1dab-de4e-47cf-b44e-8424bef48f24}: [DhcpNameServer] 192.168.212.71 Tcpip\..\Interfaces\{d0f76af9-550a-4a21-8923-f3210301c6d8}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\rufus\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-16] Edge Extension: (Bitdefender Anti-tracker) - C:\Users\rufus\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2024-10-29] Edge Extension: (Google Docs Offline) - C:\Users\rufus\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-29] Edge Extension: (Edge relevant text changes) - C:\Users\rufus\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-10-29] Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl] FireFox: ======== FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2024-10-23] [Legacy] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default [2024-12-16] CHR StartupUrls: Default -> "chrome://apps/" CHR Extension: (Popup Blocker (strict)) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aefkmifgmaafnojlojpnekbpbmjiiogg [2024-12-02] CHR Extension: (WOT: Website Security & Safety Checker) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2024-10-29] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-12-16] CHR Extension: (Adblock for Youtube™) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2024-10-29] CHR Extension: (Google Docs Offline) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-26] CHR Extension: (Bitdefender Anti-tracker) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2024-10-29] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-10-31] CHR Extension: (YouTube NonStop) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlkaejimjacpillmajjnopmpbkbnocid [2024-10-29] CHR Extension: (Fluff Busting Purity) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2024-10-29] CHR Extension: (Chrome Web Store Payments) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-29] CHR Extension: (Bookmarks clean up) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncbjlgldmiagjophlhobkogeladjijl [2024-10-29] CHR Extension: (Streak CRM for Gmail) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2024-12-11] CHR Profile: C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-12-16] CHR Extension: (Google Docs Offline) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-03] CHR Extension: (Bitdefender Anti-tracker) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2024-11-08] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-11-08] CHR Extension: (Chrome Web Store Payments) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-08] CHR Profile: C:\Users\rufus\AppData\Local\Google\Chrome\User Data\System Profile [2024-11-22] CHR HKU\S-1-5-21-2261072190-2545712912-3077326082-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2024-12-13] (Bitdefender SRL -> Bitdefender) R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender) R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966176 2023-07-20] (Bitdefender SRL -> Bitdefender) R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender) R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender) R2 bdvpnservice; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [516928 2024-11-27] (Bitdefender SRL -> Bitdefender) R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9433496 2024-12-02] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-31] (Malwarebytes Inc. -> Malwarebytes) S3 MuseHub Updater Service; C:\Program Files\WindowsApps\Muse.MuseHub_2.0.30.1516_x64__rb9pth70m6nz6\Muse.Updater.exe [7815248 2024-12-06] (Musecy SM Ltd. -> Muse.Updater) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [714200 2024-11-20] (Bitdefender SRL -> Bitdefender) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2024-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291224 2024-12-13] (Bitdefender SRL -> Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2024-12-13] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3174840 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [133592 2024-04-01] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [581632 2024-12-05] (Microsoft Windows -> Microsoft Corporation) R3 ANXUcmCxCD; C:\WINDOWS\System32\drivers\ANXUcmCxCD.sys [101608 2021-01-26] (Analogix Semiconductor, Inc. -> ) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7505856 2024-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [969664 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2024-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender) R3 bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [49200 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL) S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [42432 2024-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1490896 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA) R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 GSCAuxDriver; C:\WINDOWS\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_62ac65f380934fca\GSCAuxDriverx64.sys [76040 2021-03-22] (Intel(R) pGFX 2020 -> Intel Corporation) S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_b24682990e7a30b7\TeeDriverGSCW8x64.sys [251136 2021-03-22] (Intel(R) pGFX 2020 -> Intel Corporation) R2 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [849968 2024-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1403456 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [55856 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [594304 2024-04-01] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [105856 2024-04-01] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-11-08] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-12-16 16:35 - 2024-12-16 16:36 - 000021416 _____ C:\Users\rufus\OneDrive\Bureau\FRST.txt 2024-12-16 16:34 - 2024-12-16 16:34 - 000000000 ____D C:\Users\rufus\OneDrive\Bureau\FRST-OlderVersion 2024-12-15 12:06 - 2024-12-15 12:06 - 000790458 _____ C:\WINDOWS\system32\perfh00C.dat 2024-12-15 12:06 - 2024-12-15 12:06 - 000158540 _____ C:\WINDOWS\system32\perfc00C.dat 2024-12-15 09:41 - 2024-12-15 09:41 - 000050421 _____ C:\Users\rufus\Downloads\Pink Floyd - Another brick in the wall.pdf 2024-12-15 09:40 - 2024-12-15 09:40 - 000044989 _____ C:\Users\rufus\Downloads\ACDC - Highway-to-hell.pdf 2024-12-14 08:23 - 2024-12-14 08:23 - 000425175 _____ C:\Users\rufus\Downloads\Creedence Clearwater Revival - Have you ever seen a rain.pdf 2024-12-11 09:59 - 2024-12-16 14:34 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-12-06 13:36 - 2024-12-06 13:36 - 000260436 _____ C:\Users\rufus\Downloads\RIB O'Callaghan Auto Entrepreneur.pdf 2024-12-06 08:16 - 2024-12-06 08:16 - 000000998 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json 2024-12-06 08:15 - 2024-12-06 08:15 - 000027132 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-12-06 08:15 - 2024-12-06 08:15 - 000027132 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-12-05 14:12 - 2024-12-05 14:12 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2024-12-05 14:09 - 2024-12-12 01:42 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2261072190-2545712912-3077326082-1001 2024-12-05 14:09 - 2024-12-12 01:42 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2261072190-2545712912-3077326082-1001 2024-12-05 14:09 - 2024-12-12 01:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-12-05 14:09 - 2024-12-12 01:02 - 000002818 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-12-05 14:09 - 2024-12-12 00:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-12-05 14:09 - 2024-12-05 14:11 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2024-12-05 14:09 - 2024-12-05 14:09 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-12-05 14:09 - 2024-12-05 14:09 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-12-05 14:09 - 2024-12-05 14:09 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2261072190-2545712912-3077326082-500 2024-12-05 14:09 - 2024-12-05 14:09 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2261072190-2545712912-3077326082-500 2024-12-05 14:09 - 2024-12-05 14:09 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - rufus 2024-12-05 14:09 - 2024-12-05 14:09 - 000000020 ___SH C:\Users\rufus\ntuser.ini 2024-12-05 14:09 - 2024-12-05 14:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2024-12-05 14:09 - 2021-11-01 10:58 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3320587094-95556775-1299287474-500 2024-12-05 14:08 - 2024-12-15 12:06 - 001774664 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-12-05 14:07 - 2024-12-05 14:07 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network 2024-12-05 14:04 - 2024-12-16 16:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-12-05 14:04 - 2024-12-12 00:45 - 000334808 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-12-05 14:04 - 2024-12-12 00:45 - 000000438 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2024-12-05 13:50 - 2024-12-05 14:04 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Crypto 2024-12-05 13:50 - 2024-12-05 13:50 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\SystemCertificates 2024-12-05 13:50 - 2024-12-05 13:50 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Network 2024-12-05 13:45 - 2024-12-05 14:09 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows 2024-12-05 13:45 - 2024-12-05 14:09 - 000000000 ____D C:\Users\rufus 2024-12-05 13:45 - 2024-12-05 14:04 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2024-12-05 13:45 - 2024-12-05 14:04 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Spelling 2024-12-05 13:43 - 2024-12-05 13:45 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2024-12-05 13:31 - 2024-12-05 13:31 - 000005264 _____ C:\WINDOWS\system32\ecoscore_config.json 2024-12-05 13:21 - 2024-12-05 13:21 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2024-12-05 13:21 - 2024-12-05 13:21 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2024-12-05 13:21 - 2024-12-05 13:21 - 000000000 ____D C:\WINDOWS\addins 2024-12-05 13:20 - 2024-12-05 13:20 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2024-12-05 13:20 - 2024-12-05 13:20 - 000000000 ____D C:\Program Files\Reference Assemblies 2024-12-05 13:20 - 2024-12-05 13:20 - 000000000 ____D C:\Program Files\MSBuild 2024-12-05 13:20 - 2024-12-05 13:20 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2024-12-05 13:20 - 2024-12-05 13:20 - 000000000 ____D C:\Program Files (x86)\MSBuild 2024-12-05 13:18 - 2024-12-05 13:18 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2024-12-05 13:18 - 2024-12-05 13:18 - 000000000 ____D C:\WINDOWS\system32\fr 2024-12-05 13:01 - 2024-12-05 13:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2024-12-05 11:32 - 2024-12-16 14:35 - 000000000 ___DC C:\WINDOWS\Panther 2024-12-03 19:46 - 2024-12-03 19:46 - 000088273 _____ C:\Users\rufus\Downloads\document.pdf 2024-12-02 16:28 - 2024-12-02 16:28 - 000120179 _____ C:\Users\rufus\Downloads\Wind Of Change - Scorpions.pdf 2024-12-02 16:28 - 2024-12-02 16:28 - 000120179 _____ C:\Users\rufus\Downloads\kupdf.net_1-scorpions-wind-of-change-drum-sheet-music (1) (1).pdf 2024-12-02 16:28 - 2024-12-02 16:28 - 000041210 _____ C:\Users\rufus\Downloads\Wind of Change - Scorpions - Batterie.pdf 2024-12-02 16:27 - 2024-12-02 16:27 - 000120179 _____ C:\Users\rufus\Downloads\Scorpions - Wind Of Change.pdf 2024-12-02 12:59 - 2024-12-02 12:59 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2024-12-02 12:48 - 2024-12-05 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN 2024-12-02 12:48 - 2024-12-02 12:48 - 000231288 _____ C:\ProgramData\vpn.1733140102.bdinstall.v2.bin 2024-12-02 12:48 - 2024-12-02 12:48 - 000101360 _____ C:\ProgramData\vpn.uninstall.1733140105.bdinstall.v2.bin 2024-11-29 16:21 - 2024-11-29 16:21 - 000094304 _____ C:\ProgramData\agent.update.1732893705.bdinstall.v2.bin 2024-11-29 15:25 - 2024-11-29 15:25 - 000008273 _____ C:\Users\rufus\OneDrive\Bureau\ZHPCleaner (S).html 2024-11-29 15:25 - 2024-11-29 15:25 - 000002291 _____ C:\Users\rufus\OneDrive\Bureau\ZHPCleaner (S).txt 2024-11-28 12:03 - 2024-11-28 12:03 - 000113530 _____ C:\Users\rufus\Downloads\Mathieu Fiset - Chick's Pain.pdf 2024-11-25 17:08 - 2024-11-25 17:10 - 000000000 ___RD C:\Users\rufus\OneDrive\Bureau\Hugo Screen Grabs 2024-11-25 16:28 - 2024-11-25 16:28 - 000029143 _____ C:\Users\rufus\Downloads\Neil Young - Heart of gold (1).pdf 2024-11-25 16:27 - 2024-11-25 16:27 - 000029143 _____ C:\Users\rufus\Downloads\heart of gold 2 - Neil young.pdf 2024-11-25 16:26 - 2024-11-25 16:26 - 000029143 _____ C:\Users\rufus\Downloads\Neil Young - Heart of gold.pdf 2024-11-22 14:06 - 2024-12-05 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2024-11-22 14:06 - 2024-11-22 14:06 - 000000000 ____D C:\Program Files\EpsonNet 2024-11-22 14:06 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll 2024-11-22 14:06 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll 2024-11-22 14:06 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll 2024-11-22 14:06 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll 2024-11-22 14:06 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll 2024-11-22 14:06 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll 2024-11-22 13:56 - 2024-11-22 13:56 - 000000000 ____D C:\Users\rufus\AppData\Roaming\EPSON 2024-11-22 10:55 - 2024-11-22 10:55 - 000001969 _____ C:\Users\rufus\Downloads\Auray - Lorient Bretagne Sud - 2024-11-24.ics 2024-11-21 12:42 - 2024-11-21 12:42 - 003070159 _____ (WWW.WIC.SUPPORT ) C:\Users\rufus\Downloads\wicreset.exe 2024-11-21 12:42 - 2024-11-21 12:42 - 000000000 ____D C:\Users\rufus\AppData\Roaming\wicreset 2024-11-21 12:25 - 2024-11-21 12:25 - 000060156 _____ C:\Users\rufus\Downloads\bulletin O'Callaghan oct 24.pdf 2024-11-21 12:02 - 2024-11-21 12:02 - 000655499 _____ C:\Users\rufus\Downloads\bilan0002 2024-11-21 12:02 - 2024-11-21 12:02 - 000651549 _____ C:\Users\rufus\Downloads\bilan 2024-11-21 12:02 - 2024-11-21 12:02 - 000141771 _____ C:\Users\rufus\Downloads\20241115agspea.pdf 2024-11-21 10:51 - 2024-12-16 16:36 - 000000000 ____D C:\FRST 2024-11-21 10:49 - 2024-12-16 16:34 - 002402816 _____ (Farbar) C:\Users\rufus\OneDrive\Bureau\FRST64.exe 2024-11-20 12:07 - 2024-11-21 11:37 - 000015835 _____ C:\Users\rufus\OneDrive\Bureau\ASSEMBLÉE GÉNÉRALE IHAD.odt 2024-11-20 12:05 - 2024-11-20 12:05 - 000015867 _____ C:\Users\rufus\OneDrive\Bureau\ASSEMBLÉE GÉNÉRALE MAC.odt 2024-11-20 11:52 - 2024-11-20 12:05 - 000015867 _____ C:\Users\rufus\OneDrive\Bureau\ASSEMBLÉE GÉNÉRALE.odt 2024-11-20 11:49 - 2024-11-21 10:14 - 000015398 _____ C:\Users\rufus\OneDrive\Bureau\183.odt 2024-11-18 11:10 - 2024-11-18 11:10 - 000081622 _____ C:\Users\rufus\Downloads\St Phil En Art Commande fournitures de batterie Rufus Octobre 2024.pdf 2024-11-17 09:52 - 2024-11-17 09:52 - 007059427 _____ C:\Users\rufus\Downloads\Imagine-Dragons-Natural.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-12-16 16:10 - 2024-10-29 14:03 - 000000000 ___SD C:\Users\rufus\AppData\Roaming\Microsoft\Credentials 2024-12-16 14:39 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps 2024-12-16 14:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-12-16 14:34 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-12-16 14:29 - 2024-10-31 13:31 - 000000000 ____D C:\Users\rufus\AppData\Roaming\vlc 2024-12-16 13:12 - 2024-10-31 13:28 - 000000000 ____D C:\Program Files\CCleaner 2024-12-16 12:58 - 2024-11-10 13:23 - 000000000 ____D C:\Users\rufus\AppData\Local\JDownloader 2.0 2024-12-16 09:14 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-12-15 12:06 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF 2024-12-14 18:54 - 2021-11-01 10:54 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-12-14 15:58 - 2024-10-31 12:33 - 000003865 _____ C:\Users\rufus\OneDrive\Bureau\CMB.txt 2024-12-13 08:14 - 2024-10-29 14:08 - 000000000 ____D C:\Users\rufus\AppData\Local\Packages 2024-12-13 08:14 - 2024-04-01 08:21 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2024-12-13 07:48 - 2024-10-29 14:36 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-12-12 14:45 - 2024-10-29 14:08 - 000000000 ____D C:\Users\rufus\AppData\Local\D3DSCache 2024-12-12 07:47 - 2024-10-31 13:32 - 000000000 ____D C:\Users\rufus\AppData\Local\Malwarebytes 2024-12-12 07:46 - 2024-10-31 13:34 - 000000000 ____D C:\Users\rufus\AppData\Local\Muse Hub 2024-12-12 01:42 - 2024-10-29 14:10 - 000002383 _____ C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-12-12 01:42 - 2024-10-29 14:10 - 000000000 ___RD C:\Users\rufus\OneDrive 2024-12-12 01:02 - 2024-10-31 13:28 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-12-12 01:00 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate 2024-12-12 00:47 - 2024-10-31 13:34 - 000000000 ____D C:\Users\rufus\AppData\Local\MuseSampler 2024-12-12 00:47 - 2024-10-31 13:34 - 000000000 ____D C:\ProgramData\boost_interprocess 2024-12-12 00:45 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState 2024-12-12 00:45 - 2021-11-01 11:03 - 000000000 ____D C:\Intel 2024-12-12 00:45 - 2021-11-01 10:53 - 000012288 ___SH C:\DumpStack.log.tmp 2024-12-12 00:44 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-12-12 00:44 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources 2024-12-12 00:44 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-12-12 00:44 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup 2024-12-12 00:44 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-12-12 00:44 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2024-12-06 12:03 - 2024-10-29 14:08 - 000000000 __SHD C:\Users\rufus\IntelGraphicsProfiles 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-12-06 11:59 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System 2024-12-05 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat 2024-12-05 14:09 - 2021-11-01 10:57 - 000000000 __RHD C:\Users\Public\AccountPictures 2024-12-05 14:09 - 2021-11-01 10:57 - 000000000 ____D C:\ProgramData\Packages 2024-12-05 14:04 - 2024-11-10 13:24 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2024-12-05 14:04 - 2024-10-31 13:33 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.15 2024-12-05 14:04 - 2024-10-31 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2024-12-05 14:04 - 2024-10-31 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReNamer 2024-12-05 14:04 - 2024-10-31 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2024-12-05 14:04 - 2024-10-29 14:49 - 000000000 ____D C:\WINDOWS\system32\elambkup 2024-12-05 14:04 - 2024-10-29 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security 2024-12-05 14:04 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-12-05 14:04 - 2024-04-01 08:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2024-12-05 14:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2024-12-05 14:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\spool 2024-12-05 14:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-12-05 14:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2024-12-05 14:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-12-05 14:04 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-12-05 14:04 - 2022-05-07 08:39 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2024-12-05 14:04 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-12-05 14:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2024-12-05 14:04 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2024-12-05 13:57 - 2024-04-01 08:29 - 000000000 ____D C:\WINDOWS\Setup 2024-12-05 13:49 - 2024-04-01 08:26 - 000000000 __RHD C:\Users\Public\Libraries 2024-12-05 13:48 - 2024-04-01 08:26 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2024-12-05 13:46 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-12-05 13:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2024-12-05 13:45 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\schemas 2024-12-05 13:45 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\OCR 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET 2024-12-05 13:40 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA 2024-12-05 13:39 - 2024-04-01 09:03 - 000000000 ___SD C:\WINDOWS\system32\AppV 2024-12-05 13:39 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2024-12-05 13:39 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\InboxApps 2024-12-05 13:39 - 2024-04-01 09:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2024-12-05 13:39 - 2024-04-01 09:03 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-12-05 13:39 - 2024-04-01 09:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemApps 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\te-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\or-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\km-KH 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\is-IS 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\id-ID 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\et-EE 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\es-MX 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Com 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\be-BY 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\as-IN 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\am-ET 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\IME 2024-12-05 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-12-05 13:39 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing 2024-12-05 13:35 - 2024-04-01 09:03 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2024-12-05 13:35 - 2024-04-01 09:03 - 000028898 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2024-12-05 13:35 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2024-12-05 13:35 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2024-12-05 13:31 - 2024-04-01 08:22 - 000063064 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcLpioDMA.dll 2024-12-05 13:31 - 2024-04-01 08:22 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcPseDMA.dll 2024-12-05 13:31 - 2024-04-01 08:22 - 000062944 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtPL080.dll 2024-12-05 13:20 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2024-12-05 13:20 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\MUI 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\system32\winrm 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\system32\WCN 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\system32\slmgr 2024-12-05 13:18 - 2024-04-01 09:00 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2024-12-05 13:18 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\dsc 2024-12-05 13:18 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender 2024-12-05 13:18 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2024-12-01 13:53 - 2024-10-29 14:15 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-11-29 16:21 - 2024-10-29 14:45 - 000000000 ____D C:\Program Files\Bitdefender Agent 2024-11-29 15:25 - 2024-11-13 09:50 - 000000000 ____D C:\Users\rufus\AppData\Roaming\ZHP 2024-11-22 14:06 - 2021-11-01 11:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2024-11-20 22:40 - 2024-10-31 13:28 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-11-20 22:40 - 2024-10-31 13:28 - 000002054 _____ C:\Users\rufus\OneDrive\Bureau\Google Drive.lnk 2024-11-20 12:02 - 2024-11-14 01:09 - 000000000 ____D C:\Users\rufus\AppData\Local\CrashDumps 2024-11-20 11:56 - 2024-10-31 13:34 - 000000000 ____D C:\Users\rufus\AppData\Local\Sentry 2024-11-19 11:56 - 2024-10-29 14:49 - 000969664 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci4.sys ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================