Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-02-2025
Ran by Nelly Atlan (administrator) on LAPTOP-UL15ITE5 (VAIO Corporation VJS144) (08-02-2025 19:22:35)
Running from C:\Users\Nelly Atlan\Downloads\FRST64.exe
Loaded Profiles: Nelly Atlan
Platform: Microsoft Windows 11 Pro Version 24H2 26100.3037 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe <13>
(Cisco Systems, Inc. -> Cisco Systems, Inc) C:\Users\Nelly Atlan\AppData\Local\Programs\Cisco Spark\CiscoCollabHost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_05a153f767b80b04\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_05a153f767b80b04\igfxEMN.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_3c3afc298e15df94\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\dptf_helper.exe
(DriverStore\FileRepository\icss_extension.inf_amd64_f00118f6aef6be28\UserAwarenessService.exe ->) (Intel Corporation -> Intel Corp) C:\Windows\System32\DriverStore\FileRepository\icss_extension.inf_amd64_f00118f6aef6be28\UserAwarenessHelper.exe
(DriverStore\FileRepository\vfep.inf_amd64_b69b96fbb203d067\VESMgr.exe ->) (VAIO Corporation -> VAIO Corporation) C:\Windows\System32\DriverStore\FileRepository\vfep.inf_amd64_b69b96fbb203d067\VESMgrSub.exe <2>
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Nelly Atlan\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <54>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (PC Helpsoft (7270356 Canada Inc) -> Avanquest) C:\Program Files\Avanquest\PC Cleaner\application\9.9.33904.5126\PC Cleaner.exe
(explorer.exe ->) (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.exe
(Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25007.607.3371.8436_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(services.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6f3c8717231b7f69\IgoAudioService_x64.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_3c3afc298e15df94\DAX3API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (Expressco Services LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corp) C:\Windows\System32\DriverStore\FileRepository\icss_extension.inf_amd64_f00118f6aef6be28\UserAwarenessService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_05a153f767b80b04\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82419944dda69b12\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_29670c30dd54a556\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b494dc8d947ec848\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\AS\IAS\IntelAudioService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (PC Helpsoft (7270356 Canada Inc) -> Avanquest) C:\Program Files\Avanquest\PC Cleaner\application\9.9.33904.5126\PC Cleaner Service.exe
(services.exe ->) (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe
(services.exe ->) (RCS LT, UAB -> RCS LT) C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aeb956cefa859cb1\RtkAudUService64.exe <2>
(services.exe ->) (VAIO Corporation -> VAIO Corporation) C:\Windows\System32\DriverStore\FileRepository\vfep.inf_amd64_b69b96fbb203d067\NetworkSupport.exe
(services.exe ->) (VAIO Corporation -> VAIO Corporation) C:\Windows\System32\DriverStore\FileRepository\vfep.inf_amd64_b69b96fbb203d067\VESMgr.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Nelly Atlan\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(sihost.exe ->) (7FCEBAED-C32E-4D2A-A70D-85C8CEBC2D2F -> VAIO Corporation) C:\Program Files\WindowsApps\VAIOCorporation.VAIOClippingTool_2.2.18090.0_x86__gsksapb6h6f3t\PictureClippingTool\BackgroundTask.exe
(sihost.exe ->) (7FCEBAED-C32E-4D2A-A70D-85C8CEBC2D2F -> VAIO Corporation) C:\Program Files\WindowsApps\VAIOCorporation.VAIOControlCenter_2.4.8230.0_x86__gsksapb6h6f3t\VCCMainUI\NetworkSetting\NetworkClient.exe
(sihost.exe ->) (7FCEBAED-C32E-4D2A-A70D-85C8CEBC2D2F -> VAIO Corporation) C:\Program Files\WindowsApps\VAIOCorporation.VAIOControlCenter_2.4.8230.0_x86__gsksapb6h6f3t\VCCMainUI\VCCStartup.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25011.11.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6f3c8717231b7f69\iGoSwServer.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.25.208.1\neo\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aeb956cefa859cb1\RtkAudUService64.exe [3423632 2022-01-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Combo Cleaner] => C:\Program Files (x86)\Combo Cleaner\ComboCleaner.exe [2024064 2021-11-05] (RCS LT, UAB -> RCS LT)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PC Cleaner] => C:\Program Files\Avanquest\PC Cleaner\application\9.9.33904.5126\PC Cleaner.exe [7212984 2025-01-14] (PC Helpsoft (7270356 Canada Inc) -> Avanquest)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [381232 2024-03-27] (Expressco Services LLC -> ExpressVPN)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1151346358-4024040651-264034373-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007376 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1151346358-4024040651-264034373-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Nelly Atlan\AppData\Local\WebEx\WebexHost.exe [7272024 2024-11-06] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1151346358-4024040651-264034373-1001\...\Run: [CiscoSpark] => C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1486 2024-12-10] () [File not signed]
HKU\S-1-5-21-1151346358-4024040651-264034373-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11469784 2023-09-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1151346358-4024040651-264034373-1001\...\Run: [hiveDisk] => C:\Users\Nelly Atlan\AppData\Local\hive-desktop\update.exe [2185216 2025-02-04] () [File not signed]
HKU\S-1-5-21-1151346358-4024040651-264034373-1001\...\Run: [MicrosoftEdgeAutoLaunch_3614DBC4759911CF8816A257ECE42195] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3923496 2025-01-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2023-09-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON SX410 Series 64MonitorBE: E_ILMFCE.DLL (No File)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [954128 2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\133.0.6943.59\Installer\chrmstp.exe [2025-02-08] (Google LLC -> Google LLC)
Startup: C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2022-12-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {19985D7B-060F-4CA3-BAAD-08EE60C6A76E} - System32\Tasks\G2MUpdateTask-S-1-5-21-1151346358-4024040651-264034373-1001 => C:\Users\Nelly Atlan\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-11-28] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7C052AD1-FED6-4F72-8D6F-A70004056136} - System32\Tasks\G2MUploadTask-S-1-5-21-1151346358-4024040651-264034373-1001 => C:\Users\Nelly Atlan\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-11-28] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B69BCFAE-EFFC-4A35-AE5A-817BBFB70470} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{FBC9BECD-5DE0-4CDD-913A-80C9073B97D6} => C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe [5672544 2025-01-28] (Google LLC -> Google LLC)
Task: {845465F4-A2D9-4CB7-97F2-560AFD6F755F} - System32\Tasks\iGoAudioTask => C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6f3c8717231b7f69\iGoSwServer.exe [328960 2021-12-08] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {0EE7E65C-144C-42EE-B45A-EB7D71F663CE} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {67461E70-D443-4D26-9F73-5F3175EA9BAA} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {6990C0D9-E46D-459C-8554-E6A25F7B0943} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {6990C0D9-E46D-459C-8554-E6A25F7B0943} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {193BADB8-FA67-4F11-AA68-916B624DFFED} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\WPS\1.25.208.1\sustainability\mc-sustainability.exe [959704 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {792FCBAB-A6AF-47E6-AFA1-8D4D37B4A19D} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.25.208.1\dad\mc-dad.exe [2675544 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {1D5F7566-4938-46EE-8EED-418342B29FDF} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {1D5F7566-4938-46EE-8EED-418342B29FDF} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {F69A22F2-7327-487F-B52C-5453ED4D059E} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {F69A22F2-7327-487F-B52C-5453ED4D059E} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {1879C10C-0A57-47BA-A867-52D551384BE0} - System32\Tasks\McAfee\WPS\McAfee restart of PC => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {1879C10C-0A57-47BA-A867-52D551384BE0} - System32\Tasks\McAfee\WPS\McAfee restart of PC => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {50688FD1-0ECE-4902-AEA8-C7040647D788} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {CC2830EE-552A-4F38-864C-DC1453CF5334} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8F49E107-40B5-4EF8-940A-7284F99BD0C3} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.25.208.1\mc-update.exe [3338200 2024-12-11] (McAfee, LLC -> McAfee, LLC)
Task: {9CF03EA7-AEFD-4AE0-9A99-827482E50965} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {9D72CD90-EBCC-472F-8955-BED254510B94} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\WPS\1.25.208.1\mc-wns-client\mc-wns-client.exe [977808 2024-12-11] (McAfee, LLC -> )
Task: {A0B88076-349E-4D72-8985-29EA6F207E95} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312432 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {24E84336-E18A-45DF-9F91-2EE0F7F58395} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312432 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD1A59CF-613D-454C-B717-1305CED74B6E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752104 2025-01-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {D66D169F-990C-4B8F-B2AF-98FCA8B923F7} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [67280 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4738B57-3B1E-4B95-A58F-18390E5B730B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752104 2025-01-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A6BCD2F-14F9-400C-AF6D-50048B602676} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312432 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3E73163-57EB-43E2-A230-6A839BFA0F36} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312432 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D27DBF04-1752-4432-801F-B1E633D47CE0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [194672 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (No File)
Task: {43ED1E24-8A76-4907-9DEB-85804D6A71B8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator => C:\WINDOWS\system32\UIEOrchestrator.exe [336816 2025-01-28] (Microsoft Windows -> )
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {532F17A6-3E79-4B32-802E-3CFDB32A31D8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {92B6E77A-3EC8-4351-A5AD-3E4A0E641B05} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1151346358-4024040651-264034373-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {896E7374-CEF6-4753-93D8-E3E23E943D2D} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1151346358-4024040651-264034373-1001 => C:\Program Files\Microsoft OneDrive\25.005.0112.0003\OneDriveLauncher.exe [447032 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F891E63-D05D-4DC6-8CFC-7631C2180368} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1151346358-4024040651-264034373-1001 => C:\Users\Nelly Atlan\AppData\Roaming\Zoom\bin\Zoom.exe [435000 2025-01-19] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1151346358-4024040651-264034373-1001.job => C:\Users\Nelly Atlan\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1151346358-4024040651-264034373-1001.job => C:\Users\Nelly Atlan\AppData\Local\GoToMeeting\19992\g2mupload.exe
Task: C:\WINDOWS\Tasks\iGoAudioTask.job => C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6f3c8717231b7f69\iGoSwServer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25f38454-a1cf-4a5a-8b77-b158a57cb19a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25f38454-a1cf-4a5a-8b77-b158a57cb19a}\C4D445D214332354: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{36fa8bd1-2b09-4038-ab3e-a04a19ff2005}: [NameServer] 100.64.100.1
Tcpip\..\Interfaces\{fa95eeeb-ddf3-4fd6-85ae-423ac8967432}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Nelly Atlan\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-08]
Edge HomePage: Default -> hxxps://www.google.com/
Edge StartupUrls: Default -> "hxxps://www.google.com/"
Edge Extension: (Google Docs Offline) - C:\Users\Nelly Atlan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-05]
Edge Extension: (Edge relevant text changes) - C:\Users\Nelly Atlan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1151346358-4024040651-264034373-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1151346358-4024040651-264034373-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1151346358-4024040651-264034373-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-08-08] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\Default [2025-02-08]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (GoogleÂ Traduction) - C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2025-02-06]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-03]
CHR Extension: (QuillBot: AI Writing and Grammar Checker Tool) - C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iidnbdjijdkbmajdffnidomddglmieko [2025-02-05]
CHR Extension: (Ghostery Bloqueur de Traqueurs et de PublicitÃ©s - confidentialitÃ©) - C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2025-01-30]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-26]
CHR Extension: (Ghibli Coffee Shop) - C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\Default\Extensions\paapjnbmeehmnejicokjgnppdgjcmboe [2025-02-06]
CHR Profile: C:\Users\Nelly Atlan\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKU\S-1-5-21-1151346358-4024040651-264034373-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]

Opera: 
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617336 2025-01-29] (Microsoft Corporation -> Microsoft Corporation)
R2 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT)
R2 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_3c3afc298e15df94\DAX3API.exe [2305576 2021-11-18] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [439088 2024-03-27] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [439088 2024-03-27] (Expressco Services LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [439088 2024-03-27] (Expressco Services LLC -> ExpressVPN)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.005.0112.0003\FileSyncHelper.exe [3532816 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2023-12-09] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IgoAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6f3c8717231b7f69\IgoAudioService_x64.exe [32952 2021-12-08] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\AS\IAS\IntelAudioService.exe [532648 2021-11-30] (Intel Corporation -> Intel)
R2 IntelContextService; C:\WINDOWS\System32\DriverStore\FileRepository\icss_extension.inf_amd64_f00118f6aef6be28\UserAwarenessService.exe [165944 2020-12-23] (Intel Corporation -> Intel Corp)
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.25.208.1\mc-fw-host.exe [2594128 2024-12-11] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.25.208.1\mc-update.exe [3338200 2024-12-11] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NativePushService; C:\Users\Nelly Atlan\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-02-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R3 NetworkSupport; C:\WINDOWS\System32\DriverStore\FileRepository\vfep.inf_amd64_b69b96fbb203d067\NetworkSupport.exe [697048 2024-08-25] (VAIO Corporation -> VAIO Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.005.0112.0003\OneDriveUpdaterService.exe [3879464 2025-02-06] (Microsoft Corporation -> Microsoft Corporation)
R3 PC Cleaner Service; C:\Program Files\Avanquest\PC Cleaner\application\9.9.33904.5126\PC Cleaner Service.exe [928696 2025-01-14] (PC Helpsoft (7270356 Canada Inc) -> Avanquest)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2024-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256760 2024-06-28] (Intel Corporation -> Intel Corporation)
S4 VAIO Control Center Update Service; C:\WINDOWS\System32\DriverStore\FileRepository\vfep.inf_amd64_b69b96fbb203d067\VESUWPUpdateService.exe [243448 2024-08-25] (VAIO Corporation -> VAIO Corporation)
R2 VAIO Event Service; C:\WINDOWS\System32\DriverStore\FileRepository\vfep.inf_amd64_b69b96fbb203d067\VESMgr.exe [271608 2024-08-25] (VAIO Corporation -> VAIO Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S4 ELANFPService; %SystemRoot%\System32\ELANFPService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [581632 2024-11-09] (Microsoft Windows -> Microsoft Corporation)
R3 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2024-03-27] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [56552 2023-12-19] (Express VPN International Ltd. -> ExpressVPN)
R3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [176008 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-13] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-13] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_2f4c83f014ffdaee\IntcUSB.sys [882848 2021-11-30] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-07] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [19576 2024-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [76024 2024-12-11] (McAfee, LLC -> McAfee, LLC)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2023-11-21] (OpenVPN Inc. -> The OpenVPN Project)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2023-12-19] (ExprsVPN LLC -> The OpenVPN Project)
R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 usbscan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [90112 2024-11-09] (Microsoft Windows -> Microsoft Corporation)
R3 VFEP; C:\WINDOWS\System32\drivers\VFEP.sys [36496 2024-08-25] (Microsoft Windows Hardware Compatibility Publisher -> VAIO Corporation)
R3 VTSD; C:\WINDOWS\System32\drivers\VTSD.sys [32200 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> VAIO Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602504 2024-08-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-08 19:22 - 2025-02-08 19:22 - 000037802 _____ C:\Users\Nelly Atlan\Downloads\FRST.txt
2025-02-08 19:22 - 2025-02-08 19:22 - 000000000 ____D C:\FRST
2025-02-08 19:21 - 2025-02-08 19:21 - 002403328 _____ (Farbar) C:\Users\Nelly Atlan\Downloads\FRST64.exe
2025-02-08 19:17 - 2025-02-08 19:17 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-02-08 19:15 - 2025-02-08 19:15 - 002096640 _____ (Farbar) C:\Users\Nelly Atlan\Downloads\FRST.exe
2025-02-06 17:15 - 2025-02-06 17:15 - 008722856 _____ (Avanquest) C:\Users\Nelly Atlan\Downloads\PC_Cleaner_setup.exe
2025-02-06 17:15 - 2025-02-06 17:15 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Avanquest
2025-02-06 17:15 - 2025-02-06 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
2025-02-06 17:15 - 2025-02-06 17:15 - 000000000 ____D C:\ProgramData\Avanquest
2025-02-06 17:15 - 2025-02-06 17:15 - 000000000 ____D C:\Program Files\Avanquest
2025-02-06 17:11 - 2025-02-08 19:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-02-06 17:11 - 2025-02-06 17:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-02-06 17:10 - 2025-02-06 17:10 - 010529664 _____ (Google LLC) C:\Users\Nelly Atlan\Downloads\ChromeSetup (11).exe
2025-02-06 16:51 - 2025-02-06 16:51 - 000755054 _____ C:\WINDOWS\system32\perfh00C.dat
2025-02-06 16:51 - 2025-02-06 16:51 - 000150740 _____ C:\WINDOWS\system32\perfc00C.dat
2025-02-06 11:30 - 2025-02-06 11:30 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1151346358-4024040651-264034373-1001
2025-02-06 10:21 - 2025-02-06 10:21 - 010529664 _____ (Google LLC) C:\Users\Nelly Atlan\Downloads\ChromeSetup (10).exe
2025-02-06 09:51 - 2025-02-06 09:51 - 010529664 _____ (Google LLC) C:\Users\Nelly Atlan\Downloads\ChromeSetup (9).exe
2025-02-06 09:45 - 2025-02-06 09:45 - 010529664 _____ (Google LLC) C:\Users\Nelly Atlan\Downloads\ChromeSetup (8).exe
2025-02-04 18:24 - 2025-02-04 18:24 - 000326547 _____ C:\Users\Nelly Atlan\Downloads\ACPR-Lignes directrices LCB-FT sur la gestion-de-fortune (1).pdf
2025-02-04 17:57 - 2025-02-04 17:57 - 000000000 ____D C:\Users\Nelly Atlan\hiveDisk_Backup
2025-02-04 17:56 - 2025-02-04 17:56 - 000400937 _____ C:\Users\Nelly Atlan\Downloads\AMSF_Guide Banque privÃ©e et gestion de patrimoine_VFR_20240710_LCB-FT (1).pdf
2025-02-04 17:36 - 2025-02-04 17:36 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\Hive CloudBridge
2025-02-04 17:34 - 2025-02-05 08:24 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\hive-desktop
2025-02-04 17:34 - 2025-02-04 17:57 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hive Computing SA
2025-02-04 17:34 - 2025-02-04 17:57 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\hive-desktop
2025-02-04 17:34 - 2025-02-04 17:34 - 000000000 ____D C:\Users\Nelly Atlan\.hive
2025-02-04 17:33 - 2025-02-04 17:33 - 130663912 _____ (Hivenet Computing) C:\Users\Nelly Atlan\Downloads\hiveDisk-1.32.0 Setup.exe
2025-02-04 17:23 - 2025-02-04 17:23 - 000400937 _____ C:\Users\Nelly Atlan\Downloads\AMSF_Guide Banque privÃ©e et gestion de patrimoine_VFR_20240710_LCB-FT.pdf
2025-02-04 17:22 - 2025-02-04 17:23 - 000326547 _____ C:\Users\Nelly Atlan\Downloads\ACPR-Lignes directrices LCB-FT sur la gestion-de-fortune.pdf
2025-02-04 17:19 - 2025-02-04 17:19 - 002410298 _____ C:\Users\Nelly Atlan\Downloads\Gouvernance des algorithmes dâintelligence artificielle dans le secteur financier.pdf
2025-02-04 17:10 - 2025-02-04 17:10 - 000012348 _____ C:\Users\Nelly Atlan\Downloads\Groupe DUCO_2024-25.xlsx
2025-02-03 18:25 - 2025-02-06 11:27 - 000022955 _____ C:\Users\Nelly Atlan\AppData\LocalLow\a6540bf5930ec992dd5d2dc86377ffba82e6f01eb2fe57fc446d8c88aed6d278
2025-02-03 18:25 - 2025-02-03 18:25 - 000000026 _____ C:\Users\Nelly Atlan\AppData\LocalLow\2f3c47a346f652668c2a3cc07e6306669d2a6e5f9fb1088902ddabd1be757030
2025-02-03 18:24 - 2025-02-03 18:24 - 003493376 _____ C:\Users\Nelly Atlan\Downloads\justpdflab.msi
2025-02-03 18:11 - 2025-02-03 18:11 - 000126635 _____ C:\Users\Nelly Atlan\Downloads\ssrn-1610016.pdf
2025-02-03 09:31 - 2025-02-03 09:31 - 000290418 _____ C:\Users\Nelly Atlan\Downloads\paiement (11).pdf
2025-02-02 14:53 - 2025-02-02 14:53 - 000075842 _____ C:\Users\Nelly Atlan\Downloads\avis_de_situation (11).pdf
2025-02-02 14:52 - 2025-02-02 14:52 - 000290419 _____ C:\Users\Nelly Atlan\Downloads\paiement (10).pdf
2025-02-01 23:57 - 2025-02-01 23:57 - 000290427 _____ C:\Users\Nelly Atlan\Downloads\paiement (9).pdf
2025-01-30 10:59 - 2025-02-06 18:44 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-29 11:57 - 2025-01-29 11:57 - 000428284 _____ C:\Users\Nelly Atlan\Downloads\Awareness_raising_for_the_NPO_sector_regarding_the_fight_against_terrorism_financing_ENG_final.pdf
2025-01-29 11:57 - 2025-01-29 11:57 - 000428284 _____ C:\Users\Nelly Atlan\Downloads\Awareness_raising_for_the_NPO_sector_regarding_the_fight_against_terrorism_financing_ENG_final (1).pdf
2025-01-29 00:42 - 2025-01-29 00:42 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-01-29 00:42 - 2025-01-29 00:42 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-01-28 19:53 - 2025-01-28 19:53 - 000015949 _____ C:\Users\Nelly Atlan\Downloads\SUJETS (6).xlsx
2025-01-28 16:55 - 2025-01-28 16:55 - 000015949 _____ C:\Users\Nelly Atlan\Downloads\SUJETS (5).xlsx
2025-01-28 09:54 - 2025-01-28 09:54 - 000015266 _____ C:\Users\Nelly Atlan\Downloads\SUJETS (4).xlsx
2025-01-28 00:48 - 2025-01-28 00:51 - 000015381 _____ C:\Users\Nelly Atlan\Downloads\SUJETS (3).xlsx
2025-01-28 00:46 - 2025-01-28 00:46 - 000011135 _____ C:\Users\Nelly Atlan\Downloads\SUJETS (2).xlsx
2025-01-28 00:14 - 2025-01-28 00:50 - 000015362 _____ C:\Users\Nelly Atlan\Downloads\SUJETS (1).xlsx
2025-01-28 00:02 - 2025-01-28 00:02 - 000009928 _____ C:\Users\Nelly Atlan\Downloads\SUJETS.xlsx
2025-01-27 09:49 - 2025-01-27 09:49 - 000000098 _____ C:\Users\Nelly Atlan\OneDrive\Desktop\DU - GoogleÂ Drive.url
2025-01-23 15:17 - 2025-01-23 15:17 - 002704633 _____ C:\Users\Nelly Atlan\Downloads\ANNEXE EXTERNE CLASSIFICATION.xlsx
2025-01-23 15:16 - 2025-01-23 15:16 - 000058880 _____ C:\Users\Nelly Atlan\Downloads\plan de remeÌdiation VD.xls
2025-01-23 15:15 - 2025-01-23 15:15 - 003080046 _____ C:\Users\Nelly Atlan\Downloads\JCDS IMMOBILIER_Presentation.pptx
2025-01-23 15:12 - 2025-01-23 15:12 - 000349871 _____ C:\Users\Nelly Atlan\Downloads\Exercice - proposition etude de cas.pptx
2025-01-22 22:19 - 2025-01-22 22:21 - 000000200 _____ C:\Users\Nelly Atlan\OneDrive\Desktop\ProQuest EbookÂ Central.url
2025-01-22 11:55 - 2025-01-22 22:29 - 000011216 _____ C:\Users\Nelly Atlan\AppData\LocalLow\6c0dbad8e540cc022828347c49d180f3552e067156d91aa9c7dfd51f79a9b3ee
2025-01-22 11:55 - 2025-01-22 11:55 - 000000026 _____ C:\Users\Nelly Atlan\AppData\LocalLow\62cea4e00bbd0b5351eff8e4a0c1241e3124dffcda649ca9f8e6b8309fa8a7da
2025-01-19 20:31 - 2024-06-28 03:04 - 000256760 _____ (Intel Corporation) C:\WINDOWS\TbtP2pShortcutService.exe
2025-01-19 20:31 - 2024-06-28 03:03 - 003235176 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TbtBusDrv.sys
2025-01-19 09:19 - 2025-01-19 09:19 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-02-08 19:19 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-08 19:19 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-02-08 19:18 - 2024-06-05 22:04 - 000025478 _____ C:\Users\Nelly Atlan\AppData\LocalLow\0b5eacb3a7d0189ae09bc2d2cb032ac8ce3360e9ae285e9e8878930f3a55be09
2025-02-08 19:18 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-02-08 19:18 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-02-08 19:18 - 2021-08-27 20:27 - 000000000 ____D C:\Program Files\Microsoft Office
2025-02-08 19:17 - 2022-07-25 12:32 - 000000000 ___RD C:\Users\Nelly Atlan\OneDrive
2025-02-08 19:16 - 2022-07-25 12:31 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\Packages
2025-02-08 19:16 - 2021-08-27 20:09 - 000000000 ____D C:\ProgramData\Packages
2025-02-08 19:14 - 2024-05-23 21:01 - 000986471 _____ C:\Users\Nelly Atlan\AppData\LocalLow\86660111396adba6efd1ce5c30bb9a3e4e475e72123372aa61119381f7970872
2025-02-08 19:14 - 2024-05-23 21:01 - 000000130 _____ C:\Users\Nelly Atlan\AppData\LocalLow\3a91625889d020df5d7e22b8a5823c0517cc924c5f1b8d0036ed9c17c599bffe
2025-02-08 19:13 - 2024-12-10 23:00 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\CiscoSpark
2025-02-08 19:13 - 2024-12-10 17:10 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\WebEx
2025-02-08 19:12 - 2024-05-23 20:58 - 000090190 _____ C:\Users\Nelly Atlan\AppData\LocalLow\a7dc5dfac87f7e1d729b3e3bbfccfb871f20c4c594434031e0411606fe1358de
2025-02-08 19:12 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-08 19:12 - 2022-07-25 12:31 - 000000000 __SHD C:\Users\Nelly Atlan\IntelGraphicsProfiles
2025-02-06 22:28 - 2024-11-08 17:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-06 19:42 - 2022-10-12 18:16 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\Excel
2025-02-06 19:31 - 2022-07-25 13:19 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\Word
2025-02-06 17:55 - 2022-07-25 12:31 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\D3DSCache
2025-02-06 17:25 - 2024-06-28 15:38 - 000048977 _____ C:\Users\Nelly Atlan\AppData\LocalLow\241b1b4b1b516fa230ae651d985b1ca60d073177fa6e3aefe6cc0e77ff0b56dc
2025-02-06 17:24 - 2024-06-28 15:38 - 000000130 _____ C:\Users\Nelly Atlan\AppData\LocalLow\b53e921a1a27d42bbabf36919703fb9d51c9f0663008e99d4b0cdaf2fdda3ea8
2025-02-06 17:11 - 2022-07-26 11:36 - 000000000 ____D C:\Program Files (x86)\Google
2025-02-06 16:51 - 2024-11-08 17:21 - 001684128 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-06 16:51 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-02-06 16:44 - 2024-11-08 17:22 - 000004380 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-02-06 16:43 - 2024-11-08 17:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-06 16:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-02-06 16:43 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-06 16:43 - 2022-07-26 11:57 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-02-06 16:43 - 2021-08-27 20:11 - 000000000 ___HD C:\Intel
2025-02-06 16:43 - 2021-08-27 20:07 - 000012288 ___SH C:\DumpStack.log.tmp
2025-02-06 14:06 - 2024-05-23 20:59 - 000000130 _____ C:\Users\Nelly Atlan\AppData\LocalLow\1d20e7546529928277d4278a9d0ff3056b064cfafd8280d5cfe2836e1832256e
2025-02-06 11:50 - 2022-07-26 11:36 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\Google
2025-02-06 11:30 - 2024-11-08 17:32 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1151346358-4024040651-264034373-1001
2025-02-06 11:30 - 2024-11-08 17:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-02-06 11:30 - 2022-07-26 11:53 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-06 09:16 - 2024-11-09 20:27 - 000559908 _____ C:\Users\Nelly Atlan\AppData\LocalLow\04cd184aa9ae36be8c9bcd0f6c58355f1e470185d439d926048d5670c2159edf
2025-02-06 09:03 - 2024-11-09 20:27 - 000000130 _____ C:\Users\Nelly Atlan\AppData\LocalLow\fe3883d3bd9f9eac3a5edacf8d9a11177dbb2a4b85c3d668e6d4ac3d29aa6faa
2025-02-04 17:57 - 2024-11-08 17:18 - 000000000 ____D C:\Users\Nelly Atlan
2025-02-04 17:41 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-02-04 17:34 - 2022-10-03 17:37 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Local\SquirrelTemp
2025-02-03 19:07 - 2021-08-27 20:07 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-03 15:17 - 2024-11-09 20:27 - 000220913 _____ C:\Users\Nelly Atlan\AppData\LocalLow\9eab6207b2d923cb8993af87afe47a2522c1f4aac6261d57a86d1755026830ab
2025-01-30 11:33 - 2024-11-08 17:17 - 000512248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-30 11:32 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-01-30 11:32 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\InboxApps
2025-01-30 11:32 - 2024-04-01 09:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-01-30 11:32 - 2024-04-01 09:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-30 11:32 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-01-30 11:32 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-01-30 11:29 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-29 14:02 - 2022-10-03 15:39 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\PowerPoint
2025-01-29 12:46 - 2022-07-25 13:19 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Microsoft\Office
2025-01-29 00:42 - 2024-11-08 17:19 - 003334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-01-26 18:12 - 2022-10-03 18:05 - 000000000 ____D C:\Users\Nelly Atlan\OneDrive\Desktop\Atlas strategique
2025-01-23 15:20 - 2022-09-11 16:26 - 000000000 ____D C:\Users\Nelly Atlan\OneDrive\Desktop\BOOK
2025-01-23 15:14 - 2024-09-18 16:58 - 000000000 ___RD C:\Users\Nelly Atlan\OneDrive\Desktop\DU Compliance officer
2025-01-22 22:30 - 2024-07-29 18:58 - 000230224 _____ C:\Users\Nelly Atlan\AppData\LocalLow\0099f57194d706cb2f8896e24aea77e018462f2a142a7285ac0573cef676e5bc
2025-01-22 22:27 - 2024-04-09 18:45 - 000000000 ____D C:\Users\Nelly Atlan\OneDrive\Desktop\Nelly sante
2025-01-22 22:27 - 2022-11-02 18:01 - 000000000 ____D C:\Users\Nelly Atlan\OneDrive\Desktop\recherche d'emploi
2025-01-22 22:24 - 2024-07-29 18:42 - 000000000 ____D C:\Users\Nelly Atlan\OneDrive\Desktop\CSP
2025-01-22 16:47 - 2023-03-02 16:38 - 000000000 ____D C:\Users\Nelly Atlan\OneDrive\Desktop\Shaili photos
2025-01-22 16:46 - 2022-12-28 11:54 - 000000000 ____D C:\Users\Nelly Atlan\OneDrive\Desktop\parents
2025-01-21 08:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-19 20:45 - 2022-07-26 13:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-19 19:58 - 2022-10-25 11:14 - 000000000 ____D C:\Users\Nelly Atlan\AppData\Roaming\Zoom
2025-01-19 09:27 - 2022-07-26 13:05 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-19 09:19 - 2024-11-08 17:32 - 000004262 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1151346358-4024040651-264034373-1001
2025-01-19 09:12 - 2022-09-04 15:45 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-17 08:00 - 2024-01-06 20:50 - 000000000 ____D C:\Program Files\dotnet
2025-01-12 12:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth

==================== Files in the root of some directories ========

2023-01-25 22:12 - 2023-01-25 22:12 - 000000017 _____ () C:\Users\Nelly Atlan\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================