Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Exécuté par a (administrateur) sur LAPTOP-FJ3B18LP (Acer Nitro AN515-42) (09-02-2022 09:46:30)
Exécuté depuis C:\Users\a\Desktop
Profils chargés: a
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1503 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bluestack Systems, Inc -> Bluestack System Inc.) C:\Program Files\BlueStacks_nxt\BstkSVC.exe
(Bluestack Systems, Inc -> BlueStack Systems) C:\Program Files\BlueStacks_nxt\HD-MultiInstanceManager.exe
(Cheat Engine -> Cheat Engine) C:\Program Files\Cheat Engine 7.2\cheatengine-x86_64-SSE4-AVX2.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Corsair Memory, Inc. -> Elgato Systems GmbH) C:\Program Files\Elgato\GameCapture\VideoCaptureFilterProperties.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Hugh Bailey -> ) C:\Program Files\obs-studio\obs-plugins\64bit\obs-browser-page.exe <4>
(Hugh Bailey -> OBS) C:\Program Files\obs-studio\bin\64bit\obs64.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Leosoft EOOD -> ) C:\Program Files (x86)\Eye Saver\Eye Saver.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <37>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14827.20158.0_x86__8wekyb3d8bbwe\Office16\SDXHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14827.20158.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <31>
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) E:\Microvirt\MEmu\MemuService.exe
(ShangHai ZhangZheng Network Technology Co., Ltd. -> ShangHai ZhangZheng Network Technology Co., Ltd.) C:\Program Files (x86)\3uTools\3uTools.exe
(The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-unity-helper.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\x64\mksSandbox.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\x64\vmware-vmx.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(voidtools -> voidtools) C:\Program Files (x86)\Everything\Everything.exe <2>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2020-12-03] () [Fichier non signé]
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1706312 2020-03-13] (voidtools -> voidtools)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710776 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-12-13] (Adobe Inc. -> )
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Eye Saver] => C:\Program Files (x86)\Eye Saver\Eye Saver.exe [2628600 2019-11-30] (Leosoft EOOD -> )
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Discord] => C:\Users\a\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33637856 2022-02-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\a\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2022-01-29] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [432320 2021-10-04] (Parsec Cloud, Inc. -> Parsec)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Norton Download Manager{NSBU222005-SHPD-FSD52405}] => C:\Users\Public\Downloads\Norton\{NSBU222005-SHPD-FSD52405}\FSDUI_Custom.exe /m /SHOWONECLICK /WIN10_UPGRADE "C:\Users\a\AppData\Local\Temp\{D18A2309-F2CD-42AE-8696-5D53DA4A9C98}\Upgrade.exe" (Pas de fichier) <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {053D5D1D-5DFD-4F0D-9589-4C339CD268B8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-29] (Overwolf Ltd -> Overwolf LTD)
Task: {274425E3-E991-45CB-9C8E-4E21E7ED2860} - System32\Tasks\Opera GX scheduled Autoupdate 1632593824 => C:\Users\a\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-01] (Opera Software AS -> Opera Software)
Task: {2A81D945-B5F1-4C75-BB49-37A892970CCB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {37915794-5126-497E-8DF0-F1FAAC2A827C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3AE9162F-8D68-4F1A-8E30-4D242ADAEFEB} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {442994F4-716A-4335-9198-730FDBCCF600} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4ED82754-2F84-46DE-8A8D-F325E5F1263A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {549D841C-13F1-414C-8D94-A94DD1C44003} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {59548CA6-625C-4475-8E04-FD1C19C70CA8} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [Fichier non signé]
Task: {7290607C-D260-4C78-A851-3FB951975CC1} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-08-19] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {72B6C47F-6688-4C46-B834-018A18B9D47E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F7F893C-2B5E-41FA-81F4-45050C523440} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {90A368A5-AB83-4EAC-A07A-1B990D18BB67} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {950AAD62-938E-4987-B8C1-46CB850D8A30} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe /submit (Pas de fichier)
Task: {96E6473F-BF75-4310-AC84-FA0DED7BC2D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CDD76CD5-4BF4-4A09-8C21-851CF2D0349C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DADDBDD6-3A2D-4BA7-80FE-13603927923F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F81F7876-0171-41C3-B9DE-FBE5E005C117} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1632939471 => C:\Users\a\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\a\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {FC751EEA-7AED-4DBE-99CF-ED5B63E2BC00} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Tcpip\..\Interfaces\{8fc95b9f-0efd-4b6f-8359-8383b29b25dd}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{da173133-b321-4e96-a1ed-3f8bdc7fd1e7}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-09]
Edge Extension: (SaltBot) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bholoegapebhflljekancpcnajigaiih [2021-10-22]
Edge Extension: (Violentmonkey) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eeagobfjdenkkddmbclomhiblgggliao [2022-02-08]
Edge Extension: (Stay secure with CyberGhost) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjpipmgnfkndeoohbimamibmccikkpnm [2022-02-02]
Edge Extension: (Dark Reader) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2022-02-05]
Edge Extension: (uBlock Origin) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-01-19]
Edge Extension: (FFBE Sync) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pjcodgpdnfndnjegedmjnlamjfkigied [2022-02-07]
FireFox:
========
FF DefaultProfile: etx18klf.default
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\etx18klf.default [2022-01-26]
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release [2022-02-09]
FF Homepage: Mozilla\Firefox\Profiles\idofbb8r.default-release -> hxxps://loult.family/
FF Session Restore: Mozilla\Firefox\Profiles\idofbb8r.default-release -> est activé.
FF Extension: (Firefox Multi-Account Containers) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\@testpilot-containers.xpi [2022-01-31]
FF Extension: (Dark Reader) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\addon@darkreader.org.xpi [2022-02-07]
FF Extension: (Exhentai Passport) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\exhentaipassport@harytfw.xpi [2022-01-26]
FF Extension: (OneTab) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\extension@one-tab.com.xpi [2021-04-13]
FF Extension: (FoxyProxy Standard) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\foxyproxy@eric.h.jung.xpi [2022-02-04]
FF Extension: (To Google Translate) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-23]
FF Extension: (Decentraleyes) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-01]
FF Extension: (Privacy Badger) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-30]
FF Extension: (Strict Pop-up Blocker) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2022-02-04]
FF Extension: (Behind The Overlay) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-Y3WfE7td45aWDw@jetpack.xpi [2021-04-13]
FF Extension: (MGCM Dumper) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\mgcm-dumper@nya.xpi [2021-12-25]
FF Extension: (Song id) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\song-id@losnappas.xpi [2021-04-13]
FF Extension: (SponsorBlock pour YouTube - Supprime les publicités intégrées) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\sponsorBlocker@ajay.app.xpi [2022-02-04]
FF Extension: (uBlock Origin) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-01-13]
FF Extension: (MetaMask) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\webextension@metamask.io.xpi [2021-12-24]
FF Extension: (Sakuga Extended) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{1d610bd0-ebe2-4472-8d9c-30759ba0fb57}.xpi [2021-07-14]
FF Extension: (Youtube to MP3 Converter - YTMP3.EU) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{2eded70b-8e41-4c8a-8067-771da68fe474}.xpi [2021-06-15]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2022-02-04]
FF Extension: (FFBE Sync) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{5d13c6a3-8d39-4f8a-8abf-3a73d2ba96a1}.xpi [2022-02-06] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Cookie Quick Manager) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{60f82f00-9ad5-4de5-b31c-b16a47c51558}.xpi [2021-04-13]
FF Extension: (ClearURLs) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-12-30]
FF Extension: (LISTEN.moe) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{75335b99-d4ea-4e4c-bbda-aa3e54987884}.xpi [2021-04-13]
FF Extension: (Video Speed Controller) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2021-04-13]
FF Extension: (SAG) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{a5f925a5-be86-4f38-bd8b-d16be47c89bb}.xpi [2021-11-01]
FF Extension: (Créer un nouveau script) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2021-05-05]
FF Extension: (Snowflake) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{b11bea1f-a888-4332-8d8a-cec2be7d24b9}.xpi [2022-01-28]
FF Extension: (Random User-Agent) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{b43b974b-1d3a-4232-b226-eaa2ac6ebb69}.xpi [2022-01-29]
FF Extension: (Video DownloadHelper) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02]
FF Extension: (Buster: Captcha Solver for Humans) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2021-11-02]
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhmphnocemakkjdampibehejoaleebpo]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1151804907-3945135748-2469712245-1001) Opera GXStable - "C:\Users\a\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300352 2018-12-11] (Acer Incorporated -> Acer Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810984 2022-01-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1706312 2020-03-13] (voidtools -> voidtools)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; E:\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-29] (Overwolf Ltd -> Overwolf LTD)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [396488 2021-10-04] (Parsec Cloud, Inc. -> Parsec)
S3 PSSvc; C:\Program Files (x86)\Acer\NitroSense Service\PSSvc.exe [717120 2018-09-10] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-15] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2018-12-17] (Acer Incorporated -> Acer Incorporated)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\amdkmdag.sys [82871896 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 avssamp; C:\WINDOWS\System32\drivers\avssamp.sys [55360 2021-02-09] (App N'Soft -> Windows (R) Win 7 DDK provider)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-08-19] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 ElgatoGC658Y; C:\WINDOWS\System32\Drivers\ElgatoGC658.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2020-11-08] (Elgato Systems LLC -> Elgato Systems GmbH)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2021-08-23] (MyTestCertificate -> Oracle Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-02] (Malwarebytes Inc -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [47760 2021-09-01] (SteelSeries ApS -> SteelSeries ApS)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2021-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-10-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489984 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WOVAD; C:\WINDOWS\System32\drivers\womic.sys [37864 2021-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-09 09:46 - 2022-02-09 09:47 - 000031710 _____ C:\Users\a\Desktop\FRST.txt
2022-02-09 09:45 - 2022-02-09 09:47 - 000000000 ____D C:\FRST
2022-02-09 09:41 - 2022-02-09 09:41 - 002311680 _____ (Farbar) C:\Users\a\Desktop\FRST64.exe
2022-02-09 06:33 - 2022-02-09 06:33 - 165170761 _____ C:\Users\a\Downloads\Sexy Airlines_v2.2.4.3_MOD_modded-1.com.apk
2022-02-09 06:33 - 2022-02-09 06:33 - 000002029 _____ C:\Users\a\Desktop\SexyAirlines - BlueStacks 2.lnk
2022-02-08 19:22 - 2022-02-08 19:22 - 000463949 _____ C:\Users\a\Desktop\ZHPDiag.txt
2022-02-08 19:08 - 2022-02-08 19:08 - 003479704 _____ (Nicolas Coolman) C:\Users\a\Desktop\ZHPSuite.exe
2022-02-08 19:06 - 2022-02-08 19:06 - 000464196 _____ C:\Users\a\Desktop\ZHPDia.txt
2022-02-08 18:52 - 2022-02-08 18:52 - 000000865 _____ C:\Users\a\Desktop\ZHPSuite.lnk
2022-02-08 18:49 - 2022-02-08 18:49 - 000000000 ____D C:\Users\a\AppData\Local\ZHP
2022-02-08 08:34 - 2022-02-08 08:34 - 001166032 _____ C:\Users\a\Downloads\FL0V3R_2022-02-08_units.json
2022-02-08 08:34 - 2022-02-08 08:34 - 000045205 _____ C:\Users\a\Downloads\FL0V3R_2022-02-08_inventory.json
2022-02-08 08:34 - 2022-02-08 08:34 - 000027826 _____ C:\Users\a\Downloads\FL0V3R_2022-02-08_consumables.json
2022-02-08 04:06 - 2022-02-08 04:06 - 096731136 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-02-08 04:00 - 2022-02-08 04:06 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-02-08 03:47 - 2022-02-08 03:47 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-08 03:47 - 2022-02-08 03:47 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-08 03:47 - 2022-02-08 03:47 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-08 03:47 - 2022-02-08 03:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-08 03:47 - 2022-02-08 03:47 - 000011805 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-08 03:43 - 2022-02-08 03:44 - 000000000 ____D C:\AdwCleaner
2022-02-08 03:43 - 2022-02-08 03:43 - 008540344 _____ (Malwarebytes) C:\Users\a\Downloads\adwcleaner_8.3.1.exe
2022-02-08 03:36 - 2022-02-08 03:36 - 000000000 ___HD C:\$WinREAgent
2022-02-07 22:24 - 2022-02-07 22:25 - 000896165 _____ C:\Users\a\Downloads\DyingLightGame.[v4.0.4].CT
2022-02-07 03:16 - 2022-02-07 03:17 - 162296000 _____ C:\Users\a\Downloads\game-streets.of.rogue-(53312).rar
2022-02-07 02:42 - 2022-02-07 02:42 - 069573270 _____ C:\Users\a\Downloads\game-elasto.mania-(52917).rar
2022-02-07 02:28 - 2022-02-07 02:29 - 094557210 _____ C:\Users\a\Downloads\game-night.lights-(52940).rar
2022-02-06 08:48 - 2022-02-06 08:48 - 000000248 _____ C:\Users\a\Desktop\ullimited bad luck.txt
2022-02-05 18:48 - 2022-02-05 18:48 - 004773304 _____ (Turnssoft) C:\Users\a\Downloads\MiniMouseMacro.exe
2022-02-04 00:20 - 2022-02-04 00:20 - 000768460 _____ C:\WINDOWS\Minidump\020422-13750-01.dmp
2022-01-31 07:46 - 2022-01-31 07:46 - 001757860 _____ C:\WINDOWS\Minidump\013122-19281-01.dmp
2022-01-31 07:37 - 2022-01-31 07:40 - 000000000 ____D C:\Users\a\AppData\Roaming\Wireshark
2022-01-31 06:00 - 2022-01-31 06:37 - 000012170 _____ C:\Users\a\Documents\ce.ods
2022-01-31 00:56 - 2022-01-31 00:56 - 002134636 _____ C:\WINDOWS\Minidump\013122-22843-01.dmp
2022-01-30 06:06 - 2022-01-30 06:07 - 037712792 _____ (JetBrains) C:\Users\a\Downloads\JetBrains.dotPeek.2021.3.2.web.exe
2022-01-30 05:12 - 2022-01-30 05:12 - 000007604 _____ C:\Users\a\AppData\Local\Resmon.ResmonCfg
2022-01-30 05:08 - 2022-01-30 05:08 - 000003460 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2022-01-30 05:08 - 2022-01-30 05:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2022-01-30 05:08 - 2022-01-30 05:08 - 000000000 ____D C:\WINDOWS\system32\Npcap
2022-01-30 05:05 - 2022-01-30 05:10 - 000000000 ____D C:\Program Files\Wireshark
2022-01-30 04:32 - 2022-01-30 04:32 - 077397160 _____ (Wireshark development team) C:\Users\a\Downloads\Wireshark-win64-3.6.1.exe
2022-01-30 01:12 - 2022-01-30 01:12 - 008807709 _____ C:\Users\a\Downloads\AdeptiScanner.V1.1.zip
2022-01-29 03:46 - 2022-01-31 07:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-27 16:55 - 2022-01-27 16:55 - 000002217 _____ C:\Users\a\Desktop\Discord.lnk
2022-01-27 16:55 - 2022-01-27 16:55 - 000000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2022-01-27 16:54 - 2022-02-08 03:21 - 000000000 ____D C:\Users\a\AppData\Local\Discord
2022-01-27 15:52 - 2022-01-27 15:55 - 000002137 _____ C:\Users\a\Desktop\kprm-20220127155245.txt
2022-01-27 15:52 - 2022-01-27 15:52 - 000000000 ____D C:\KPRM
2022-01-25 19:20 - 2022-01-25 20:56 - 000012115 _____ C:\Users\a\Documents\rw.ods
2022-01-25 19:11 - 2022-01-25 19:11 - 000015641 _____ C:\Users\a\Documents\lapin.ods
2022-01-23 20:16 - 2022-01-23 20:16 - 000000000 ____D C:\Users\Public\Downloads\Norton
2022-01-23 19:59 - 2022-02-08 19:06 - 000574108 _____ C:\Users\a\Desktop\ZHPDiag.html
2022-01-23 19:34 - 2022-01-23 19:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-01-23 19:20 - 2022-01-23 19:20 - 013059056 _____ (NortonLifeLock Inc.) C:\Users\a\Downloads\NRnR.exe
2022-01-23 16:40 - 2022-01-23 16:40 - 000000000 ____D C:\Users\Public\Security Sessions
2022-01-23 16:29 - 2022-01-23 16:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2022-01-23 16:27 - 2022-01-23 16:40 - 000000000 ____D C:\Users\a\AppData\Local\Avira
2022-01-23 16:27 - 2022-01-23 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-01-23 16:26 - 2022-01-23 19:37 - 000000000 ____D C:\Program Files (x86)\Avira
2022-01-23 16:26 - 2022-01-23 19:36 - 000000000 ____D C:\ProgramData\Avira
2022-01-23 15:58 - 2022-01-23 16:05 - 000000000 ____D C:\Users\a\AppData\Roaming\Code
2022-01-23 15:58 - 2022-01-23 15:58 - 000000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-01-23 15:58 - 2022-01-23 15:58 - 000000000 ____D C:\Users\a\.vscode
2022-01-23 05:07 - 2022-01-23 05:07 - 000000000 ____D C:\Users\a\AppData\Local\Yandex
2022-01-23 05:06 - 2022-01-23 05:06 - 004235543 _____ C:\Users\a\Downloads\GameDev.rar
2022-01-20 23:25 - 2022-01-20 23:25 - 000000929 _____ C:\Users\Public\Desktop\My Friend Pedro.lnk
2022-01-20 23:25 - 2022-01-20 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Friend Pedro [GOG.com]
2022-01-20 23:20 - 2022-01-20 23:20 - 000001030 _____ C:\Users\Public\Desktop\VA-11 Hall-A - Cyberpunk Bartender Action.lnk
2022-01-20 23:20 - 2022-01-20 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VA-11 Hall-A - Cyberpunk Bartender Action [GOG.com]
2022-01-20 23:17 - 2022-01-20 23:17 - 000000000 ____D C:\Users\a\AppData\Local\VA_11_Hall_A
2022-01-20 16:25 - 2022-01-23 19:44 - 000000000 ____D C:\Users\a\AppData\Roaming\Parsec
2022-01-20 16:25 - 2022-01-20 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parsec
2022-01-20 16:25 - 2022-01-20 16:25 - 000000000 ____D C:\Program Files\Parsec
2022-01-19 21:25 - 2022-01-19 21:25 - 000027669 _____ C:\Users\a\Downloads\FL0V3R_2022-01-19_consumables.json
2022-01-19 21:24 - 2022-01-19 21:25 - 000044688 _____ C:\Users\a\Downloads\FL0V3R_2022-01-19_inventory.json
2022-01-19 21:24 - 2022-01-19 21:24 - 001135994 _____ C:\Users\a\Downloads\FL0V3R_2022-01-19_units.json
2022-01-18 15:49 - 2022-01-18 15:49 - 000001521 _____ C:\Users\a\AppData\Local\recently-used.xbel
2022-01-18 00:44 - 2022-01-18 00:44 - 070752036 _____ C:\Users\a\Downloads\game-keep.in.mind.remastered-(52533).rar
2022-01-18 00:41 - 2022-01-18 00:41 - 227643562 _____ C:\Users\a\Downloads\game-haunt.the.house.terrortown-(52765).rar
2022-01-16 00:08 - 2022-01-16 00:09 - 162184492 _____ C:\Users\a\Downloads\game-slipstream-(52778).rar
2022-01-16 00:08 - 2022-01-16 00:08 - 110720644 _____ C:\Users\a\Downloads\game-cave.story-(52675).rar
2022-01-15 20:16 - 2022-01-15 20:16 - 000000000 ____D C:\Users\a\Downloads\materials
2022-01-15 19:41 - 2022-01-15 19:41 - 000000000 ____D C:\Users\a\AppData\Local\Andrew_De_La_Fuente
2022-01-15 19:10 - 2022-01-15 19:10 - 001991924 _____ C:\WINDOWS\Minidump\011522-24187-01.dmp
2022-01-13 23:10 - 2022-01-13 23:10 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 23:10 - 2022-01-13 23:10 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 10:15 - 2022-01-13 10:15 - 003317248 _____ C:\WINDOWS\system32\latest.exe
2022-01-10 22:59 - 2022-01-10 22:59 - 000002081 _____ C:\Users\a\Desktop\TouhouLostWord - BlueStacks 2.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-09 09:41 - 2020-09-21 19:17 - 000000000 ____D C:\Users\a\AppData\LocalLow\Mozilla
2022-02-09 09:21 - 2021-12-16 20:39 - 000000000 ____D C:\Users\a\AppData\Roaming\VMware
2022-02-09 09:21 - 2021-12-16 20:36 - 000000000 ____D C:\ProgramData\VMware
2022-02-09 09:20 - 2021-12-16 20:40 - 000000000 ____D C:\Users\a\AppData\Local\VMware
2022-02-09 08:02 - 2021-04-13 04:55 - 000795738 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-09 08:02 - 2021-04-13 04:55 - 000151394 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-09 08:02 - 2021-04-13 04:51 - 000000000 ____D C:\WINDOWS\INF
2022-02-09 08:02 - 2021-04-13 04:23 - 001779252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-09 06:41 - 2021-08-23 18:13 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2022-02-09 06:40 - 2021-04-13 05:17 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2022-02-09 06:29 - 2021-04-16 01:21 - 000000000 ____D C:\Users\a\AppData\Roaming\Telegram Desktop
2022-02-09 06:22 - 2021-07-21 14:44 - 000000000 ____D C:\Users\a\Downloads\ce
2022-02-09 05:06 - 2021-09-10 13:01 - 000000000 ____D C:\Users\a\AppData\Roaming\UnityHub
2022-02-09 04:23 - 2021-04-13 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-08 23:09 - 2021-04-13 04:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-08 22:39 - 2021-09-25 19:17 - 000004212 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1632593824
2022-02-08 22:39 - 2021-09-25 19:17 - 000001430 _____ C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2022-02-08 21:08 - 2021-05-08 21:23 - 000000000 ____D C:\Program Files (x86)\3uTools
2022-02-08 19:22 - 2021-11-16 05:52 - 000000000 ____D C:\Users\a\AppData\Roaming\ZHP
2022-02-08 04:12 - 2021-04-13 05:02 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-08 04:06 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-08 04:06 - 2021-04-13 04:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-08 04:06 - 2021-04-13 03:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-08 03:59 - 2021-04-13 05:45 - 000000000 ____D C:\Users\a\AppData\Local\Everything
2022-02-08 03:59 - 2021-04-13 05:15 - 000000000 ____D C:\Users\a\AppData\Roaming\Everything
2022-02-08 03:59 - 2021-04-13 04:46 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-08 03:59 - 2019-09-08 17:58 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-02-08 03:54 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-08 03:52 - 2021-04-13 04:04 - 000451496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-08 03:50 - 2021-04-13 04:47 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-08 03:47 - 2021-04-13 04:07 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-08 03:33 - 2021-04-13 04:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-08 03:31 - 2021-04-13 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-08 03:31 - 2020-10-02 12:57 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-08 03:29 - 2021-04-14 04:12 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-08 03:26 - 2021-04-13 06:43 - 000000000 ____D C:\Users\a\AppData\Roaming\discord
2022-02-07 22:34 - 2020-10-30 09:02 - 000000000 ____D C:\Users\a\Downloads\fearlessrevolution
2022-02-07 22:23 - 2021-04-18 03:52 - 000000000 ____D C:\Users\a\AppData\Local\CrashDumps
2022-02-07 09:29 - 2021-04-13 06:49 - 000000000 ____D C:\Users\a\AppData\Roaming\obs-studio
2022-02-07 06:26 - 2021-04-13 06:00 - 000000000 ____D C:\Users\a\AppData\Roaming\vlc
2022-02-07 05:38 - 2021-04-13 06:47 - 000000000 ____D C:\Users\a\AppData\Roaming\qBittorrent
2022-02-05 21:46 - 2021-05-04 22:03 - 000000000 ____D C:\Users\a\AppData\Roaming\Teeworlds
2022-02-05 02:39 - 2021-04-14 04:39 - 000000000 ____D C:\Users\a\AppData\Local\Warframe
2022-02-04 20:36 - 2021-05-04 23:20 - 000000000 ____D C:\Users\a\AppData\Local\AMD_Common
2022-02-04 00:20 - 2021-07-21 17:04 - 000000000 ____D C:\WINDOWS\Minidump
2022-02-04 00:18 - 2021-12-15 03:16 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-02-04 00:17 - 2021-04-13 04:14 - 000000000 ____D C:\Users\a
2022-02-03 03:00 - 2021-07-27 23:05 - 000000000 ____D C:\Users\a\AppData\Local\Loop_Hero
2022-02-02 22:35 - 2021-12-18 23:38 - 000002317 _____ C:\Users\a\Desktop\Porofessor.gg.lnk
2022-02-02 18:33 - 2021-12-16 08:16 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-02-02 18:33 - 2021-12-16 08:15 - 000000000 ____D C:\Users\a\AppData\Local\Overwolf
2022-02-02 18:30 - 2021-04-14 03:39 - 000000000 ____D C:\ProgramData\Riot Games
2022-02-01 19:57 - 2020-11-21 08:00 - 000000000 ____D C:\Users\a\.Ld2VirtualBox
2022-02-01 05:09 - 2021-04-22 02:44 - 000000000 ____D C:\Users\a\AppData\Roaming\audacity
2022-01-31 07:46 - 2019-09-08 18:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-31 05:59 - 2020-09-22 13:27 - 000000000 ____D C:\j
2022-01-31 00:56 - 2021-10-12 17:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-31 00:56 - 2019-09-08 18:34 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-30 22:20 - 2021-04-13 05:52 - 000000000 ____D C:\Users\a\AppData\Local\osu!
2022-01-30 05:31 - 2021-12-16 21:09 - 000000000 ____D C:\Users\a\Documents\Virtual Machines
2022-01-30 05:08 - 2021-04-27 20:24 - 000000000 ____D C:\Program Files\Npcap
2022-01-30 05:07 - 2019-09-08 17:57 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-30 04:50 - 2021-11-16 07:53 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-30 04:50 - 2021-11-16 05:50 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-30 04:50 - 2021-07-02 18:15 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-30 04:49 - 2021-07-02 18:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-30 04:49 - 2021-07-02 18:15 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-30 04:37 - 2021-12-07 18:08 - 000000000 ____D C:\Users\a\AppData\Roaming\HandBrake
2022-01-30 03:17 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\Registration
2022-01-30 01:08 - 2020-09-22 13:27 - 000000000 ____D C:\Users\a\Downloads\Localisation
2022-01-29 18:44 - 2022-01-05 10:12 - 000000000 ____D C:\Users\a\AppData\Roaming\.tlauncher
2022-01-29 18:43 - 2022-01-05 10:12 - 000000000 ____D C:\Users\a\AppData\Roaming\.minecraft
2022-01-27 16:55 - 2021-04-13 06:43 - 000000000 ____D C:\Users\a\AppData\Local\SquirrelTemp
2022-01-26 18:55 - 2021-12-13 15:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1151804907-3945135748-2469712245-1001
2022-01-26 18:55 - 2021-04-13 04:29 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1151804907-3945135748-2469712245-1001
2022-01-26 18:55 - 2021-04-13 04:14 - 000002413 _____ C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-26 14:14 - 2021-04-15 01:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2022-01-26 02:17 - 2021-04-13 04:10 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 02:17 - 2021-04-13 04:10 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-23 20:16 - 2019-09-08 18:35 - 000000000 ____D C:\ProgramData\Norton
2022-01-23 19:34 - 2021-04-13 04:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-23 19:30 - 2019-09-08 18:36 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2022-01-23 16:22 - 2021-11-16 06:47 - 000011946 _____ C:\Users\a\Desktop\ZHPCleaner (R).html
2022-01-23 16:20 - 2021-11-16 06:29 - 000011741 _____ C:\Users\a\Desktop\ZHPCleaner (S).html
2022-01-18 16:01 - 2021-11-05 08:22 - 000000000 ____D C:\Users\a\AppData\Local\Adobe
2022-01-18 15:49 - 2021-06-04 20:34 - 000000000 ____D C:\Users\a\AppData\Local\babl-0.1
2022-01-18 01:20 - 2021-07-18 23:01 - 000017408 _____ C:\Users\a\AppData\Local\WebpageIcons.db
2022-01-16 11:59 - 2021-04-13 04:27 - 000000000 ____D C:\Users\a\AppData\Local\D3DSCache
2022-01-15 19:14 - 2021-04-13 04:46 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-15 19:10 - 2021-04-13 04:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-15 19:10 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-15 19:10 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 22:57 - 2021-04-13 04:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 22:52 - 2021-04-13 04:31 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 10:15 - 2020-10-18 16:01 - 000000000 ____D C:\Users\a\Documents\Audacity
2022-01-11 21:30 - 2021-09-10 13:01 - 000000000 ____D C:\Users\a\AppData\Local\unityhub-updater
==================== Fichiers à la racine de certains dossiers ========
2021-05-19 21:15 - 2021-12-16 02:20 - 000000032 _____ () C:\Users\a\AppData\Roaming\.machineId
2021-04-13 05:07 - 2021-04-13 05:07 - 000000068 _____ () C:\Users\a\AppData\Roaming\changzhi_leidian.data
2021-08-23 17:40 - 2021-08-23 17:40 - 000000102 _____ () C:\Users\a\AppData\Roaming\changzhi_leidianmac.data
2021-04-18 04:10 - 2021-10-31 04:33 - 000003025 _____ () C:\Users\a\AppData\Roaming\ExaltMultiTool_Settings.bin
2021-12-15 04:27 - 2021-12-15 04:27 - 000003043 _____ () C:\Users\a\AppData\Roaming\ff3a46e5-63e5-4739-9724-0e3f92623700.tmp
2021-10-31 02:24 - 2021-10-31 02:24 - 000000258 _____ () C:\Users\a\AppData\Roaming\MelonLoader.Installer.cfg
2021-07-18 22:35 - 2021-11-04 22:14 - 000000015 _____ () C:\Users\a\AppData\Roaming\obs-virtualcam.txt
2021-05-16 14:02 - 2021-05-16 14:02 - 000000048 _____ () C:\Users\a\AppData\Roaming\~SiMPLEX.ini
2021-11-06 03:39 - 2021-11-26 22:44 - 000001456 _____ () C:\Users\a\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2022-01-18 15:49 - 2022-01-18 15:49 - 000001521 _____ () C:\Users\a\AppData\Local\recently-used.xbel
2022-01-30 05:12 - 2022-01-30 05:12 - 000007604 _____ () C:\Users\a\AppData\Local\Resmon.ResmonCfg
2021-07-18 23:01 - 2022-01-18 01:20 - 000017408 _____ () C:\Users\a\AppData\Local\WebpageIcons.db
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par a (administrateur) sur LAPTOP-FJ3B18LP (Acer Nitro AN515-42) (09-02-2022 09:46:30)
Exécuté depuis C:\Users\a\Desktop
Profils chargés: a
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1503 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bluestack Systems, Inc -> Bluestack System Inc.) C:\Program Files\BlueStacks_nxt\BstkSVC.exe
(Bluestack Systems, Inc -> BlueStack Systems) C:\Program Files\BlueStacks_nxt\HD-MultiInstanceManager.exe
(Cheat Engine -> Cheat Engine) C:\Program Files\Cheat Engine 7.2\cheatengine-x86_64-SSE4-AVX2.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Corsair Memory, Inc. -> Elgato Systems GmbH) C:\Program Files\Elgato\GameCapture\VideoCaptureFilterProperties.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Hugh Bailey -> ) C:\Program Files\obs-studio\obs-plugins\64bit\obs-browser-page.exe <4>
(Hugh Bailey -> OBS) C:\Program Files\obs-studio\bin\64bit\obs64.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Leosoft EOOD -> ) C:\Program Files (x86)\Eye Saver\Eye Saver.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <37>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14827.20158.0_x86__8wekyb3d8bbwe\Office16\SDXHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14827.20158.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <31>
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) E:\Microvirt\MEmu\MemuService.exe
(ShangHai ZhangZheng Network Technology Co., Ltd. -> ShangHai ZhangZheng Network Technology Co., Ltd.) C:\Program Files (x86)\3uTools\3uTools.exe
(The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-unity-helper.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\x64\mksSandbox.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\x64\vmware-vmx.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(voidtools -> voidtools) C:\Program Files (x86)\Everything\Everything.exe <2>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2020-12-03] () [Fichier non signé]
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1706312 2020-03-13] (voidtools -> voidtools)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710776 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-12-13] (Adobe Inc. -> )
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Eye Saver] => C:\Program Files (x86)\Eye Saver\Eye Saver.exe [2628600 2019-11-30] (Leosoft EOOD -> )
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Discord] => C:\Users\a\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33637856 2022-02-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\a\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2022-01-29] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [432320 2021-10-04] (Parsec Cloud, Inc. -> Parsec)
HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\...\Run: [Norton Download Manager{NSBU222005-SHPD-FSD52405}] => C:\Users\Public\Downloads\Norton\{NSBU222005-SHPD-FSD52405}\FSDUI_Custom.exe /m /SHOWONECLICK /WIN10_UPGRADE "C:\Users\a\AppData\Local\Temp\{D18A2309-F2CD-42AE-8696-5D53DA4A9C98}\Upgrade.exe" (Pas de fichier) <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {053D5D1D-5DFD-4F0D-9589-4C339CD268B8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-29] (Overwolf Ltd -> Overwolf LTD)
Task: {274425E3-E991-45CB-9C8E-4E21E7ED2860} - System32\Tasks\Opera GX scheduled Autoupdate 1632593824 => C:\Users\a\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-01] (Opera Software AS -> Opera Software)
Task: {2A81D945-B5F1-4C75-BB49-37A892970CCB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {37915794-5126-497E-8DF0-F1FAAC2A827C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3AE9162F-8D68-4F1A-8E30-4D242ADAEFEB} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {442994F4-716A-4335-9198-730FDBCCF600} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4ED82754-2F84-46DE-8A8D-F325E5F1263A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {549D841C-13F1-414C-8D94-A94DD1C44003} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {59548CA6-625C-4475-8E04-FD1C19C70CA8} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [Fichier non signé]
Task: {7290607C-D260-4C78-A851-3FB951975CC1} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-08-19] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {72B6C47F-6688-4C46-B834-018A18B9D47E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F7F893C-2B5E-41FA-81F4-45050C523440} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {90A368A5-AB83-4EAC-A07A-1B990D18BB67} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {950AAD62-938E-4987-B8C1-46CB850D8A30} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe /submit (Pas de fichier)
Task: {96E6473F-BF75-4310-AC84-FA0DED7BC2D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CDD76CD5-4BF4-4A09-8C21-851CF2D0349C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DADDBDD6-3A2D-4BA7-80FE-13603927923F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F81F7876-0171-41C3-B9DE-FBE5E005C117} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1632939471 => C:\Users\a\AppData\Local\Programs\Opera GX\launcher.exe [2270416 2022-02-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\a\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {FC751EEA-7AED-4DBE-99CF-ED5B63E2BC00} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Tcpip\..\Interfaces\{8fc95b9f-0efd-4b6f-8359-8383b29b25dd}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{da173133-b321-4e96-a1ed-3f8bdc7fd1e7}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-09]
Edge Extension: (SaltBot) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bholoegapebhflljekancpcnajigaiih [2021-10-22]
Edge Extension: (Violentmonkey) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eeagobfjdenkkddmbclomhiblgggliao [2022-02-08]
Edge Extension: (Stay secure with CyberGhost) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjpipmgnfkndeoohbimamibmccikkpnm [2022-02-02]
Edge Extension: (Dark Reader) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2022-02-05]
Edge Extension: (uBlock Origin) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-01-19]
Edge Extension: (FFBE Sync) - C:\Users\a\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pjcodgpdnfndnjegedmjnlamjfkigied [2022-02-07]
FireFox:
========
FF DefaultProfile: etx18klf.default
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\etx18klf.default [2022-01-26]
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release [2022-02-09]
FF Homepage: Mozilla\Firefox\Profiles\idofbb8r.default-release -> hxxps://loult.family/
FF Session Restore: Mozilla\Firefox\Profiles\idofbb8r.default-release -> est activé.
FF Extension: (Firefox Multi-Account Containers) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\@testpilot-containers.xpi [2022-01-31]
FF Extension: (Dark Reader) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\addon@darkreader.org.xpi [2022-02-07]
FF Extension: (Exhentai Passport) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\exhentaipassport@harytfw.xpi [2022-01-26]
FF Extension: (OneTab) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\extension@one-tab.com.xpi [2021-04-13]
FF Extension: (FoxyProxy Standard) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\foxyproxy@eric.h.jung.xpi [2022-02-04]
FF Extension: (To Google Translate) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-23]
FF Extension: (Decentraleyes) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-01]
FF Extension: (Privacy Badger) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-30]
FF Extension: (Strict Pop-up Blocker) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2022-02-04]
FF Extension: (Behind The Overlay) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\jid1-Y3WfE7td45aWDw@jetpack.xpi [2021-04-13]
FF Extension: (MGCM Dumper) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\mgcm-dumper@nya.xpi [2021-12-25]
FF Extension: (Song id) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\song-id@losnappas.xpi [2021-04-13]
FF Extension: (SponsorBlock pour YouTube - Supprime les publicités intégrées) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\sponsorBlocker@ajay.app.xpi [2022-02-04]
FF Extension: (uBlock Origin) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-01-13]
FF Extension: (MetaMask) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\webextension@metamask.io.xpi [2021-12-24]
FF Extension: (Sakuga Extended) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{1d610bd0-ebe2-4472-8d9c-30759ba0fb57}.xpi [2021-07-14]
FF Extension: (Youtube to MP3 Converter - YTMP3.EU) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{2eded70b-8e41-4c8a-8067-771da68fe474}.xpi [2021-06-15]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2022-02-04]
FF Extension: (FFBE Sync) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{5d13c6a3-8d39-4f8a-8abf-3a73d2ba96a1}.xpi [2022-02-06] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Cookie Quick Manager) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{60f82f00-9ad5-4de5-b31c-b16a47c51558}.xpi [2021-04-13]
FF Extension: (ClearURLs) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{74145f27-f039-47ce-a470-a662b129930a}.xpi [2021-12-30]
FF Extension: (LISTEN.moe) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{75335b99-d4ea-4e4c-bbda-aa3e54987884}.xpi [2021-04-13]
FF Extension: (Video Speed Controller) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2021-04-13]
FF Extension: (SAG) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{a5f925a5-be86-4f38-bd8b-d16be47c89bb}.xpi [2021-11-01]
FF Extension: (Créer un nouveau script) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2021-05-05]
FF Extension: (Snowflake) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{b11bea1f-a888-4332-8d8a-cec2be7d24b9}.xpi [2022-01-28]
FF Extension: (Random User-Agent) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{b43b974b-1d3a-4232-b226-eaa2ac6ebb69}.xpi [2022-01-29]
FF Extension: (Video DownloadHelper) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02]
FF Extension: (Buster: Captcha Solver for Humans) - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\idofbb8r.default-release\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2021-11-02]
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-1151804907-3945135748-2469712245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhmphnocemakkjdampibehejoaleebpo]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1151804907-3945135748-2469712245-1001) Opera GXStable - "C:\Users\a\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300352 2018-12-11] (Acer Incorporated -> Acer Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810984 2022-01-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1706312 2020-03-13] (voidtools -> voidtools)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; E:\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9473408 2021-01-18] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2539864 2022-01-29] (Overwolf Ltd -> Overwolf LTD)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [396488 2021-10-04] (Parsec Cloud, Inc. -> Parsec)
S3 PSSvc; C:\Program Files (x86)\Acer\NitroSense Service\PSSvc.exe [717120 2018-09-10] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-15] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2018-12-17] (Acer Incorporated -> Acer Incorporated)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0374383.inf_amd64_12cfd68385ecddd5\B374323\amdkmdag.sys [82871896 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 avssamp; C:\WINDOWS\System32\drivers\avssamp.sys [55360 2021-02-09] (App N'Soft -> Windows (R) Win 7 DDK provider)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-08-19] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 ElgatoGC658Y; C:\WINDOWS\System32\Drivers\ElgatoGC658.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2020-11-08] (Elgato Systems LLC -> Elgato Systems GmbH)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2021-08-23] (MyTestCertificate -> Oracle Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-02] (Malwarebytes Inc -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [47760 2021-09-01] (SteelSeries ApS -> SteelSeries ApS)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2021-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-10-21] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489984 2021-11-29] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WOVAD; C:\WINDOWS\System32\drivers\womic.sys [37864 2021-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-09 09:46 - 2022-02-09 09:47 - 000031710 _____ C:\Users\a\Desktop\FRST.txt
2022-02-09 09:45 - 2022-02-09 09:47 - 000000000 ____D C:\FRST
2022-02-09 09:41 - 2022-02-09 09:41 - 002311680 _____ (Farbar) C:\Users\a\Desktop\FRST64.exe
2022-02-09 06:33 - 2022-02-09 06:33 - 165170761 _____ C:\Users\a\Downloads\Sexy Airlines_v2.2.4.3_MOD_modded-1.com.apk
2022-02-09 06:33 - 2022-02-09 06:33 - 000002029 _____ C:\Users\a\Desktop\SexyAirlines - BlueStacks 2.lnk
2022-02-08 19:22 - 2022-02-08 19:22 - 000463949 _____ C:\Users\a\Desktop\ZHPDiag.txt
2022-02-08 19:08 - 2022-02-08 19:08 - 003479704 _____ (Nicolas Coolman) C:\Users\a\Desktop\ZHPSuite.exe
2022-02-08 19:06 - 2022-02-08 19:06 - 000464196 _____ C:\Users\a\Desktop\ZHPDia.txt
2022-02-08 18:52 - 2022-02-08 18:52 - 000000865 _____ C:\Users\a\Desktop\ZHPSuite.lnk
2022-02-08 18:49 - 2022-02-08 18:49 - 000000000 ____D C:\Users\a\AppData\Local\ZHP
2022-02-08 08:34 - 2022-02-08 08:34 - 001166032 _____ C:\Users\a\Downloads\FL0V3R_2022-02-08_units.json
2022-02-08 08:34 - 2022-02-08 08:34 - 000045205 _____ C:\Users\a\Downloads\FL0V3R_2022-02-08_inventory.json
2022-02-08 08:34 - 2022-02-08 08:34 - 000027826 _____ C:\Users\a\Downloads\FL0V3R_2022-02-08_consumables.json
2022-02-08 04:06 - 2022-02-08 04:06 - 096731136 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-02-08 04:00 - 2022-02-08 04:06 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-02-08 03:47 - 2022-02-08 03:47 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-08 03:47 - 2022-02-08 03:47 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-08 03:47 - 2022-02-08 03:47 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-08 03:47 - 2022-02-08 03:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-08 03:47 - 2022-02-08 03:47 - 000011805 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-08 03:43 - 2022-02-08 03:44 - 000000000 ____D C:\AdwCleaner
2022-02-08 03:43 - 2022-02-08 03:43 - 008540344 _____ (Malwarebytes) C:\Users\a\Downloads\adwcleaner_8.3.1.exe
2022-02-08 03:36 - 2022-02-08 03:36 - 000000000 ___HD C:\$WinREAgent
2022-02-07 22:24 - 2022-02-07 22:25 - 000896165 _____ C:\Users\a\Downloads\DyingLightGame.[v4.0.4].CT
2022-02-07 03:16 - 2022-02-07 03:17 - 162296000 _____ C:\Users\a\Downloads\game-streets.of.rogue-(53312).rar
2022-02-07 02:42 - 2022-02-07 02:42 - 069573270 _____ C:\Users\a\Downloads\game-elasto.mania-(52917).rar
2022-02-07 02:28 - 2022-02-07 02:29 - 094557210 _____ C:\Users\a\Downloads\game-night.lights-(52940).rar
2022-02-06 08:48 - 2022-02-06 08:48 - 000000248 _____ C:\Users\a\Desktop\ullimited bad luck.txt
2022-02-05 18:48 - 2022-02-05 18:48 - 004773304 _____ (Turnssoft) C:\Users\a\Downloads\MiniMouseMacro.exe
2022-02-04 00:20 - 2022-02-04 00:20 - 000768460 _____ C:\WINDOWS\Minidump\020422-13750-01.dmp
2022-01-31 07:46 - 2022-01-31 07:46 - 001757860 _____ C:\WINDOWS\Minidump\013122-19281-01.dmp
2022-01-31 07:37 - 2022-01-31 07:40 - 000000000 ____D C:\Users\a\AppData\Roaming\Wireshark
2022-01-31 06:00 - 2022-01-31 06:37 - 000012170 _____ C:\Users\a\Documents\ce.ods
2022-01-31 00:56 - 2022-01-31 00:56 - 002134636 _____ C:\WINDOWS\Minidump\013122-22843-01.dmp
2022-01-30 06:06 - 2022-01-30 06:07 - 037712792 _____ (JetBrains) C:\Users\a\Downloads\JetBrains.dotPeek.2021.3.2.web.exe
2022-01-30 05:12 - 2022-01-30 05:12 - 000007604 _____ C:\Users\a\AppData\Local\Resmon.ResmonCfg
2022-01-30 05:08 - 2022-01-30 05:08 - 000003460 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2022-01-30 05:08 - 2022-01-30 05:08 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2022-01-30 05:08 - 2022-01-30 05:08 - 000000000 ____D C:\WINDOWS\system32\Npcap
2022-01-30 05:05 - 2022-01-30 05:10 - 000000000 ____D C:\Program Files\Wireshark
2022-01-30 04:32 - 2022-01-30 04:32 - 077397160 _____ (Wireshark development team) C:\Users\a\Downloads\Wireshark-win64-3.6.1.exe
2022-01-30 01:12 - 2022-01-30 01:12 - 008807709 _____ C:\Users\a\Downloads\AdeptiScanner.V1.1.zip
2022-01-29 03:46 - 2022-01-31 07:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-27 16:55 - 2022-01-27 16:55 - 000002217 _____ C:\Users\a\Desktop\Discord.lnk
2022-01-27 16:55 - 2022-01-27 16:55 - 000000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2022-01-27 16:54 - 2022-02-08 03:21 - 000000000 ____D C:\Users\a\AppData\Local\Discord
2022-01-27 15:52 - 2022-01-27 15:55 - 000002137 _____ C:\Users\a\Desktop\kprm-20220127155245.txt
2022-01-27 15:52 - 2022-01-27 15:52 - 000000000 ____D C:\KPRM
2022-01-25 19:20 - 2022-01-25 20:56 - 000012115 _____ C:\Users\a\Documents\rw.ods
2022-01-25 19:11 - 2022-01-25 19:11 - 000015641 _____ C:\Users\a\Documents\lapin.ods
2022-01-23 20:16 - 2022-01-23 20:16 - 000000000 ____D C:\Users\Public\Downloads\Norton
2022-01-23 19:59 - 2022-02-08 19:06 - 000574108 _____ C:\Users\a\Desktop\ZHPDiag.html
2022-01-23 19:34 - 2022-01-23 19:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-01-23 19:20 - 2022-01-23 19:20 - 013059056 _____ (NortonLifeLock Inc.) C:\Users\a\Downloads\NRnR.exe
2022-01-23 16:40 - 2022-01-23 16:40 - 000000000 ____D C:\Users\Public\Security Sessions
2022-01-23 16:29 - 2022-01-23 16:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2022-01-23 16:27 - 2022-01-23 16:40 - 000000000 ____D C:\Users\a\AppData\Local\Avira
2022-01-23 16:27 - 2022-01-23 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-01-23 16:26 - 2022-01-23 19:37 - 000000000 ____D C:\Program Files (x86)\Avira
2022-01-23 16:26 - 2022-01-23 19:36 - 000000000 ____D C:\ProgramData\Avira
2022-01-23 15:58 - 2022-01-23 16:05 - 000000000 ____D C:\Users\a\AppData\Roaming\Code
2022-01-23 15:58 - 2022-01-23 15:58 - 000000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-01-23 15:58 - 2022-01-23 15:58 - 000000000 ____D C:\Users\a\.vscode
2022-01-23 05:07 - 2022-01-23 05:07 - 000000000 ____D C:\Users\a\AppData\Local\Yandex
2022-01-23 05:06 - 2022-01-23 05:06 - 004235543 _____ C:\Users\a\Downloads\GameDev.rar
2022-01-20 23:25 - 2022-01-20 23:25 - 000000929 _____ C:\Users\Public\Desktop\My Friend Pedro.lnk
2022-01-20 23:25 - 2022-01-20 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Friend Pedro [GOG.com]
2022-01-20 23:20 - 2022-01-20 23:20 - 000001030 _____ C:\Users\Public\Desktop\VA-11 Hall-A - Cyberpunk Bartender Action.lnk
2022-01-20 23:20 - 2022-01-20 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VA-11 Hall-A - Cyberpunk Bartender Action [GOG.com]
2022-01-20 23:17 - 2022-01-20 23:17 - 000000000 ____D C:\Users\a\AppData\Local\VA_11_Hall_A
2022-01-20 16:25 - 2022-01-23 19:44 - 000000000 ____D C:\Users\a\AppData\Roaming\Parsec
2022-01-20 16:25 - 2022-01-20 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parsec
2022-01-20 16:25 - 2022-01-20 16:25 - 000000000 ____D C:\Program Files\Parsec
2022-01-19 21:25 - 2022-01-19 21:25 - 000027669 _____ C:\Users\a\Downloads\FL0V3R_2022-01-19_consumables.json
2022-01-19 21:24 - 2022-01-19 21:25 - 000044688 _____ C:\Users\a\Downloads\FL0V3R_2022-01-19_inventory.json
2022-01-19 21:24 - 2022-01-19 21:24 - 001135994 _____ C:\Users\a\Downloads\FL0V3R_2022-01-19_units.json
2022-01-18 15:49 - 2022-01-18 15:49 - 000001521 _____ C:\Users\a\AppData\Local\recently-used.xbel
2022-01-18 00:44 - 2022-01-18 00:44 - 070752036 _____ C:\Users\a\Downloads\game-keep.in.mind.remastered-(52533).rar
2022-01-18 00:41 - 2022-01-18 00:41 - 227643562 _____ C:\Users\a\Downloads\game-haunt.the.house.terrortown-(52765).rar
2022-01-16 00:08 - 2022-01-16 00:09 - 162184492 _____ C:\Users\a\Downloads\game-slipstream-(52778).rar
2022-01-16 00:08 - 2022-01-16 00:08 - 110720644 _____ C:\Users\a\Downloads\game-cave.story-(52675).rar
2022-01-15 20:16 - 2022-01-15 20:16 - 000000000 ____D C:\Users\a\Downloads\materials
2022-01-15 19:41 - 2022-01-15 19:41 - 000000000 ____D C:\Users\a\AppData\Local\Andrew_De_La_Fuente
2022-01-15 19:10 - 2022-01-15 19:10 - 001991924 _____ C:\WINDOWS\Minidump\011522-24187-01.dmp
2022-01-13 23:10 - 2022-01-13 23:10 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 23:10 - 2022-01-13 23:10 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 10:15 - 2022-01-13 10:15 - 003317248 _____ C:\WINDOWS\system32\latest.exe
2022-01-10 22:59 - 2022-01-10 22:59 - 000002081 _____ C:\Users\a\Desktop\TouhouLostWord - BlueStacks 2.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-02-09 09:41 - 2020-09-21 19:17 - 000000000 ____D C:\Users\a\AppData\LocalLow\Mozilla
2022-02-09 09:21 - 2021-12-16 20:39 - 000000000 ____D C:\Users\a\AppData\Roaming\VMware
2022-02-09 09:21 - 2021-12-16 20:36 - 000000000 ____D C:\ProgramData\VMware
2022-02-09 09:20 - 2021-12-16 20:40 - 000000000 ____D C:\Users\a\AppData\Local\VMware
2022-02-09 08:02 - 2021-04-13 04:55 - 000795738 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-09 08:02 - 2021-04-13 04:55 - 000151394 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-09 08:02 - 2021-04-13 04:51 - 000000000 ____D C:\WINDOWS\INF
2022-02-09 08:02 - 2021-04-13 04:23 - 001779252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-09 06:41 - 2021-08-23 18:13 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2022-02-09 06:40 - 2021-04-13 05:17 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2022-02-09 06:29 - 2021-04-16 01:21 - 000000000 ____D C:\Users\a\AppData\Roaming\Telegram Desktop
2022-02-09 06:22 - 2021-07-21 14:44 - 000000000 ____D C:\Users\a\Downloads\ce
2022-02-09 05:06 - 2021-09-10 13:01 - 000000000 ____D C:\Users\a\AppData\Roaming\UnityHub
2022-02-09 04:23 - 2021-04-13 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-08 23:09 - 2021-04-13 04:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-08 22:39 - 2021-09-25 19:17 - 000004212 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1632593824
2022-02-08 22:39 - 2021-09-25 19:17 - 000001430 _____ C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2022-02-08 21:08 - 2021-05-08 21:23 - 000000000 ____D C:\Program Files (x86)\3uTools
2022-02-08 19:22 - 2021-11-16 05:52 - 000000000 ____D C:\Users\a\AppData\Roaming\ZHP
2022-02-08 04:12 - 2021-04-13 05:02 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-08 04:06 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-08 04:06 - 2021-04-13 04:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-08 04:06 - 2021-04-13 03:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-08 03:59 - 2021-04-13 05:45 - 000000000 ____D C:\Users\a\AppData\Local\Everything
2022-02-08 03:59 - 2021-04-13 05:15 - 000000000 ____D C:\Users\a\AppData\Roaming\Everything
2022-02-08 03:59 - 2021-04-13 04:46 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-08 03:59 - 2019-09-08 17:58 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-02-08 03:54 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-08 03:52 - 2021-04-13 04:04 - 000451496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-08 03:51 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-08 03:50 - 2021-04-13 04:47 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-08 03:47 - 2021-04-13 04:07 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-02-08 03:33 - 2021-04-13 04:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-08 03:31 - 2021-04-13 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-08 03:31 - 2020-10-02 12:57 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-08 03:29 - 2021-04-14 04:12 - 000000000 ____D C:\Program Files (x86)\Steam
2022-02-08 03:26 - 2021-04-13 06:43 - 000000000 ____D C:\Users\a\AppData\Roaming\discord
2022-02-07 22:34 - 2020-10-30 09:02 - 000000000 ____D C:\Users\a\Downloads\fearlessrevolution
2022-02-07 22:23 - 2021-04-18 03:52 - 000000000 ____D C:\Users\a\AppData\Local\CrashDumps
2022-02-07 09:29 - 2021-04-13 06:49 - 000000000 ____D C:\Users\a\AppData\Roaming\obs-studio
2022-02-07 06:26 - 2021-04-13 06:00 - 000000000 ____D C:\Users\a\AppData\Roaming\vlc
2022-02-07 05:38 - 2021-04-13 06:47 - 000000000 ____D C:\Users\a\AppData\Roaming\qBittorrent
2022-02-05 21:46 - 2021-05-04 22:03 - 000000000 ____D C:\Users\a\AppData\Roaming\Teeworlds
2022-02-05 02:39 - 2021-04-14 04:39 - 000000000 ____D C:\Users\a\AppData\Local\Warframe
2022-02-04 20:36 - 2021-05-04 23:20 - 000000000 ____D C:\Users\a\AppData\Local\AMD_Common
2022-02-04 00:20 - 2021-07-21 17:04 - 000000000 ____D C:\WINDOWS\Minidump
2022-02-04 00:18 - 2021-12-15 03:16 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-02-04 00:17 - 2021-04-13 04:14 - 000000000 ____D C:\Users\a
2022-02-03 03:00 - 2021-07-27 23:05 - 000000000 ____D C:\Users\a\AppData\Local\Loop_Hero
2022-02-02 22:35 - 2021-12-18 23:38 - 000002317 _____ C:\Users\a\Desktop\Porofessor.gg.lnk
2022-02-02 18:33 - 2021-12-16 08:16 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-02-02 18:33 - 2021-12-16 08:15 - 000000000 ____D C:\Users\a\AppData\Local\Overwolf
2022-02-02 18:30 - 2021-04-14 03:39 - 000000000 ____D C:\ProgramData\Riot Games
2022-02-01 19:57 - 2020-11-21 08:00 - 000000000 ____D C:\Users\a\.Ld2VirtualBox
2022-02-01 05:09 - 2021-04-22 02:44 - 000000000 ____D C:\Users\a\AppData\Roaming\audacity
2022-01-31 07:46 - 2019-09-08 18:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-31 05:59 - 2020-09-22 13:27 - 000000000 ____D C:\j
2022-01-31 00:56 - 2021-10-12 17:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-31 00:56 - 2019-09-08 18:34 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-30 22:20 - 2021-04-13 05:52 - 000000000 ____D C:\Users\a\AppData\Local\osu!
2022-01-30 05:31 - 2021-12-16 21:09 - 000000000 ____D C:\Users\a\Documents\Virtual Machines
2022-01-30 05:08 - 2021-04-27 20:24 - 000000000 ____D C:\Program Files\Npcap
2022-01-30 05:07 - 2019-09-08 17:57 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-30 04:50 - 2021-11-16 07:53 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-30 04:50 - 2021-11-16 05:50 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-30 04:50 - 2021-07-02 18:15 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-30 04:49 - 2021-07-02 18:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-30 04:49 - 2021-07-02 18:15 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-30 04:37 - 2021-12-07 18:08 - 000000000 ____D C:\Users\a\AppData\Roaming\HandBrake
2022-01-30 03:17 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\Registration
2022-01-30 01:08 - 2020-09-22 13:27 - 000000000 ____D C:\Users\a\Downloads\Localisation
2022-01-29 18:44 - 2022-01-05 10:12 - 000000000 ____D C:\Users\a\AppData\Roaming\.tlauncher
2022-01-29 18:43 - 2022-01-05 10:12 - 000000000 ____D C:\Users\a\AppData\Roaming\.minecraft
2022-01-27 16:55 - 2021-04-13 06:43 - 000000000 ____D C:\Users\a\AppData\Local\SquirrelTemp
2022-01-26 18:55 - 2021-12-13 15:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1151804907-3945135748-2469712245-1001
2022-01-26 18:55 - 2021-04-13 04:29 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1151804907-3945135748-2469712245-1001
2022-01-26 18:55 - 2021-04-13 04:14 - 000002413 _____ C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-26 14:14 - 2021-04-15 01:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2022-01-26 02:17 - 2021-04-13 04:10 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 02:17 - 2021-04-13 04:10 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-23 20:16 - 2019-09-08 18:35 - 000000000 ____D C:\ProgramData\Norton
2022-01-23 19:34 - 2021-04-13 04:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-23 19:30 - 2019-09-08 18:36 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2022-01-23 16:22 - 2021-11-16 06:47 - 000011946 _____ C:\Users\a\Desktop\ZHPCleaner (R).html
2022-01-23 16:20 - 2021-11-16 06:29 - 000011741 _____ C:\Users\a\Desktop\ZHPCleaner (S).html
2022-01-18 16:01 - 2021-11-05 08:22 - 000000000 ____D C:\Users\a\AppData\Local\Adobe
2022-01-18 15:49 - 2021-06-04 20:34 - 000000000 ____D C:\Users\a\AppData\Local\babl-0.1
2022-01-18 01:20 - 2021-07-18 23:01 - 000017408 _____ C:\Users\a\AppData\Local\WebpageIcons.db
2022-01-16 11:59 - 2021-04-13 04:27 - 000000000 ____D C:\Users\a\AppData\Local\D3DSCache
2022-01-15 19:14 - 2021-04-13 04:46 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-15 19:10 - 2021-04-13 04:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-15 19:10 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-15 19:10 - 2021-04-13 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-13 22:57 - 2021-04-13 04:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 22:52 - 2021-04-13 04:31 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 10:15 - 2020-10-18 16:01 - 000000000 ____D C:\Users\a\Documents\Audacity
2022-01-11 21:30 - 2021-09-10 13:01 - 000000000 ____D C:\Users\a\AppData\Local\unityhub-updater
==================== Fichiers à la racine de certains dossiers ========
2021-05-19 21:15 - 2021-12-16 02:20 - 000000032 _____ () C:\Users\a\AppData\Roaming\.machineId
2021-04-13 05:07 - 2021-04-13 05:07 - 000000068 _____ () C:\Users\a\AppData\Roaming\changzhi_leidian.data
2021-08-23 17:40 - 2021-08-23 17:40 - 000000102 _____ () C:\Users\a\AppData\Roaming\changzhi_leidianmac.data
2021-04-18 04:10 - 2021-10-31 04:33 - 000003025 _____ () C:\Users\a\AppData\Roaming\ExaltMultiTool_Settings.bin
2021-12-15 04:27 - 2021-12-15 04:27 - 000003043 _____ () C:\Users\a\AppData\Roaming\ff3a46e5-63e5-4739-9724-0e3f92623700.tmp
2021-10-31 02:24 - 2021-10-31 02:24 - 000000258 _____ () C:\Users\a\AppData\Roaming\MelonLoader.Installer.cfg
2021-07-18 22:35 - 2021-11-04 22:14 - 000000015 _____ () C:\Users\a\AppData\Roaming\obs-virtualcam.txt
2021-05-16 14:02 - 2021-05-16 14:02 - 000000048 _____ () C:\Users\a\AppData\Roaming\~SiMPLEX.ini
2021-11-06 03:39 - 2021-11-26 22:44 - 000001456 _____ () C:\Users\a\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2022-01-18 15:49 - 2022-01-18 15:49 - 000001521 _____ () C:\Users\a\AppData\Local\recently-used.xbel
2022-01-30 05:12 - 2022-01-30 05:12 - 000007604 _____ () C:\Users\a\AppData\Local\Resmon.ResmonCfg
2021-07-18 23:01 - 2022-01-18 01:20 - 000017408 _____ () C:\Users\a\AppData\Local\WebpageIcons.db
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================