Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022 Exécuté par thiba (administrateur) sur NITROTMPC (Gigabyte Technology Co., Ltd. B450 AORUS ELITE) (30-01-2022 14:21:23) Exécuté depuis C:\Users\thiba\Desktop Profils chargés: thiba Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.1466 (X64) Langue: Français (France) Navigateur par défaut: Brave Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (0) [Fichier non signé] C:\Program Files (x86)\DigitizerPanel\DigitizerPanel.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <18> (Discord Inc. -> Discord Inc.) C:\Users\thiba\AppData\Local\Discord\app-1.0.9003\Discord.exe <6> (Druide informatique inc. -> Druide informatique inc.) C:\Program Files (x86)\Druide\Antidote 10\Application\Bin64\AgentAntidote.exe (Druide informatique inc. -> Druide informatique inc.) C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\AgentConnectix.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2> (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8> (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AgentConnectix64] => C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\AgentConnectix.exe [2677800 2020-07-17] (Druide informatique inc. -> Druide informatique inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-03-05] (Adobe Inc. -> ) HKLM-x32\...\Run: [Launch 0 DigitizerPanel] => C:\Program Files (x86)\DigitizerPanel\DigitizerPanel.exe [1815040 2015-12-31] (0) [Fichier non signé] HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2394568 2022-01-20] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\MountPoints2: {191986c1-9ef6-11eb-a4eb-309c23b73d15} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-756262882-3244545598-4113336910-1001\...\MountPoints2: {5c3dae63-4248-11eb-a4dc-309c23b73d15} - "E:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\97.1.34.81\Installer\chrmstp.exe [2022-01-23] (Brave Software, Inc. -> Brave Software, Inc.) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {02698863-1E29-4C70-B532-D0BF1C227740} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {05E14001-C075-4FC3-ACA6-D71235FE6E45} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {0668A6A7-A57A-4A3C-A8F3-A51EF651FBEC} - System32\Tasks\CCleanerSkipUAC - thiba => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {0CA201CD-7F0C-4CB4-9D6B-4ED57E70CC6E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4B0CAEFC-A63A-484B-8E94-FFF956FDB6F2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {4C9B58D6-2084-4EB0-AFA4-D855C81C9A97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {53DFA6B5-D66E-491F-8786-93AE53063E21} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5436A7C0-46AF-4D77-9BE8-2EE1351CA89D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5A4BFE56-2BA3-4A24-9A71-53D621FBA9CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5C6D0804-2111-42B4-9B26-C1AD9BDB4F9E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5EB4502B-018B-455F-B22C-72121763AAB3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {63829B6D-65FB-42E6-BCA6-C78AC4A6EBC3} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-756262882-3244545598-4113336910-1001 => C:\Users\thiba\AppData\Local\MEGAsync\MEGAupdater.exe [1820848 2021-07-05] (Mega Limited -> Mega Limited) Task: {6F9625A5-A6E9-44AA-B4F8-3276B6CA72F8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7072BA61-B6D0-459C-A665-2FE13E74E85F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {77589E73-6D50-46A2-B027-FAA39C275175} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7879D932-326A-40D8-A650-9A8200AEBA2E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7D3AAE46-EE64-42D3-8FC8-71B4DACD7E29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {86B04077-37EC-4486-B722-6FEBF00E7E1B} - System32\Tasks\Opera scheduled Autoupdate 1610042734 => C:\Users\thiba\AppData\Local\Programs\Opera\launcher.exe [2256592 2022-01-12] (Opera Software AS -> Opera Software) Task: {8E16FE18-0C1A-48F0-952B-8B99F484615C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {93498317-11C3-4087-806F-71D14D8EA290} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {AC9F6F59-AB0F-4E91-9D10-89C61B39E956} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {BEDE88DE-0416-4732-8876-5EF65BFD1F90} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BFF5BD8A-2639-4881-BD65-071C5AFC524A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {ED7497C7-45FD-4C10-B222-BAF04B0C9C31} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7ffa5e78-87d9-440a-ba6e-a415e2025445}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{a21663de-c252-447e-8e6a-6fa35c7ab751}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\thiba\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-23] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\thiba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-13] Edge HKLM\...\Edge\Extension: [cchfigjcpjmclmmphipdkeocklpnjecm] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: f9im40l4.default FF ProfilePath: C:\Users\thiba\AppData\Roaming\Mozilla\Firefox\Profiles\f9im40l4.default [2021-04-13] FF ProfilePath: C:\Users\thiba\AppData\Roaming\Mozilla\Firefox\Profiles\3qwboo3w.default-release [2022-01-06] FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-25] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= OPR Profile: C:\Users\thiba\AppData\Roaming\Opera Software\Opera Stable [2022-01-05] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-01-30] BRA Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.netflix.com; hxxps://www6.eloypatrick.pro BRA DefaultSearchKeyword: Default -> :g BRA Extension: (Google Traduction) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-01-30] BRA Extension: (Just Black) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-12-05] BRA Extension: (MEGA) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-01-28] BRA Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-13] BRA Extension: (Malwarebytes Browser Guard) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-25] BRA Extension: (Brave Local Data Files Updater) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-01-29] BRA Extension: (Brave NTP background images) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2021-12-15] BRA Extension: (Wallet Data Files Updater) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2021-11-30] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-01-30] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-06-25] BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-01-30] BRA Extension: (Brave Ads Resources) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2021-05-26] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-12-05] BRA Extension: (Brave Ads Resources) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\ijgkfgmfiinppefbonemjidmkhgbonei [2022-01-25] BRA Extension: (Brave SpeedReader Updater) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-09-17] BRA Extension: (Brave NTP sponsored images) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-01-30] BRA Extension: (Crypto Wallets) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2021-10-22] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\thiba\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-01-27] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-25] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2021-09-03] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812008 2021-09-28] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-29] (Epic Games Inc. -> Epic Games, Inc.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-08-19] (Electronic Arts, Inc. -> Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-12] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ArtFiltr_Digitizer; C:\Windows\System32\drivers\ArtFiltr_Digitizer.sys [39632 2015-04-30] (Dongguan Siliten Electronics Co.,Ltd -> 0) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps) R3 DroidCamVideo; C:\Windows\System32\drivers\droidcamvideo.sys [33784 2020-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [45408 2018-03-15] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) R3 VpdHid_1; C:\Windows\System32\drivers\VpdHid_1.sys [20216 2014-11-26] (CLOUD H.Q. INVESTMENT HOLDINGS CO., LTD. -> 0) R3 VpdHid_MouFiltr; C:\Windows\System32\drivers\VpdHid_MouFiltr.sys [7168 2014-11-26] (CLOUD H.Q. INVESTMENT HOLDINGS CO., LTD. -> 0) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-17] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-17] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-30 14:21 - 2022-01-30 14:22 - 000022000 _____ C:\Users\thiba\Desktop\FRST.txt 2022-01-30 14:20 - 2022-01-30 14:21 - 000000000 ____D C:\FRST 2022-01-30 14:20 - 2022-01-30 14:20 - 000362218 _____ C:\Users\thiba\Desktop\ZHPDiag.txt 2022-01-30 14:09 - 2022-01-30 14:09 - 002311680 _____ (Farbar) C:\Users\thiba\Desktop\FRST64.exe 2022-01-30 14:08 - 2022-01-30 14:20 - 000000000 ____D C:\Users\thiba\AppData\Roaming\ZHP 2022-01-30 14:08 - 2022-01-30 14:08 - 003479192 _____ (Nicolas Coolman) C:\Users\thiba\Desktop\ZHPSuite.exe 2022-01-30 14:08 - 2022-01-30 14:08 - 000000865 _____ C:\Users\thiba\Desktop\ZHPSuite.lnk 2022-01-30 14:08 - 2022-01-30 14:08 - 000000000 ____D C:\Users\thiba\AppData\Local\ZHP 2022-01-28 21:34 - 2022-01-28 21:34 - 000000000 ____D C:\Users\thiba\AppData\LocalLow\DefaultCompany 2022-01-28 17:05 - 2022-01-28 20:38 - 000000000 ____D C:\Users\thiba\Desktop\Nouveau dossier 2022-01-27 16:30 - 2022-01-27 16:30 - 006859181 _____ C:\Users\thiba\Desktop\mise en ligne sister (1).mp4 2022-01-27 15:58 - 2022-01-27 15:58 - 000135219 _____ C:\Users\thiba\Desktop\Devis DE14520 (1).pdf 2022-01-27 15:57 - 2022-01-27 15:57 - 003025717 _____ C:\Users\thiba\Desktop\feelin' (1).mp4 2022-01-27 15:24 - 2022-01-27 15:24 - 002773706 _____ C:\Users\thiba\Desktop\feelin'.mp4 2022-01-27 15:13 - 2022-01-27 15:13 - 000664456 _____ C:\Users\thiba\Desktop\Instagram_icon.png.webp 2022-01-27 15:12 - 2022-01-27 15:12 - 000023608 _____ C:\Users\thiba\Desktop\facebook-770688_1280.webp 2022-01-27 12:00 - 2022-01-27 12:00 - 000135131 _____ C:\Users\thiba\Desktop\Devis DE14520.pdf 2022-01-27 11:53 - 2022-01-27 11:53 - 006859181 _____ C:\Users\thiba\Desktop\mise en ligne sister.mp4 2022-01-24 20:11 - 2022-01-24 20:11 - 020362168 _____ C:\Users\thiba\Desktop\CV_Malarte_Thibaud (2).pdf 2022-01-23 21:13 - 2022-01-27 20:54 - 000000000 ____D C:\Users\thiba\AppData\Roaming\Vampire_Survivors 2022-01-23 20:25 - 2022-01-23 20:25 - 000000000 ____D C:\Users\thiba\AppData\Roaming\Tone 2022-01-23 18:00 - 2022-01-24 02:52 - 000000000 ____D C:\Users\thiba\Desktop\Jeux 2022-01-23 17:37 - 2022-01-23 17:37 - 000000188 _____ C:\Users\thiba\AppData\Local\kritadisplayrc 2022-01-12 17:22 - 2022-01-12 17:22 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe 2022-01-12 17:22 - 2022-01-12 17:22 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe 2022-01-12 17:22 - 2022-01-12 17:22 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-01-12 17:13 - 2022-01-12 17:13 - 000000000 ___HD C:\$WinREAgent 2022-01-10 18:40 - 2022-01-10 18:40 - 000000000 ____D C:\Users\thiba\AppData\Local\ElevatedDiagnostics 2022-01-06 16:31 - 2022-01-28 16:56 - 000000000 ____D C:\Users\thiba\Desktop\Miyu 2022-01-06 13:04 - 2022-01-06 13:04 - 000000000 ____D C:\KPRM 2022-01-06 12:37 - 2022-01-06 12:37 - 000000000 ____D C:\Users\thiba\AppData\Local\mbam 2022-01-05 11:46 - 2022-01-05 11:46 - 002242215 _____ C:\Users\thiba\Downloads\Thibaud Malarte 07.pdf 2022-01-05 02:24 - 2022-01-05 02:24 - 000000000 ___HD C:\$SysReset 2022-01-05 02:12 - 2022-01-05 02:12 - 263993944 _____ C:\Users\thiba\Downloads\zqque60h.exe 2022-01-05 02:12 - 2022-01-05 02:12 - 000000000 ____D C:\Users\thiba\Doctor Web 2022-01-05 01:18 - 2022-01-05 01:18 - 000000000 ____D C:\Users\thiba\AppData\LocalLow\Dinosaur Polo Club 2021-12-30 16:25 - 2022-01-04 01:04 - 000000000 ____D C:\Users\thiba\Documents\The Witcher 3 2021-12-27 11:26 - 2021-12-27 11:26 - 000004036 _____ C:\Windows\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-756262882-3244545598-4113336910-1001_0 2021-12-26 22:53 - 2021-12-26 22:56 - 000000000 ____D C:\Users\thiba\Documents\Assassin's Creed Odyssey 2021-12-26 22:41 - 2021-12-26 22:41 - 000000000 ____D C:\ProgramData\Ubisoft 2021-12-26 22:40 - 2021-12-26 23:11 - 000000000 ____D C:\Users\thiba\AppData\Local\Ubisoft Game Launcher 2021-12-26 22:40 - 2021-12-26 22:41 - 000000000 ____D C:\Users\thiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2021-12-26 22:40 - 2021-12-26 22:40 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2021-12-17 10:03 - 2021-12-17 10:03 - 000000000 ____D C:\Windows\SystemTemp 2021-12-17 09:55 - 2021-12-17 09:55 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-12-17 09:55 - 2021-12-17 09:55 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-12-17 09:55 - 2021-12-17 09:55 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-12-17 01:06 - 2021-12-17 01:06 - 000000000 ____D C:\Users\thiba\AppData\Local\mod.io 2021-12-17 01:06 - 2021-12-17 01:06 - 000000000 ____D C:\Users\Public\mod.io 2021-12-12 22:56 - 2022-01-27 10:26 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-756262882-3244545598-4113336910-1001 2021-12-04 21:15 - 2021-12-04 21:15 - 000000000 ____D C:\Users\thiba\AppData\Local\Century 2021-12-04 21:13 - 2021-12-12 11:44 - 000000000 ____D C:\Users\thiba\AppData\Roaming\EasyAntiCheat 2021-11-30 00:50 - 2021-11-30 00:50 - 000000000 ____D C:\Users\thiba\Documents\KINGDOM HEARTS III 2021-11-30 00:49 - 2021-11-30 00:49 - 000000000 ____D C:\Users\Public\Documents\Epic 2021-11-30 00:34 - 2021-11-30 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Hearts III and Re Mind 2021-11-29 23:15 - 2021-11-30 00:09 - 000000000 ____D C:\Users\thiba\Downloads\Kingdom.Hearts.III.and.Re.Mind-CODEX 2021-11-29 23:12 - 2021-11-30 00:41 - 000000000 ____D C:\Users\thiba\Desktop\KH3 2021-11-29 02:02 - 2021-11-29 02:02 - 000000000 ____D C:\Users\thiba\AppData\LocalLow\GoblinzStudio 2021-11-28 20:38 - 2021-11-28 20:38 - 000000000 ____D C:\Users\thiba\AppData\Roaming\dekovir 2021-11-26 15:25 - 2021-11-26 15:25 - 000001130 _____ C:\Users\thiba\Desktop\Adobe Premiere Pro 2021.lnk 2021-11-26 15:25 - 2021-11-26 15:25 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2021.lnk 2021-11-17 00:32 - 2021-11-09 23:27 - 000038016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2021-11-17 00:31 - 2021-11-11 03:36 - 001874664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-11-17 00:31 - 2021-11-11 03:36 - 001874664 _____ C:\Windows\system32\vulkaninfo.exe 2021-11-17 00:31 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-11-17 00:31 - 2021-11-11 03:36 - 001450216 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-11-17 00:31 - 2021-11-11 03:36 - 001450216 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-11-17 00:31 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-11-17 00:31 - 2021-11-11 03:36 - 001111272 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-11-17 00:31 - 2021-11-11 03:36 - 001111272 _____ C:\Windows\system32\vulkan-1.dll 2021-11-17 00:31 - 2021-11-11 03:36 - 000965352 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-11-17 00:31 - 2021-11-11 03:36 - 000965352 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 000802232 _____ C:\Windows\system32\nvofapi64.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-11-17 00:31 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 000635008 _____ C:\Windows\SysWOW64\nvofapi.dll 2021-11-17 00:31 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 002850432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 000792192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2021-11-17 00:31 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2021-11-17 00:31 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2021-11-17 00:31 - 2021-11-11 03:30 - 006432960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2021-11-17 00:31 - 2021-11-09 23:27 - 000085718 _____ C:\Windows\system32\nvinfo.pb 2021-11-16 23:30 - 2021-11-16 23:30 - 000000000 ____D C:\Users\thiba\AppData\LocalLow\Odd Bug Studio 2021-11-16 23:29 - 2021-11-16 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tails of Iron 2021-11-16 22:44 - 2021-11-16 22:44 - 000000000 ____D C:\Users\thiba\AppData\LocalLow\SQUARE ENIX, Inc_ 2021-11-13 13:30 - 2021-11-13 13:30 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-11-08 01:24 - 2021-11-08 01:24 - 000000000 ____D C:\Users\thiba\AppData\Local\DBG 2021-11-03 20:59 - 2021-11-03 20:59 - 000000000 ____D C:\Users\thiba\AppData\Local\ModTheSpire 2021-11-03 19:52 - 2021-11-03 19:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2021-11-03 19:49 - 2022-01-28 00:57 - 000000000 ____D C:\Program Files (x86)\Hearthstone 2021-11-03 19:48 - 2022-01-28 01:55 - 000000000 ____D C:\Users\thiba\AppData\Local\Battle.net 2021-11-03 19:48 - 2021-11-03 19:53 - 000000000 ____D C:\Users\thiba\AppData\Roaming\Battle.net 2021-11-03 19:48 - 2021-11-03 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2021-11-03 19:47 - 2022-01-28 00:55 - 000000000 ____D C:\Program Files (x86)\Battle.net 2021-11-03 11:59 - 2021-11-03 11:59 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-03 11:59 - 2021-11-03 11:59 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-11-02 17:50 - 2021-11-02 17:50 - 000000222 _____ C:\Users\thiba\Desktop\Wallpaper Engine.url 2021-11-01 17:49 - 2021-11-01 17:49 - 000000000 ____D C:\Users\thiba\AppData\Local\WitchIt 2021-11-01 12:31 - 2021-11-02 19:45 - 000000000 ____D C:\Users\thiba\Documents\RedHookGameLogs 2021-11-01 12:31 - 2021-11-01 12:31 - 000000000 ____D C:\Users\thiba\AppData\LocalLow\RedHook 2021-11-01 12:24 - 2022-01-17 20:19 - 000000000 ____D C:\DarkestDungeonII 2021-11-01 11:42 - 2021-11-01 11:42 - 000001823 _____ C:\Users\Public\Desktop\Krita.lnk 2021-11-01 11:42 - 2021-11-01 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Krita 2021-11-01 11:41 - 2021-11-01 11:42 - 000000000 ____D C:\Program Files\Krita (x64) ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-30 14:22 - 2020-12-05 15:36 - 000000000 ____D C:\Users\thiba\AppData\Roaming\discord 2022-01-30 14:19 - 2020-12-05 15:36 - 000000000 ____D C:\Users\thiba\AppData\Local\Discord 2022-01-30 14:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-30 14:12 - 2021-10-23 20:38 - 000000000 ____D C:\Program Files (x86)\Steam 2022-01-30 13:15 - 2020-12-05 15:30 - 000000000 ____D C:\ProgramData\NVIDIA 2022-01-30 13:00 - 2020-12-05 16:36 - 000000000 ____D C:\ProgramData\Riot Games 2022-01-30 12:57 - 2020-09-27 06:33 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-01-30 11:42 - 2021-02-03 19:11 - 000000000 ____D C:\Program Files\CCleaner 2022-01-30 11:41 - 2021-01-29 13:59 - 000000000 ____D C:\Users\thiba\Downloads\Druide_Téléchargement 2022-01-29 13:14 - 2021-03-05 12:24 - 000000000 ____D C:\Users\thiba\Desktop\bordel 2022-01-28 19:30 - 2020-09-27 08:36 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-28 19:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-28 19:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-01-28 17:08 - 2021-03-05 11:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-01-28 17:03 - 2021-09-27 23:14 - 000000000 ____D C:\Users\thiba\Desktop\PVAC 2022-01-28 12:58 - 2020-12-10 19:02 - 000000000 ____D C:\Users\thiba\AppData\Roaming\vlc 2022-01-27 10:26 - 2020-12-05 14:56 - 000003366 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-756262882-3244545598-4113336910-1001 2022-01-27 10:26 - 2020-12-05 14:52 - 000002417 _____ C:\Users\thiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-27 10:24 - 2020-09-27 08:36 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-27 10:24 - 2020-09-27 08:36 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-01-24 20:00 - 2020-12-10 14:54 - 000000576 _____ C:\ProgramData\droidcam-client-options-v1 2022-01-24 20:00 - 2020-12-10 14:54 - 000000097 _____ C:\ProgramData\droidcam-settings 2022-01-23 21:15 - 2020-12-07 16:40 - 000000000 ____D C:\Users\thiba\AppData\Local\D3DSCache 2022-01-23 21:06 - 2020-12-05 16:51 - 000000000 ____D C:\Users\thiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-01-23 20:54 - 2020-12-05 14:54 - 001771354 _____ C:\Windows\system32\PerfStringBackup.INI 2022-01-23 20:54 - 2019-12-07 15:50 - 000791866 _____ C:\Windows\system32\perfh00C.dat 2022-01-23 20:54 - 2019-12-07 15:50 - 000150032 _____ C:\Windows\system32\perfc00C.dat 2022-01-23 20:54 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-01-23 20:47 - 2020-09-27 08:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-01-23 20:47 - 2020-09-27 06:33 - 000008192 ___SH C:\DumpStack.log.tmp 2022-01-23 20:47 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-01-23 17:50 - 2021-02-17 10:44 - 000000000 ____D C:\Users\thiba\Desktop\DESSIN 2022-01-23 17:44 - 2021-03-05 12:33 - 000000000 ____D C:\Users\thiba\Desktop\adobe 2022-01-23 17:44 - 2020-12-06 09:58 - 000000000 ____D C:\Users\thiba\AppData\Local\CrashDumps 2022-01-23 17:37 - 2020-12-08 13:04 - 000030248 _____ C:\Users\thiba\AppData\Local\kritarc 2022-01-23 13:36 - 2020-12-05 15:24 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-01-23 13:36 - 2020-12-05 15:24 - 000002321 _____ C:\Users\Public\Desktop\Brave.lnk 2022-01-17 21:51 - 2021-03-05 12:48 - 000000000 ____D C:\ProgramData\boost_interprocess 2022-01-17 17:58 - 2021-01-07 19:05 - 000004200 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1610042734 2022-01-17 17:58 - 2021-01-07 19:05 - 000001405 _____ C:\Users\thiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2022-01-12 17:26 - 2020-09-27 06:33 - 000408928 _____ C:\Windows\system32\FNTCACHE.DAT 2022-01-12 17:25 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-01-12 17:25 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2022-01-12 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-01-12 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2022-01-12 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2022-01-12 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2022-01-12 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2022-01-12 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2022-01-12 17:25 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2022-01-12 17:12 - 2020-12-05 15:47 - 000000000 ____D C:\Windows\system32\MRT 2022-01-12 17:09 - 2020-12-05 15:47 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-01-09 13:03 - 2020-12-16 16:51 - 000000000 ____D C:\Users\thiba\Documents\My Games 2022-01-09 05:17 - 2020-12-05 14:52 - 000000000 ____D C:\Users\thiba 2022-01-06 13:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-01-06 12:46 - 2021-01-07 19:04 - 000000000 ____D C:\Program Files (x86)\UsefulCaloti 2022-01-06 12:37 - 2021-04-13 07:36 - 000000000 ____D C:\Users\thiba\AppData\LocalLow\Mozilla 2022-01-06 12:37 - 2021-04-13 07:36 - 000000000 ____D C:\ProgramData\Mozilla 2022-01-05 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep 2022-01-05 01:01 - 2021-08-26 11:09 - 000000000 ____D C:\Users\thiba\AppData\Roaming\uTorrent 2022-01-05 00:58 - 2021-06-08 23:41 - 000000000 ____D C:\Windows\Minidump ==================== Fichiers à la racine de certains dossiers ======== 2021-09-16 22:33 - 2021-09-16 22:33 - 001125656 _____ () C:\Users\thiba\AppData\Roaming\Detto.swf 2021-09-16 22:33 - 2021-09-16 22:33 - 000000483 _____ () C:\Users\thiba\AppData\Roaming\Disegnata.swf 2021-09-16 22:33 - 2021-09-16 22:33 - 000003073 _____ () C:\Users\thiba\AppData\Roaming\Esistenza.swf 2021-09-16 22:33 - 2021-09-16 22:33 - 000893731 _____ () C:\Users\thiba\AppData\Roaming\Mio.swf 2021-10-02 12:50 - 2021-11-04 15:25 - 000000385 _____ () C:\Users\thiba\AppData\Roaming\t2gp_installer_shared.json 2021-04-08 15:47 - 2021-04-08 16:00 - 000001456 _____ () C:\Users\thiba\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2020-12-08 13:04 - 2022-01-23 17:37 - 000002846 _____ () C:\Users\thiba\AppData\Local\krita-sysinfo.log 2020-12-08 13:04 - 2022-01-23 17:37 - 001991999 _____ () C:\Users\thiba\AppData\Local\krita.log 2020-12-15 17:12 - 2021-12-05 23:40 - 000346142 _____ () C:\Users\thiba\AppData\Local\kritacrash.log 2022-01-23 17:37 - 2022-01-23 17:37 - 000000188 _____ () C:\Users\thiba\AppData\Local\kritadisplayrc 2020-12-08 13:04 - 2022-01-23 17:37 - 000030248 _____ () C:\Users\thiba\AppData\Local\kritarc 2021-07-14 16:55 - 2021-11-08 14:43 - 000000092 _____ () C:\Users\thiba\AppData\Local\kritashortcutsrc 2021-03-05 12:49 - 2022-01-06 15:09 - 000000205 _____ () C:\Users\thiba\AppData\Local\oobelibMkey.log 2021-01-07 19:04 - 2021-01-07 19:04 - 000016438 _____ () C:\Users\thiba\AppData\Local\partner.bmp 2021-10-02 14:29 - 2021-10-02 14:29 - 000000000 _____ () C:\Users\thiba\AppData\Local\{4494CB3D-2AFB-4890-AA43-CD756541CAFE} ==================== SigCheckExt ========================= 2021-01-19 17:44 - 2021-10-22 16:44 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2020-12-08 15:46 - 2015-04-30 15:28 - 002175488 _____ (0) C:\Windows\system32\Wintab32.dll 2007-04-27 08:43 - 2007-04-27 08:43 - 000120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll 2020-07-19 21:11 - 2020-07-19 21:11 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2020-07-19 21:11 - 2020-07-19 21:11 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2020-07-19 21:11 - 2020-07-19 21:11 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2021-06-02 13:42 - 2015-04-30 15:29 - 001596928 _____ (0) C:\Windows\SysWOW64\Wintab32.dll 2022-01-30 14:09 - 2022-01-30 14:09 - 002311680 _____ (Farbar) C:\Users\thiba\Desktop\FRST64.exe 2022-01-30 14:08 - 2022-01-30 14:08 - 003479192 _____ (Nicolas Coolman) C:\Users\thiba\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {7a7290a6-36ff-11eb-8727-ca12ffeb1173} {f0b27210-6e78-11ec-a50c-806e6f6e6963} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {7a7290aa-36ff-11eb-8727-ca12ffeb1173} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {7a7290a6-36ff-11eb-8727-ca12ffeb1173} description SanDisk SSD PLUS 1000GB Application logicielle (101fffff) -------------------------------- identificateur {f0b27210-6e78-11ec-a50c-806e6f6e6963} description TOSHIBA DT01ACA100 Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {7a7290ac-36ff-11eb-8727-ca12ffeb1173} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {7a7290aa-36ff-11eb-8727-ca12ffeb1173} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {7a7290ac-36ff-11eb-8727-ca12ffeb1173} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{7a7290ad-36ff-11eb-8727-ca12ffeb1173} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{7a7290ad-36ff-11eb-8727-ca12ffeb1173} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {7a7290aa-36ff-11eb-8727-ca12ffeb1173} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {7a7290ac-36ff-11eb-8727-ca12ffeb1173} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {7a7290ad-36ff-11eb-8727-ca12ffeb1173} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================