Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10-01-2022 01
Exécuté par parad (administrateur) sur LAPTOP-HSBT3V32 (HP HP Pavilion Gaming Laptop 15-cx0xxx) (13-01-2022 10:47:35)
Exécuté depuis C:\Users\parad\Downloads
Profils chargés: parad
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b261b2ab559fdee8\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b261b2ab559fdee8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(none) [Fichier non signé] C:\Users\parad\Desktop\Bureau\Logiciels\WLAN Optimizer by TutoBwim\WLAN Optimizer\WLAN Optimizer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_de7232ad589fe991\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-12-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33620960 2022-01-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [Discord] => C:\Users\parad\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [WLAN Optimizer] => C:\Users\parad\Desktop\Bureau\Logiciels\WLAN Optimizer by TutoBwim\WLAN Optimizer\WLAN Optimizer.exe [109056 2009-08-07] (none) [Fichier non signé]
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\parad\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (Pas de fichier)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [16070656 2021-01-06] () [Fichier non signé]
HKLM\...\Print\Monitors\HP CD11 Status Monitor: C:\windows\system32\hpinkstsCD11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-11] (Google LLC -> Google LLC)
Startup: C:\Users\parad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\parad\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {05B69642-086D-427A-BE31-C3CBD3D7069A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07154955-8EC1-4EBE-9C76-0972D094CF41} - System32\Tasks\Opera scheduled Autoupdate 1603481186 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {077A63B3-24BA-4D14-9212-4AC7F28221E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-25] (Google LLC -> Google LLC)
Task: {0844B3B6-5370-4967-826D-9562E9CE8EF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-01] (HP Inc. -> HP Inc.)
Task: {13D77267-3A35-4103-9624-555E83CC22AC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {158160BA-7EA8-4414-8772-AC8F712FA6A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-11-03] (HP Inc. -> HP Inc.)
Task: {1D33CF43-8303-4E51-8988-6FDAB21A80E4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {2189FE4A-8EB9-4C7C-966E-C51BE3C040B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1139032 2021-02-26] (HP Inc. -> HP Inc.)
Task: {244FDAC2-9FE2-4797-9D64-F6A43C00C1A5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C3A07E7-EDCB-431E-B3CA-A024D7EA4264} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3800902818-4272631316-2900706822-1001_2 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [420864 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
Task: {2DD56F48-5B49-4D52-A7A9-F39AF96402EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C31AC8C-57C0-4440-BBED-C34C0CBC1755} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D415F54-4D3B-4622-ABE8-B6CAC05F226E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4587E670-26DC-4BDE-A62F-0782D65A6362} - System32\Tasks\RtHDVBg_Session => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {464562B7-64FC-4415-8B6D-41988ABB6C6A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4655D922-F3D7-488D-AF0B-66D097EA2AEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EAFDEA9-B9CA-4278-92D4-D7586457EE37} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3800902818-4272631316-2900706822-500 => C:\Users\parad\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {5C1C72B9-398B-4FED-84B1-6F34442A6D77} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6028482A-AA5F-4F89-9B7F-79B3774D433C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {623C925B-D8B7-419F-96A7-A9FEF62E5A31} - System32\Tasks\Opera scheduled Autoupdate 1625127847 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {6AF7EBDD-2512-4A9A-8007-F94ACBF20E9E} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {6FAE83CA-F613-42D3-8486-845D5E454894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-25] (Google LLC -> Google LLC)
Task: {73F2B0BF-3A58-46D0-8E12-6D4A73479A71} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {75F6302E-0256-4DED-A8D4-C2FFE1100A9D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AEDC7FC-3D51-42B9-8104-0D1793AE50A6} - System32\Tasks\ChromeChecker => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAI (l'élément de données a 4315 caractères en plus). <==== ATTENTION
Task: {7FBC0487-6E88-4CE2-A968-988A7B2DB5FE} - System32\Tasks\Opera scheduled assistant Autoupdate 1603481191 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\parad\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {87DA0132-61A4-41ED-AC4F-CAB6D75CC028} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5DDAFE0-5C9F-41D7-AD36-5000BB2A3AE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1139032 2021-02-26] (HP Inc. -> HP Inc.)
Task: {B8889917-D5E5-4D81-A77F-8786F4D7307E} - System32\Tasks\RtHDVBg_HP_VOICEMODE_FOR_SKYPE => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {BA471935-47A1-4753-A4C8-54E6E9A2D041} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCCCAE8D-A6EB-4D78-8C6C-C94124966A28} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE005BDE-5F0C-4DC8-BA99-32F4FC1C5B19} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3800902818-4272631316-2900706822-1001 => C:\Users\parad\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2021-11-14] (Mega Limited -> )
Task: {D2FC6C24-BEFE-4B37-95D8-9352BAE4C15D} - System32\Tasks\Opera scheduled assistant Autoupdate 1625127849 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\parad\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EAA4D48A-683F-4626-99A8-E8B99EBAFA8D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EABE60AD-86ED-4165-8E63-B1ABC8048B97} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {EE48150A-8530-4850-B901-FC16936BD895} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEF84F86-7FF0-47EA-97FB-30D9399C4574} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FB20409F-676C-4D00-9EF0-F817F662A9A9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18d65aae-48f4-4b26-927f-67eafbd2d41f}: [NameServer] 207.14.235.234,67.238.98.162,74.4.19.187,8.8.4.4,4.4.2.2
Tcpip\..\Interfaces\{18d65aae-48f4-4b26-927f-67eafbd2d41f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d28d09d-1ab8-49a5-93e2-f2ab6e583953}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd023d42-798c-4920-b219-81e890cdee31}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\parad\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-11]
FireFox:
========
FF DefaultProfile: 3gbew6xy.default
FF ProfilePath: C:\Users\parad\AppData\Roaming\Mozilla\Firefox\Profiles\3gbew6xy.default [2022-01-11]
FF ProfilePath: C:\Users\parad\AppData\Roaming\Mozilla\Firefox\Profiles\yydai71p.default-release [2022-01-11]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default [2022-01-13]
CHR Notifications: Default -> hxxps://linkvertise.com; hxxps://maximus-time.com; hxxps://www16a.willianpadilla.pro; hxxps://www17a.myrnamooney.pro; hxxps://www18a.normabass.pro; hxxps://www1p.delmarmora.pro; hxxps://www1p.normabass.pro; hxxps://www30a.myrnamooney.pro; hxxps://www35.elbaestes.pro; hxxps://www35a.josueshah.pro; hxxps://www48a.josueshah.pro
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-25]
CHR Extension: (Chump) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmniipbmpamifglbggkejhabcocdjlcm [2021-09-04]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-04]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-12-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Properties) - C:\Users\parad\AppData\Local [2022-01-13]
CHR Profile: C:\Users\parad\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-11]
CHR Profile: C:\Users\parad\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-11]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AALSvc; C:\AlphaAntiLeak\AAL\bin\server\AALSvc.exe [11482488 2020-09-21] (Constantin Schreiber -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-06-28] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-11-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe [755720 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe [754168 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe [751088 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe [754680 2021-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe [494688 2021-09-24] (HP Inc. -> HP Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-12-03] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_de7232ad589fe991\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_de7232ad589fe991\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AALProtect; C:\AlphaAntiLeak\AAL\bin\server\AALProtect.sys [35984 2019-12-25] (OOO AMEKS -> )
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 AmPeStorU; C:\WINDOWS\system32\drivers\AmPeStorU.sys [128448 2019-01-24] (Alcorlink Corp. -> Generic)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-02-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-01-10] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-12 21:32 - 2022-01-12 21:32 - 000000000 ____D C:\WINDOWS\system32\ias
2022-01-12 17:38 - 2022-01-13 08:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-12 14:00 - 2022-01-12 14:58 - 000000757 _____ C:\Users\parad\Documents\ClownfishVoiceChanger.ini
2022-01-12 12:26 - 2022-01-12 12:26 - 000000000 ___HD C:\$WinREAgent
2022-01-11 15:00 - 2022-01-11 15:00 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-01-11 14:58 - 2022-01-11 14:59 - 000002107 _____ C:\Users\parad\Downloads\Fixlog.txt
2022-01-11 14:57 - 2022-01-11 14:57 - 000035753 _____ C:\Users\parad\Downloads\Shortcut.txt
2022-01-11 14:56 - 2022-01-11 14:57 - 000086884 _____ C:\Users\parad\Downloads\Addition.txt
2022-01-11 14:55 - 2022-01-13 10:48 - 000028918 _____ C:\Users\parad\Downloads\FRST.txt
2022-01-11 14:55 - 2022-01-11 14:55 - 002311680 _____ (Farbar) C:\Users\parad\Downloads\FRST64 (1).exe
2022-01-11 14:54 - 2022-01-13 10:48 - 000000000 ____D C:\FRST
2022-01-11 14:51 - 2022-01-11 14:54 - 002311680 _____ (Farbar) C:\Users\parad\Downloads\FRST64.exe
2022-01-11 13:25 - 2022-01-11 13:25 - 000000000 ____D C:\Users\parad\Intel
2022-01-11 13:07 - 2022-01-11 13:08 - 036174008 _____ (Piriform Software Ltd) C:\Users\parad\Downloads\ccsetup585.exe
2022-01-11 13:06 - 2022-01-11 13:07 - 000000000 ____D C:\AdwCleaner
2022-01-11 13:05 - 2022-01-11 13:06 - 008534696 _____ (Malwarebytes) C:\Users\parad\Downloads\adwcleaner_8.2.exe
2022-01-10 19:42 - 2022-01-13 10:33 - 000000000 ___HD C:\Users\parad\Downloads\.opera
2022-01-10 19:01 - 2022-01-10 19:01 - 000000279 _____ C:\Users\parad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Corbeille.lnk
2022-01-10 17:47 - 2022-01-10 17:47 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3800902818-4272631316-2900706822-1001_2
2022-01-10 16:56 - 2022-01-10 16:56 - 000000000 ____D C:\Users\parad\AppData\LocalLow\Kinetic Games
2022-01-10 16:21 - 2022-01-10 18:59 - 000000000 ____D C:\Users\parad\Desktop\phas
2022-01-10 15:25 - 2022-01-13 08:55 - 000000000 ____D C:\Users\parad\AppData\Local\chrome
2022-01-10 15:24 - 2022-01-10 15:24 - 000012832 _____ C:\WINDOWS\system32\Tasks\ChromeChecker
2022-01-09 18:59 - 2022-01-09 18:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\MEGA
2022-01-09 14:53 - 2022-01-09 14:53 - 000000000 ____D C:\Program Files\Strogino CS Portal
2022-01-09 10:33 - 2022-01-11 13:39 - 000000000 ____D C:\Users\parad\Desktop\Among.Us.v2021.12.16s
2022-01-09 10:33 - 2022-01-09 10:33 - 281734052 _____ C:\Users\parad\Desktop\Among.Us.v2021.12.16s.rar
2021-12-17 21:57 - 2021-12-17 21:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-17 16:12 - 2021-12-17 16:12 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-17 16:12 - 2021-12-17 16:12 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-17 16:11 - 2021-12-17 16:11 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-17 16:11 - 2021-12-17 16:11 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-13 10:33 - 2021-07-14 08:29 - 000000000 ___HD C:\Users\parad\.opera
2022-01-13 10:30 - 2020-10-17 11:01 - 000000000 ____D C:\Users\parad\AppData\Roaming\discord
2022-01-13 10:30 - 2019-09-27 19:21 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-13 10:29 - 2020-10-17 11:01 - 000000000 ____D C:\Users\parad\AppData\Local\Discord
2022-01-13 10:28 - 2019-12-25 09:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-13 10:28 - 2019-12-25 09:41 - 000000000 __SHD C:\Users\parad\IntelGraphicsProfiles
2022-01-13 10:19 - 2021-04-06 16:02 - 000000000 ____D C:\Users\parad
2022-01-13 09:55 - 2019-12-25 10:31 - 000000000 ____D C:\Users\parad\AppData\Roaming\LunarClient
2022-01-13 09:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-13 09:00 - 2021-04-06 16:09 - 001925678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-13 09:00 - 2019-12-07 15:49 - 000834502 _____ C:\WINDOWS\system32\perfh00C.dat
2022-01-13 09:00 - 2019-12-07 15:49 - 000168216 _____ C:\WINDOWS\system32\perfc00C.dat
2022-01-13 09:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-13 08:55 - 2021-08-09 16:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-13 08:55 - 2020-11-09 16:52 - 000000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-13 08:55 - 2020-11-09 16:52 - 000000000 ____D C:\Users\parad\AppData\LocalLow\Mozilla
2022-01-13 08:55 - 2020-11-09 16:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-13 08:52 - 2021-04-06 16:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-13 08:52 - 2021-04-06 16:01 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-13 08:52 - 2021-04-06 16:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-13 08:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-12 21:32 - 2019-12-27 22:32 - 000000000 ____D C:\Users\parad\AppData\Local\CrashDumps
2022-01-12 21:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-12 19:20 - 2020-09-18 12:17 - 000000000 ____D C:\Users\parad\AppData\Roaming\.minecraft
2022-01-12 12:40 - 2019-12-25 09:58 - 000000000 ____D C:\Users\parad\AppData\Roaming\Hewlett-Packard
2022-01-12 07:20 - 2019-05-06 03:15 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-01-11 16:21 - 2019-12-25 20:22 - 000000000 ____D C:\Users\parad\AppData\Local\D3DSCache
2022-01-11 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-01-11 14:59 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-11 14:59 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-11 14:05 - 2019-12-25 09:41 - 000000000 ____D C:\Users\parad\AppData\Local\Packages
2022-01-11 14:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-11 14:00 - 2019-09-27 19:18 - 000000000 ____D C:\Program Files\Intel
2022-01-11 13:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-11 13:33 - 2020-02-01 12:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-11 13:25 - 2019-09-27 19:18 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-11 13:25 - 2019-09-27 19:18 - 000000000 ____D C:\ProgramData\Intel
2022-01-11 13:25 - 2019-09-27 19:18 - 000000000 ____D C:\Program Files (x86)\Intel
2022-01-11 13:24 - 2021-06-29 21:01 - 000000000 ____D C:\Program Files\VideoLAN
2022-01-11 13:23 - 2020-02-03 20:42 - 000000000 ____D C:\Users\parad\AppData\Local\Nox
2022-01-11 13:23 - 2020-02-03 20:42 - 000000000 ____D C:\Program Files (x86)\Nox
2022-01-11 13:22 - 2021-09-13 17:04 - 000000000 ____D C:\ProgramData\Red Giant
2022-01-11 13:20 - 2019-05-06 03:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-01-11 13:20 - 2019-05-06 03:13 - 000000000 ____D C:\Program Files (x86)\HP
2022-01-11 13:17 - 2020-10-09 15:13 - 000000000 ____D C:\ProgramData\AVG
2022-01-11 13:13 - 2021-09-13 16:49 - 000000000 ____D C:\Program Files (x86)\Adobe Photoshop CS6
2022-01-11 13:11 - 2021-04-06 07:38 - 000000000 ___DC C:\WINDOWS\Panther
2022-01-11 13:11 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-11 13:07 - 2019-05-06 03:13 - 000000000 ____D C:\ProgramData\HP
2022-01-10 19:00 - 2020-02-04 19:33 - 000000000 ____D C:\Users\parad\Documents\My Games
2022-01-10 18:59 - 2020-08-20 11:54 - 000000000 ___RD C:\Users\parad\Desktop\Bureau
2022-01-10 16:56 - 2020-09-06 08:00 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2022-01-09 19:36 - 2020-02-14 13:55 - 000000000 ____D C:\Users\parad\Documents\MEGAsync Downloads
2022-01-09 18:59 - 2020-02-05 07:50 - 000000000 ____D C:\Users\parad\AppData\Local\MEGAsync
2022-01-09 15:47 - 2020-07-14 17:11 - 000000000 ____D C:\Users\parad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-01-08 08:28 - 2020-06-18 06:59 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-30 19:38 - 2020-01-12 12:34 - 000000000 ____D C:\Users\parad\AppData\Roaming\audacity
2021-12-25 21:50 - 2020-11-09 16:52 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-22 16:07 - 2021-01-23 13:34 - 000000000 ____D C:\Users\parad\AppData\Roaming\bakkesmod
2021-12-20 17:18 - 2020-08-05 20:14 - 000000297 _____ C:\Users\parad\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2021-12-20 16:48 - 2020-02-03 20:45 - 000000000 ____D C:\Users\parad\.android
2021-12-20 16:47 - 2020-02-03 20:44 - 000000000 ____D C:\Users\parad\AppData\Local\NoxSrv
2021-12-20 16:47 - 2020-02-03 20:42 - 000000000 ____D C:\Users\parad\vmlogs
2021-12-20 08:37 - 2019-05-06 03:15 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-18 18:15 - 2020-05-05 08:35 - 000000000 ____D C:\Program Files\Epic Games
2021-12-18 08:15 - 2021-04-06 16:01 - 000836256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-17 16:16 - 2019-12-25 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-17 16:14 - 2019-12-25 12:49 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-14 16:09 - 2019-04-15 16:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2019-12-25 20:34 - 2020-10-25 19:28 - 000000928 _____ () C:\Users\parad\AppData\Roaming\AdobeWLCMR2Cache.dat
2020-09-20 09:37 - 2020-09-20 09:37 - 000000068 _____ () C:\Users\parad\AppData\Roaming\changzhi_leidian.data
2020-08-14 19:48 - 2020-08-18 19:47 - 000000498 _____ () C:\Users\parad\AppData\Roaming\ClipoxMenu (2).lnk
2021-08-17 09:00 - 2021-11-28 18:42 - 000001119 _____ () C:\Users\parad\AppData\Roaming\mscache.lock
2020-10-14 18:17 - 2020-10-14 18:17 - 000000015 _____ () C:\Users\parad\AppData\Roaming\obs-virtualcam.txt
2021-01-12 18:00 - 2021-01-12 18:00 - 000000684 _____ () C:\Users\parad\AppData\Roaming\OEMSDKHASH.txt
2020-10-10 12:42 - 2020-10-10 12:42 - 000000128 _____ () C:\Users\parad\AppData\Roaming\PUTTY.RND
2021-08-17 09:00 - 2021-11-28 18:45 - 000026591 _____ () C:\Users\parad\AppData\Roaming\salwyrr.properties.backup
2021-08-17 09:00 - 2021-11-28 18:45 - 000026591 _____ () C:\Users\parad\AppData\Roaming\slw.saves
2020-02-14 17:23 - 2020-02-14 17:23 - 000000054 _____ () C:\Users\parad\AppData\Roaming\updater.cfg
2020-09-07 17:11 - 2020-10-22 18:45 - 000004652 _____ () C:\Users\parad\AppData\Roaming\VoiceMeeterDefault.xml
2020-08-27 15:56 - 2020-08-30 12:37 - 000000120 _____ () C:\Users\parad\AppData\Local\injk.conf
2020-10-10 10:59 - 2020-10-10 12:43 - 000000128 _____ () C:\Users\parad\AppData\Local\PUTTY.RND
2020-12-14 18:49 - 2021-07-11 15:54 - 000007602 _____ () C:\Users\parad\AppData\Local\Resmon.ResmonCfg
2020-08-04 12:33 - 2020-08-04 12:34 - 000000015 _____ () C:\Users\parad\AppData\Local\update_progress.txt
==================== FLock ==============================
2019-12-07 10:14 C:\WINDOWS\system32\WindowsPowerShell
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par parad (administrateur) sur LAPTOP-HSBT3V32 (HP HP Pavilion Gaming Laptop 15-cx0xxx) (13-01-2022 10:47:35)
Exécuté depuis C:\Users\parad\Downloads
Profils chargés: parad
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b261b2ab559fdee8\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b261b2ab559fdee8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(none) [Fichier non signé] C:\Users\parad\Desktop\Bureau\Logiciels\WLAN Optimizer by TutoBwim\WLAN Optimizer\WLAN Optimizer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_de7232ad589fe991\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-12-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33620960 2022-01-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [Discord] => C:\Users\parad\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [WLAN Optimizer] => C:\Users\parad\Desktop\Bureau\Logiciels\WLAN Optimizer by TutoBwim\WLAN Optimizer\WLAN Optimizer.exe [109056 2009-08-07] (none) [Fichier non signé]
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\parad\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (Pas de fichier)
HKU\S-1-5-21-3800902818-4272631316-2900706822-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [16070656 2021-01-06] () [Fichier non signé]
HKLM\...\Print\Monitors\HP CD11 Status Monitor: C:\windows\system32\hpinkstsCD11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-11] (Google LLC -> Google LLC)
Startup: C:\Users\parad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\parad\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {05B69642-086D-427A-BE31-C3CBD3D7069A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07154955-8EC1-4EBE-9C76-0972D094CF41} - System32\Tasks\Opera scheduled Autoupdate 1603481186 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {077A63B3-24BA-4D14-9212-4AC7F28221E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-25] (Google LLC -> Google LLC)
Task: {0844B3B6-5370-4967-826D-9562E9CE8EF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-01] (HP Inc. -> HP Inc.)
Task: {13D77267-3A35-4103-9624-555E83CC22AC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {158160BA-7EA8-4414-8772-AC8F712FA6A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-11-03] (HP Inc. -> HP Inc.)
Task: {1D33CF43-8303-4E51-8988-6FDAB21A80E4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {2189FE4A-8EB9-4C7C-966E-C51BE3C040B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1139032 2021-02-26] (HP Inc. -> HP Inc.)
Task: {244FDAC2-9FE2-4797-9D64-F6A43C00C1A5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C3A07E7-EDCB-431E-B3CA-A024D7EA4264} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3800902818-4272631316-2900706822-1001_2 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [420864 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
Task: {2DD56F48-5B49-4D52-A7A9-F39AF96402EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3C31AC8C-57C0-4440-BBED-C34C0CBC1755} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D415F54-4D3B-4622-ABE8-B6CAC05F226E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4587E670-26DC-4BDE-A62F-0782D65A6362} - System32\Tasks\RtHDVBg_Session => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {464562B7-64FC-4415-8B6D-41988ABB6C6A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4655D922-F3D7-488D-AF0B-66D097EA2AEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EAFDEA9-B9CA-4278-92D4-D7586457EE37} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3800902818-4272631316-2900706822-500 => C:\Users\parad\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {5C1C72B9-398B-4FED-84B1-6F34442A6D77} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6028482A-AA5F-4F89-9B7F-79B3774D433C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {623C925B-D8B7-419F-96A7-A9FEF62E5A31} - System32\Tasks\Opera scheduled Autoupdate 1625127847 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {6AF7EBDD-2512-4A9A-8007-F94ACBF20E9E} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {6FAE83CA-F613-42D3-8486-845D5E454894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-25] (Google LLC -> Google LLC)
Task: {73F2B0BF-3A58-46D0-8E12-6D4A73479A71} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {75F6302E-0256-4DED-A8D4-C2FFE1100A9D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AEDC7FC-3D51-42B9-8104-0D1793AE50A6} - System32\Tasks\ChromeChecker => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAI (l'élément de données a 4315 caractères en plus). <==== ATTENTION
Task: {7FBC0487-6E88-4CE2-A968-988A7B2DB5FE} - System32\Tasks\Opera scheduled assistant Autoupdate 1603481191 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\parad\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {87DA0132-61A4-41ED-AC4F-CAB6D75CC028} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5DDAFE0-5C9F-41D7-AD36-5000BB2A3AE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1139032 2021-02-26] (HP Inc. -> HP Inc.)
Task: {B8889917-D5E5-4D81-A77F-8786F4D7307E} - System32\Tasks\RtHDVBg_HP_VOICEMODE_FOR_SKYPE => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {BA471935-47A1-4753-A4C8-54E6E9A2D041} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCCCAE8D-A6EB-4D78-8C6C-C94124966A28} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE005BDE-5F0C-4DC8-BA99-32F4FC1C5B19} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3800902818-4272631316-2900706822-1001 => C:\Users\parad\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2021-11-14] (Mega Limited -> )
Task: {D2FC6C24-BEFE-4B37-95D8-9352BAE4C15D} - System32\Tasks\Opera scheduled assistant Autoupdate 1625127849 => C:\Users\parad\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\parad\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EAA4D48A-683F-4626-99A8-E8B99EBAFA8D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EABE60AD-86ED-4165-8E63-B1ABC8048B97} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {EE48150A-8530-4850-B901-FC16936BD895} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEF84F86-7FF0-47EA-97FB-30D9399C4574} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FB20409F-676C-4D00-9EF0-F817F662A9A9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18d65aae-48f4-4b26-927f-67eafbd2d41f}: [NameServer] 207.14.235.234,67.238.98.162,74.4.19.187,8.8.4.4,4.4.2.2
Tcpip\..\Interfaces\{18d65aae-48f4-4b26-927f-67eafbd2d41f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d28d09d-1ab8-49a5-93e2-f2ab6e583953}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{cd023d42-798c-4920-b219-81e890cdee31}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\parad\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-11]
FireFox:
========
FF DefaultProfile: 3gbew6xy.default
FF ProfilePath: C:\Users\parad\AppData\Roaming\Mozilla\Firefox\Profiles\3gbew6xy.default [2022-01-11]
FF ProfilePath: C:\Users\parad\AppData\Roaming\Mozilla\Firefox\Profiles\yydai71p.default-release [2022-01-11]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default [2022-01-13]
CHR Notifications: Default -> hxxps://linkvertise.com; hxxps://maximus-time.com; hxxps://www16a.willianpadilla.pro; hxxps://www17a.myrnamooney.pro; hxxps://www18a.normabass.pro; hxxps://www1p.delmarmora.pro; hxxps://www1p.normabass.pro; hxxps://www30a.myrnamooney.pro; hxxps://www35.elbaestes.pro; hxxps://www35a.josueshah.pro; hxxps://www48a.josueshah.pro
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-25]
CHR Extension: (Chump) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmniipbmpamifglbggkejhabcocdjlcm [2021-09-04]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-04]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-12-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\parad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Properties) - C:\Users\parad\AppData\Local [2022-01-13]
CHR Profile: C:\Users\parad\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-11]
CHR Profile: C:\Users\parad\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-11]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AALSvc; C:\AlphaAntiLeak\AAL\bin\server\AALSvc.exe [11482488 2020-09-21] (Constantin Schreiber -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-06-28] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-11-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe [755720 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe [754168 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe [751088 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe [754680 2021-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe [494688 2021-09-24] (HP Inc. -> HP Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-12-03] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_de7232ad589fe991\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_de7232ad589fe991\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AALProtect; C:\AlphaAntiLeak\AAL\bin\server\AALProtect.sys [35984 2019-12-25] (OOO AMEKS -> )
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 AmPeStorU; C:\WINDOWS\system32\drivers\AmPeStorU.sys [128448 2019-01-24] (Alcorlink Corp. -> Generic)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-02-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-01-10] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-12 21:32 - 2022-01-12 21:32 - 000000000 ____D C:\WINDOWS\system32\ias
2022-01-12 17:38 - 2022-01-13 08:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-12 14:00 - 2022-01-12 14:58 - 000000757 _____ C:\Users\parad\Documents\ClownfishVoiceChanger.ini
2022-01-12 12:26 - 2022-01-12 12:26 - 000000000 ___HD C:\$WinREAgent
2022-01-11 15:00 - 2022-01-11 15:00 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-01-11 14:58 - 2022-01-11 14:59 - 000002107 _____ C:\Users\parad\Downloads\Fixlog.txt
2022-01-11 14:57 - 2022-01-11 14:57 - 000035753 _____ C:\Users\parad\Downloads\Shortcut.txt
2022-01-11 14:56 - 2022-01-11 14:57 - 000086884 _____ C:\Users\parad\Downloads\Addition.txt
2022-01-11 14:55 - 2022-01-13 10:48 - 000028918 _____ C:\Users\parad\Downloads\FRST.txt
2022-01-11 14:55 - 2022-01-11 14:55 - 002311680 _____ (Farbar) C:\Users\parad\Downloads\FRST64 (1).exe
2022-01-11 14:54 - 2022-01-13 10:48 - 000000000 ____D C:\FRST
2022-01-11 14:51 - 2022-01-11 14:54 - 002311680 _____ (Farbar) C:\Users\parad\Downloads\FRST64.exe
2022-01-11 13:25 - 2022-01-11 13:25 - 000000000 ____D C:\Users\parad\Intel
2022-01-11 13:07 - 2022-01-11 13:08 - 036174008 _____ (Piriform Software Ltd) C:\Users\parad\Downloads\ccsetup585.exe
2022-01-11 13:06 - 2022-01-11 13:07 - 000000000 ____D C:\AdwCleaner
2022-01-11 13:05 - 2022-01-11 13:06 - 008534696 _____ (Malwarebytes) C:\Users\parad\Downloads\adwcleaner_8.2.exe
2022-01-10 19:42 - 2022-01-13 10:33 - 000000000 ___HD C:\Users\parad\Downloads\.opera
2022-01-10 19:01 - 2022-01-10 19:01 - 000000279 _____ C:\Users\parad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Corbeille.lnk
2022-01-10 17:47 - 2022-01-10 17:47 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3800902818-4272631316-2900706822-1001_2
2022-01-10 16:56 - 2022-01-10 16:56 - 000000000 ____D C:\Users\parad\AppData\LocalLow\Kinetic Games
2022-01-10 16:21 - 2022-01-10 18:59 - 000000000 ____D C:\Users\parad\Desktop\phas
2022-01-10 15:25 - 2022-01-13 08:55 - 000000000 ____D C:\Users\parad\AppData\Local\chrome
2022-01-10 15:24 - 2022-01-10 15:24 - 000012832 _____ C:\WINDOWS\system32\Tasks\ChromeChecker
2022-01-09 18:59 - 2022-01-09 18:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\MEGA
2022-01-09 14:53 - 2022-01-09 14:53 - 000000000 ____D C:\Program Files\Strogino CS Portal
2022-01-09 10:33 - 2022-01-11 13:39 - 000000000 ____D C:\Users\parad\Desktop\Among.Us.v2021.12.16s
2022-01-09 10:33 - 2022-01-09 10:33 - 281734052 _____ C:\Users\parad\Desktop\Among.Us.v2021.12.16s.rar
2021-12-17 21:57 - 2021-12-17 21:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-17 16:12 - 2021-12-17 16:12 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-17 16:12 - 2021-12-17 16:12 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-17 16:11 - 2021-12-17 16:11 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-17 16:11 - 2021-12-17 16:11 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-01-13 10:33 - 2021-07-14 08:29 - 000000000 ___HD C:\Users\parad\.opera
2022-01-13 10:30 - 2020-10-17 11:01 - 000000000 ____D C:\Users\parad\AppData\Roaming\discord
2022-01-13 10:30 - 2019-09-27 19:21 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-13 10:29 - 2020-10-17 11:01 - 000000000 ____D C:\Users\parad\AppData\Local\Discord
2022-01-13 10:28 - 2019-12-25 09:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-13 10:28 - 2019-12-25 09:41 - 000000000 __SHD C:\Users\parad\IntelGraphicsProfiles
2022-01-13 10:19 - 2021-04-06 16:02 - 000000000 ____D C:\Users\parad
2022-01-13 09:55 - 2019-12-25 10:31 - 000000000 ____D C:\Users\parad\AppData\Roaming\LunarClient
2022-01-13 09:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-13 09:00 - 2021-04-06 16:09 - 001925678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-13 09:00 - 2019-12-07 15:49 - 000834502 _____ C:\WINDOWS\system32\perfh00C.dat
2022-01-13 09:00 - 2019-12-07 15:49 - 000168216 _____ C:\WINDOWS\system32\perfc00C.dat
2022-01-13 09:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-13 08:55 - 2021-08-09 16:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-13 08:55 - 2020-11-09 16:52 - 000000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-13 08:55 - 2020-11-09 16:52 - 000000000 ____D C:\Users\parad\AppData\LocalLow\Mozilla
2022-01-13 08:55 - 2020-11-09 16:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-13 08:52 - 2021-04-06 16:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-13 08:52 - 2021-04-06 16:01 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-13 08:52 - 2021-04-06 16:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-13 08:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-12 21:32 - 2019-12-27 22:32 - 000000000 ____D C:\Users\parad\AppData\Local\CrashDumps
2022-01-12 21:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-12 19:20 - 2020-09-18 12:17 - 000000000 ____D C:\Users\parad\AppData\Roaming\.minecraft
2022-01-12 12:40 - 2019-12-25 09:58 - 000000000 ____D C:\Users\parad\AppData\Roaming\Hewlett-Packard
2022-01-12 07:20 - 2019-05-06 03:15 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-01-11 16:21 - 2019-12-25 20:22 - 000000000 ____D C:\Users\parad\AppData\Local\D3DSCache
2022-01-11 14:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-01-11 14:59 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-11 14:59 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-11 14:05 - 2019-12-25 09:41 - 000000000 ____D C:\Users\parad\AppData\Local\Packages
2022-01-11 14:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-11 14:00 - 2019-09-27 19:18 - 000000000 ____D C:\Program Files\Intel
2022-01-11 13:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-11 13:33 - 2020-02-01 12:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-11 13:25 - 2019-09-27 19:18 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-11 13:25 - 2019-09-27 19:18 - 000000000 ____D C:\ProgramData\Intel
2022-01-11 13:25 - 2019-09-27 19:18 - 000000000 ____D C:\Program Files (x86)\Intel
2022-01-11 13:24 - 2021-06-29 21:01 - 000000000 ____D C:\Program Files\VideoLAN
2022-01-11 13:23 - 2020-02-03 20:42 - 000000000 ____D C:\Users\parad\AppData\Local\Nox
2022-01-11 13:23 - 2020-02-03 20:42 - 000000000 ____D C:\Program Files (x86)\Nox
2022-01-11 13:22 - 2021-09-13 17:04 - 000000000 ____D C:\ProgramData\Red Giant
2022-01-11 13:20 - 2019-05-06 03:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-01-11 13:20 - 2019-05-06 03:13 - 000000000 ____D C:\Program Files (x86)\HP
2022-01-11 13:17 - 2020-10-09 15:13 - 000000000 ____D C:\ProgramData\AVG
2022-01-11 13:13 - 2021-09-13 16:49 - 000000000 ____D C:\Program Files (x86)\Adobe Photoshop CS6
2022-01-11 13:11 - 2021-04-06 07:38 - 000000000 ___DC C:\WINDOWS\Panther
2022-01-11 13:11 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-11 13:07 - 2019-05-06 03:13 - 000000000 ____D C:\ProgramData\HP
2022-01-10 19:00 - 2020-02-04 19:33 - 000000000 ____D C:\Users\parad\Documents\My Games
2022-01-10 18:59 - 2020-08-20 11:54 - 000000000 ___RD C:\Users\parad\Desktop\Bureau
2022-01-10 16:56 - 2020-09-06 08:00 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2022-01-09 19:36 - 2020-02-14 13:55 - 000000000 ____D C:\Users\parad\Documents\MEGAsync Downloads
2022-01-09 18:59 - 2020-02-05 07:50 - 000000000 ____D C:\Users\parad\AppData\Local\MEGAsync
2022-01-09 15:47 - 2020-07-14 17:11 - 000000000 ____D C:\Users\parad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-01-08 08:28 - 2020-06-18 06:59 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-30 19:38 - 2020-01-12 12:34 - 000000000 ____D C:\Users\parad\AppData\Roaming\audacity
2021-12-25 21:50 - 2020-11-09 16:52 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-22 16:07 - 2021-01-23 13:34 - 000000000 ____D C:\Users\parad\AppData\Roaming\bakkesmod
2021-12-20 17:18 - 2020-08-05 20:14 - 000000297 _____ C:\Users\parad\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2021-12-20 16:48 - 2020-02-03 20:45 - 000000000 ____D C:\Users\parad\.android
2021-12-20 16:47 - 2020-02-03 20:44 - 000000000 ____D C:\Users\parad\AppData\Local\NoxSrv
2021-12-20 16:47 - 2020-02-03 20:42 - 000000000 ____D C:\Users\parad\vmlogs
2021-12-20 08:37 - 2019-05-06 03:15 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-18 18:15 - 2020-05-05 08:35 - 000000000 ____D C:\Program Files\Epic Games
2021-12-18 08:15 - 2021-04-06 16:01 - 000836256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-17 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-17 16:16 - 2019-12-25 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-17 16:14 - 2019-12-25 12:49 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-14 16:09 - 2019-04-15 16:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2019-12-25 20:34 - 2020-10-25 19:28 - 000000928 _____ () C:\Users\parad\AppData\Roaming\AdobeWLCMR2Cache.dat
2020-09-20 09:37 - 2020-09-20 09:37 - 000000068 _____ () C:\Users\parad\AppData\Roaming\changzhi_leidian.data
2020-08-14 19:48 - 2020-08-18 19:47 - 000000498 _____ () C:\Users\parad\AppData\Roaming\ClipoxMenu (2).lnk
2021-08-17 09:00 - 2021-11-28 18:42 - 000001119 _____ () C:\Users\parad\AppData\Roaming\mscache.lock
2020-10-14 18:17 - 2020-10-14 18:17 - 000000015 _____ () C:\Users\parad\AppData\Roaming\obs-virtualcam.txt
2021-01-12 18:00 - 2021-01-12 18:00 - 000000684 _____ () C:\Users\parad\AppData\Roaming\OEMSDKHASH.txt
2020-10-10 12:42 - 2020-10-10 12:42 - 000000128 _____ () C:\Users\parad\AppData\Roaming\PUTTY.RND
2021-08-17 09:00 - 2021-11-28 18:45 - 000026591 _____ () C:\Users\parad\AppData\Roaming\salwyrr.properties.backup
2021-08-17 09:00 - 2021-11-28 18:45 - 000026591 _____ () C:\Users\parad\AppData\Roaming\slw.saves
2020-02-14 17:23 - 2020-02-14 17:23 - 000000054 _____ () C:\Users\parad\AppData\Roaming\updater.cfg
2020-09-07 17:11 - 2020-10-22 18:45 - 000004652 _____ () C:\Users\parad\AppData\Roaming\VoiceMeeterDefault.xml
2020-08-27 15:56 - 2020-08-30 12:37 - 000000120 _____ () C:\Users\parad\AppData\Local\injk.conf
2020-10-10 10:59 - 2020-10-10 12:43 - 000000128 _____ () C:\Users\parad\AppData\Local\PUTTY.RND
2020-12-14 18:49 - 2021-07-11 15:54 - 000007602 _____ () C:\Users\parad\AppData\Local\Resmon.ResmonCfg
2020-08-04 12:33 - 2020-08-04 12:34 - 000000015 _____ () C:\Users\parad\AppData\Local\update_progress.txt
==================== FLock ==============================
2019-12-07 10:14 C:\WINDOWS\system32\WindowsPowerShell
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================