Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022 Exécuté par ladi (administrateur) sur DESKTOP-JHCR99Q (Micro-Star International Co., Ltd. MS-7B89) (02-02-2022 20:13:32) Exécuté depuis C:\Users\ladi\Desktop Profils chargés: ladi Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1503 (X64) Langue: Français (France) Navigateur par défaut: Brave Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) C:\Windows\SysWOW64\Ext2Srv.EXE (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <39> (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé] C:\Users\ladi\AppData\Local\Clavier64\Clavier.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (Marek Jasinski -> Marek Jasinski) C:\Program Files (x86)\FreeCommanderXE-32-public_portable\FreeCommander.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe <2> (Telegram FZ-LLC -> Telegram FZ-LLC) G:\Telegram\Telegram.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH) HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\Run: [Clavier+] => C:\Users\ladi\AppData\Local\Clavier64\Clavier.exe [184320 2020-06-07] (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signé] HKLM\...\Windows x64\Print Processors\RIC60Fpr: C:\Windows\System32\spool\prtprocs\x64\RIC60FPR.DLL [80384 2012-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.) HKLM\...\Print\Monitors\RIC60Flm: c:\windows\system32\RIC60Flm.dll [123392 2015-12-18] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO., LTD.) HKLM\...\Print\Monitors\rica1llm: c:\windows\system32\rica1llm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\97.1.34.81\Installer\chrmstp.exe [2022-01-21] (Brave Software, Inc. -> Brave Software, Inc.) IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe Startup: C:\Users\ladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenRGB - Raccourci.lnk [2020-10-23] ShortcutTarget: OpenRGB - Raccourci.lnk -> C:\OpenRGB Windows 64-bit\OpenRGB.exe () [Fichier non signé] GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction - Edge <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION HKU\S-1-5-21-329816075-2688303404-493038192-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {25D95862-3D7A-4447-8CA8-019DD3D1C53F} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {306A6406-9C5E-440D-8396-80A2413C002E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\ladi\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (Pas de fichier) Task: {64B2BF53-56BE-48F6-8200-92F08B7459CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {67F1B11B-6741-406A-B446-BDF7C3306C3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AB16A402-19CA-4F9D-9C4C-18D0B6D127C2} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\ladi\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (Pas de fichier) Task: {C0052132-824F-480D-8706-3B4AF1EF609B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E8D10FD9-AC87-4959-AC8F-1B52A4C9B749} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {F25AF894-B40B-42EE-BA64-0A4C0C5CC19D} - System32\Tasks\Core Temp Autostart ladi => C:\Program Files\Core Temp\Core Temp.exe [1031512 2021-04-01] (ALCPU -> ALCPU) Task: {F973FD76-1F41-444B-80AA-BC3A4DCD4676} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FE1FE254-D40A-45A9-88AC-8FF39AA9B8DC} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{096aa985-7857-4a0f-bc5f-6bc6b885766f}: [NameServer] 9.9.9.9,149.112.112.112,192.168.1.1 Tcpip\..\Interfaces\{096aa985-7857-4a0f-bc5f-6bc6b885766f}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= DownloadDir: C:\Users\ladi\Downloads Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\ladi\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-01] Edge DownloadDir: Default -> C:\Users\ladi\Downloads FireFox: ======== FF DefaultProfile: qn9gjyj9.default FF ProfilePath: C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default [2022-01-12] FF Extension: (Avira Browser Safety) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default\Extensions\abs@avira.com [2022-01-12] FF Extension: (Avira Password Manager) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default\Extensions\passwordmanager@avira.com [2022-01-12] FF Extension: (Avira SafeSearch Plus) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default\Extensions\safesearchplus2@avira.com [2022-01-12] [hxxps://package.avira.com/package/safesearch/firefox/update-plus2.json] FF ProfilePath: C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release [2022-02-02] FF DownloadDir: C:\Users\ladi\Desktop FF Homepage: Mozilla\Firefox\Profiles\vukr3a9w.default-release -> hxxps://duckduckgo.com/?t=ffsb FF NetworkProxy: Mozilla\Firefox\Profiles\vukr3a9w.default-release -> proxy_over_tls", false FF Extension: (Disconnect) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\2.0@disconnect.me.xpi [2020-10-07] FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\amptra@keepa.com.xpi [2021-09-18] FF Extension: (CanvasBlocker) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\CanvasBlocker@kkapsner.de.xpi [2021-12-06] FF Extension: (Cookie AutoDelete) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\CookieAutoDelete@kennydo.com.xpi [2021-01-20] FF Extension: (Default Bookmark Folder) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\default-bookmark-folder@gustiaux.com.xpi [2021-01-27] FF Extension: (Drag-Select Link Text) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\dragselectlinktext@kestrel.xpi [2018-01-24] FF Extension: (Glitter Drag) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\glitterdrag@harytfw.xpi [2019-06-13] FF Extension: (HTTPS partout) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\https-everywhere@eff.org.xpi [2021-07-14] FF Extension: (Dashlane) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2021-12-09] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=] FF Extension: (Decentraleyes) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-02] FF Extension: (I don't care about cookies) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-01-21] FF Extension: (Privacy Badger) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-12-06] FF Extension: (MyJDownloader Browser Extension) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-24] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (ResizeIT 2) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\resizeit-2@futuretech.in.xpi [2020-07-22] FF Extension: (S3.Traducteur) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\s3@translator.xpi [2021-07-15] FF Extension: (uBlock Origin) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-01-13] FF Extension: (MetaMask) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\webextension@metamask.io.xpi [2022-01-21] FF Extension: (PopUpOFF - Popup and overlay blocker) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{154cddeb-4c8b-4627-a478-c7e5b427ffdf}.xpi [2021-10-29] FF Extension: (Youtube Playlist Duration Calculator) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{343b0933-6ab6-4049-a4ec-4fe4d365f9fc}.xpi [2021-05-15] FF Extension: (NoScript) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022-01-31] FF Extension: (smartUp Gestures(Beta)) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{77b19bb0-313b-49c8-9e58-cef2e4ebf317}.xpi [2022-01-09] FF Extension: (Country Flags & IP Whois) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{802a552e-13d1-4683-a40a-1e5325fba4bb}.xpi [2021-09-04] FF Extension: (Pas de nom) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [non trouvé(e)] FF Extension: (Pas de nom) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\resizeit@sonej.xpi [non trouvé(e)] FF Extension: (Pas de nom) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [non trouvé(e)] FF Extension: (Pas de nom) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\startup.maker@gmail.com.xpi [non trouvé(e)] FF Extension: (Pas de nom) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\s3google@translator.xpi [non trouvé(e)] FF Extension: (Pas de nom) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [non trouvé(e)] FF Extension: (Pas de nom) - C:\Users\ladi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\https-everywhere@eff.org.xpi [non trouvé(e)] Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-02-02] BRA DownloadDir: C:\Users\ladi\Desktop BRA HomePage: Default -> hxxps://duckduckgo.com/?atb=v307-5&atb=v307-5 BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave BRA DefaultSearchKeyword: Default -> :d BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list BRA Extension: (Country Flags & IP Whois) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bffjckjhidlcnenenacdahhpbacpgapo [2022-01-20] BRA Extension: (smartUp Gestures) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bgjfekefhjemchdeigphccilhncnjldn [2022-01-20] BRA Extension: (DuckDuckGo) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-01-25] BRA Extension: (S3.Traducteur) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\debnnjfbneojbmioajinefnflopdohjk [2022-01-20] BRA Extension: (Keplr) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dmkamcknogkgcdfhhbddcghachkejeap [2022-01-25] BRA Extension: (Dashlane - Gestionnaire de mots de passe) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2022-01-20] BRA Extension: (Cookie AutoDelete) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fhcgjolkccmbidfldomjliifgaodjagh [2022-01-20] BRA Extension: (I don't care about cookies) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-21] BRA Extension: (XDEFI Wallet) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hmeobnfnfcmdkdcmlblgagmfpfboieaf [2022-01-25] BRA Extension: (PopUpOFF - Popup and overlay blocker) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifnkdbpmgkdbfklnbfidaackdenlmhgh [2022-01-20] BRA Extension: (Disconnect) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2022-01-20] BRA Extension: (Window Resizer) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2022-01-20] BRA Extension: (Decentraleyes) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2022-02-02] BRA Extension: (AVG Online Security) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nbmoafcmbajniiapeidgficgifbfmjfo [2022-01-28] BRA Extension: (Keepa - Amazon Price Tracker) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2022-01-31] BRA Extension: (MetaMask) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-01-20] BRA Extension: (Canvas Blocker - Fingerprint Protect) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nomnklagbgmgghhjidfhnoelnjfndfpd [2022-01-20] BRA Extension: (Youtube Playlist Duration Calculator) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pijbakhgmhhadeakaocjfockpndcpobk [2022-01-20] BRA Extension: (Privacy Badger) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2022-01-20] BRA Profile: C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2022-01-20] BRA Extension: (Brave Local Data Files Updater) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-02-02] BRA Extension: (Brave NTP background images) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-01-20] BRA Extension: (Brave Ad Block Updater (uBlock Annoyances List (used with Fanboy Annoyances List))) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfoofkaohomljmodljoameijbaichadj [2022-02-02] BRA Extension: (Wallet Data Files Updater) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-01-20] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-02-02] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-01-20] BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-02-02] BRA Extension: (Brave Ads Resources) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\ijgkfgmfiinppefbonemjidmkhgbonei [2022-01-25] BRA Extension: (Brave SpeedReader Updater) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-01-20] BRA Extension: (Brave Ad Block Updater (Fanboy Social List)) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\jkmfbjpchgojnebkdleeiplnaagomnll [2022-02-02] BRA Extension: (Brave Ad Block Updater (Fanboy Annoyances List)) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\kfhcejhgfapmkapakabicnjhpglajkao [2022-02-02] BRA Extension: (Brave NTP sponsored images) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-02-02] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\ladi\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-02-02] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> ) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-06-16] (Acronis International GmbH -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.) R2 Ext2Srv; C:\Windows\SysWOW64\Ext2Srv.EXE [42488 2021-12-31] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) S3 ImDskSvc; C:\Windows\system32\imdsksvc.exe [31544 2020-06-16] (Lagerkvist Teknisk Rådgivning i Borås HB -> Olof Lagerkvist) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11174464 2022-01-12] (Logitech Inc -> Logitech, Inc.) S3 LxssManagerUser; C:\Windows\system32\lxss\wslclient.dll [305664 2021-12-25] (Microsoft Windows -> Microsoft Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-27] (Malwarebytes Inc -> Malwarebytes) S3 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6136536 2022-01-25] (Microsoft Windows Publisher -> Microsoft Corporation) S3 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> ) S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) S2 LogiRegistryService; "C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 ALSysIO; D:\Users\ladi\AppData\Local\Temp\ALSysIO64.sys [47240 2022-02-02] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [21048 2020-06-16] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2021-09-16] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [153088 2021-09-05] (Microsoft Corporation) [Fichier non signé] R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [687768 2020-06-16] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [390592 2020-06-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 ImDisk; C:\Windows\system32\DRIVERS\imdisk.sys [48704 2020-06-16] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2020-08-17] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk]) R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-05-21] (Logitech Inc -> Logitech) S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2021-05-21] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-05-21] (Logitech Inc -> Logitech) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-07-19] (Malwarebytes Inc -> Malwarebytes) S3 MpKsl6d4f3347; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [130296 2021-11-30] (Microsoft Windows -> Microsoft Corporation) R2 SSGDIO; C:\Windows\SysWOW64\DRIVERS\ssgdio64.sys [14608 2020-09-15] (ATI Technologies, Inc -> ATI Technologies Inc.) S3 tib; C:\Windows\system32\DRIVERS\tib.sys [883256 2020-06-16] (Acronis International GmbH -> Acronis International GmbH) R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [171968 2020-06-16] (Acronis International GmbH -> Acronis International GmbH) S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [693768 2020-06-16] (Acronis International GmbH -> Acronis International GmbH) R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [330176 2020-06-16] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2020-06-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) S3 cpuz149; \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys [X] U4 DiagTrack; pas de ImagePath U4 dmwappushservice; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-02-02 20:13 - 2022-02-02 20:13 - 000029112 _____ C:\Users\ladi\Desktop\FRST.txt 2022-02-02 20:13 - 2022-02-02 20:13 - 000000000 ____D C:\FRST 2022-02-02 20:12 - 2022-02-02 20:12 - 002311680 _____ (Farbar) C:\Users\ladi\Desktop\FRST64.exe 2022-02-02 19:49 - 2022-02-02 19:54 - 000421278 _____ C:\Users\ladi\Desktop\ZHPDiag.txt 2022-02-02 19:46 - 2022-02-02 19:46 - 000000000 ____D C:\.Trash-1000 2022-02-02 19:42 - 2022-02-02 19:49 - 000000000 ____D C:\Users\ladi\AppData\Roaming\ZHP 2022-02-02 19:42 - 2022-02-02 19:42 - 000000910 _____ C:\Users\ladi\Desktop\ZHPSuite.lnk 2022-02-02 19:41 - 2022-02-02 19:41 - 003479704 _____ (Nicolas Coolman) C:\Users\ladi\Desktop\ZHPSuite.exe 2022-02-01 22:01 - 2022-02-01 22:01 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2022-02-01 22:01 - 2022-02-01 22:01 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2022-02-01 19:41 - 2022-02-01 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2022-02-01 19:41 - 2022-02-01 19:41 - 000000000 ____D C:\Program Files\LGHUB 2022-01-31 22:32 - 2022-01-31 22:32 - 000319630 _____ C:\Users\ladi\Desktop\Mes_crypto.xlsx 2022-01-30 17:28 - 2022-01-30 17:28 - 000126228 _____ C:\Users\ladi\Desktop\coinigy_trading_account_balances.xlsx 2022-01-30 13:48 - 2022-01-30 13:48 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-01-28 11:12 - 2022-01-29 09:40 - 000000133 _____ C:\Users\ladi\Desktop\acha.txt 2022-01-25 23:22 - 2022-01-25 23:22 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2022-01-25 23:22 - 2022-01-25 23:22 - 000272384 _____ C:\Windows\system32\TpmTool.exe 2022-01-25 23:22 - 2022-01-25 23:22 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe 2022-01-25 23:22 - 2022-01-25 23:22 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2022-01-25 23:22 - 2022-01-25 23:22 - 000011805 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-01-25 23:18 - 2022-01-25 23:18 - 000000000 ___HD C:\$WinREAgent 2022-01-22 11:56 - 2022-01-28 21:33 - 000000000 ____D C:\Users\ladi\Downloads\Telegram Desktop 2022-01-20 13:32 - 2022-01-20 13:32 - 000000000 ____D C:\Program Files\BraveSoftware 2022-01-20 13:32 - 2022-01-20 13:32 - 000000000 ____D C:\Program Files (x86)\BraveSoftware 2022-01-20 13:27 - 2022-02-02 18:49 - 000008192 ___SH C:\DumpStack.log.tmp 2022-01-20 13:27 - 2022-01-20 13:27 - 000000000 ____D C:\Windows\CSC 2022-01-18 10:33 - 2022-01-18 15:30 - 000000000 ____D C:\platform-tools 2022-01-16 12:06 - 2022-01-16 12:06 - 004867744 _____ C:\Users\ladi\Desktop\TOKENS-INVADERS - Bien investir dans les crypto monnaies V3.pdf 2022-01-15 19:55 - 2022-01-15 19:55 - 000654830 _____ C:\Users\ladi\Desktop\DemandeComplementaireSanteSolidaire.pdf 2022-01-15 09:36 - 2022-01-15 18:55 - 000000162 _____ C:\Users\ladi\Documents\Meta.txt 2022-01-12 21:05 - 2022-01-12 21:05 - 000000000 ____D C:\Users\ladi\AppData\Roaming\qualys 2022-01-12 11:35 - 2022-01-12 11:38 - 000000000 ____D C:\Users\ladi\AppData\Roaming\Mozilla 2022-01-11 20:39 - 2022-01-11 20:39 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe 2022-01-11 20:39 - 2022-01-11 20:39 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe 2022-01-11 15:53 - 2022-01-11 15:53 - 000000000 ____D C:\Users\ladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Brave 2022-01-09 17:59 - 2022-01-17 23:31 - 000000000 ____D C:\Program Files (x86)\FreeCommanderXE-32-public_portable 2022-01-08 08:59 - 2022-02-01 12:58 - 000002393 _____ C:\Users\ladi\Desktop\Brave.lnk 2022-01-08 08:49 - 2022-01-21 22:55 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-01-08 08:49 - 2022-01-08 08:49 - 000003612 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA 2022-01-08 08:49 - 2022-01-08 08:49 - 000003488 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore 2022-01-05 19:04 - 2022-02-01 20:45 - 000000000 ____D C:\Users\ladi\AppData\Roaming\LGHUB 2022-01-05 19:04 - 2022-01-07 08:30 - 000000000 ____D C:\ProgramData\LGHUB 2022-01-05 19:03 - 2022-01-05 19:03 - 000000000 ____D C:\Users\ladi\AppData\Roaming\LGHUB_BKP 2022-01-05 17:56 - 2022-01-05 17:56 - 000000000 ____D C:\Users\ladi\AppData\Roaming\Thunderbird 2021-12-31 12:43 - 2021-12-31 12:43 - 000001419 _____ C:\Users\ladi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk 2021-12-31 12:03 - 2021-12-31 12:03 - 000000000 ____D C:\Users\ladi\AppData\Roaming\NVIDIA 2021-12-31 12:02 - 2021-12-31 12:02 - 000042488 _____ (www.ext2fsd.com) C:\Windows\SysWOW64\Ext2Srv.EXE 2021-12-31 12:01 - 2021-12-31 12:01 - 000000000 ____D C:\Users\ladi\AppData\Roaming\AdbAppControl 2021-12-30 16:38 - 2022-02-02 18:49 - 000000517 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2021-12-30 16:33 - 2022-01-26 16:09 - 000001607 _____ C:\Windows\system32\config\VSMIDK 2021-12-30 16:33 - 2022-01-25 23:24 - 000000000 ____D C:\Program Files\Hyper-V 2021-12-30 16:33 - 2021-12-30 16:33 - 000000000 ____D C:\Windows\system32\BestPractices 2021-12-30 16:33 - 2021-12-30 16:33 - 000000000 ____D C:\Users\Public\Documents\Hyper-V 2021-12-30 11:33 - 2022-02-02 18:49 - 000000000 ____D C:\ProgramData\NVIDIA 2021-12-30 11:33 - 2021-12-30 18:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-12-30 11:33 - 2021-12-30 11:33 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2021-12-30 11:31 - 2021-12-30 11:31 - 008725160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 007843968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 007586784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 006438112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 005732320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 004938880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 002852280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 002116520 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 001874648 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2021-12-30 11:31 - 2021-12-30 11:31 - 001874648 _____ C:\Windows\system32\vulkaninfo.exe 2021-12-30 11:31 - 2021-12-30 11:31 - 001597552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 001524392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 001466024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-12-30 11:31 - 2021-12-30 11:31 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2021-12-30 11:31 - 2021-12-30 11:31 - 001209312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 001175512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 001112336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 001112336 _____ C:\Windows\system32\vulkan-1.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000982952 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000851936 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2021-12-30 11:31 - 2021-12-30 11:31 - 000802216 _____ C:\Windows\system32\nvofapi64.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000794024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000708776 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-12-30 11:31 - 2021-12-30 11:31 - 000679384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000658344 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000636840 _____ C:\Windows\SysWOW64\nvofapi.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000565416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2021-12-30 11:31 - 2021-12-30 11:31 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2021-12-30 11:31 - 2021-12-30 11:31 - 000085698 _____ C:\Windows\system32\nvinfo.pb 2021-12-29 20:03 - 2021-12-29 20:03 - 000001358 _____ C:\Users\ladi\Desktop\JDownloader2.lnk 2021-12-28 20:38 - 2021-12-28 20:38 - 000000971 _____ C:\Users\Public\Desktop\Sniper Ghost Warrior Contracts 2.lnk 2021-12-27 21:34 - 2022-02-01 09:45 - 000000000 ____D C:\Users\ladi\AppData\Roaming\Adobe 2021-12-25 22:47 - 2021-12-26 11:22 - 000000212 _____ C:\Users\ladi\Documents\bash.txt 2021-12-25 22:11 - 2022-01-25 23:24 - 000000000 ___SD C:\Windows\SysWOW64\lxss 2021-12-19 15:51 - 2021-12-19 15:51 - 000000000 ____D C:\Users\ladi\Documents\Audacity 2021-12-14 21:54 - 2021-12-14 21:54 - 000000000 ____D C:\Windows\SystemTemp 2021-12-14 19:55 - 2021-12-15 18:44 - 016876337 _____ C:\Users\ladi\Desktop\Major.epub 2021-12-13 14:26 - 2021-12-14 12:33 - 000000000 ____D C:\platform-toolsOLD 2021-12-05 16:18 - 2021-12-05 16:18 - 000000000 ____D C:\Users\ladi\AppData\Roaming\Waterfox 2021-12-03 08:39 - 2021-12-03 08:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-12-01 08:33 - 2021-12-30 13:21 - 000000000 ____D C:\Program Files (x86)\FreeCommanderXE-32-public_beta_portable 2021-12-01 08:31 - 2021-12-01 08:31 - 000000000 ____D C:\Users\ladi\AppData\Roaming\Goldberg UplayEmu Saves 2021-12-01 08:31 - 2021-12-01 08:31 - 000000000 ____D C:\Users\ladi\AppData\Roaming\Goldberg SteamEmu Saves 2021-11-30 09:36 - 2021-11-30 09:36 - 000000000 ____D C:\Windows\system32\MpEngineStore 2021-11-24 11:37 - 2021-11-24 11:37 - 000000000 ____D C:\Windows\system32\appmgmt 2021-11-24 09:04 - 2022-01-05 19:04 - 000000000 ____D C:\Program Files\LGHUB.c9b0fc01-e155-4fe9-82af-6aa946f64be5 2021-11-11 18:52 - 2021-12-25 22:10 - 000151352 _____ C:\Windows\system32\nmscrub.exe 2021-11-11 18:52 - 2021-11-11 18:52 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-11-09 09:31 - 2021-11-09 09:33 - 000000000 ____D C:\Program Files (x86)\Google ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-02-02 19:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-02 19:22 - 2020-06-14 12:09 - 000000000 ____D C:\Users\ladi\AppData\LocalLow\Mozilla 2022-02-02 18:55 - 2020-06-14 12:02 - 001771910 _____ C:\Windows\system32\PerfStringBackup.INI 2022-02-02 18:55 - 2019-12-07 15:50 - 000792000 _____ C:\Windows\system32\perfh00C.dat 2022-02-02 18:55 - 2019-12-07 15:50 - 000150166 _____ C:\Windows\system32\perfc00C.dat 2022-02-02 18:55 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-02-02 18:54 - 2020-06-14 12:09 - 000000000 ____D C:\ProgramData\Mozilla 2022-02-02 18:49 - 2020-06-14 11:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-02-02 12:30 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI 2022-02-02 12:29 - 2020-06-14 11:55 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-02-01 22:15 - 2020-06-20 13:31 - 000000000 ____D C:\Users\ladi\AppData\Roaming\vlc 2022-02-01 12:58 - 2020-06-20 19:48 - 000002682 _____ C:\Users\ladi\Desktop\Fusion 360.lnk 2022-02-01 12:58 - 2020-06-15 19:54 - 000001574 _____ C:\Users\ladi\Desktop\xmplay.lnk 2022-02-01 12:58 - 2020-06-14 13:27 - 000001826 _____ C:\Users\ladi\Desktop\FreeCommander.lnk 2022-02-01 12:58 - 2020-06-14 13:23 - 000001155 _____ C:\Users\ladi\Desktop\MSI Afterburner.lnk 2022-02-01 11:24 - 2020-06-15 19:44 - 000054941 _____ C:\Users\ladi\AppData\Roaming\WinSCP.ini 2022-02-01 11:24 - 2020-06-14 20:11 - 000000128 _____ C:\Users\ladi\AppData\Roaming\winscp.rnd 2022-01-31 09:16 - 2020-06-14 12:09 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-01-31 09:16 - 2020-06-14 12:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-01-30 13:48 - 2020-06-14 12:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-01-27 09:46 - 2020-06-19 19:11 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-01-27 09:46 - 2020-06-19 19:11 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-01-27 09:45 - 2020-06-19 19:11 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-01-27 09:45 - 2020-06-19 19:11 - 000000000 ____D C:\Program Files\Malwarebytes 2022-01-26 16:09 - 2020-06-14 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-01-26 08:43 - 2020-06-14 11:55 - 000257992 _____ C:\Windows\system32\FNTCACHE.DAT 2022-01-26 08:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-01-25 23:24 - 2021-04-04 19:35 - 000000000 ___SD C:\Windows\system32\lxss 2022-01-25 23:24 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-01-25 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2022-01-25 23:24 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2022-01-25 23:22 - 2020-06-14 11:57 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2022-01-21 20:58 - 2021-04-14 16:52 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-21 20:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-20 13:27 - 2020-06-14 11:58 - 000000000 ____D C:\Users\ladi 2022-01-15 19:52 - 2020-06-14 19:44 - 000000555 _____ C:\Users\ladi\Documents\IDs.txt 2022-01-13 20:44 - 2020-06-14 19:44 - 000000110 _____ C:\Users\ladi\Documents\Compte Google Store Japon.txt 2022-01-11 22:29 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2022-01-11 22:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2022-01-11 22:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2022-01-11 20:35 - 2020-06-14 12:09 - 000000000 ____D C:\Windows\system32\MRT 2022-01-11 20:34 - 2020-06-14 12:09 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-01-07 22:04 - 2020-06-14 20:10 - 000000000 ____D C:\Program Files (x86)\xmplay37_Portable ==================== Fichiers à la racine de certains dossiers ======== 2021-08-01 16:40 - 2021-12-25 22:01 - 000012288 _____ () C:\Users\ladi\AppData\Roaming\emp.bin 2020-06-15 19:44 - 2022-02-01 11:24 - 000054941 _____ () C:\Users\ladi\AppData\Roaming\WinSCP.ini 2020-06-14 20:11 - 2022-02-01 11:24 - 000000128 _____ () C:\Users\ladi\AppData\Roaming\winscp.rnd 2020-08-17 15:56 - 2020-08-17 15:56 - 000000291 _____ () C:\Users\ladi\AppData\Local\ledConfiguration.config 2020-06-15 19:43 - 2022-01-08 14:19 - 000000128 _____ () C:\Users\ladi\AppData\Local\PUTTY.RND 2021-12-19 18:13 - 2021-12-19 18:13 - 000000218 _____ () C:\Users\ladi\AppData\Local\recently-used.xbel 2020-06-23 18:54 - 2020-06-23 18:54 - 000007619 _____ () C:\Users\ladi\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2021-01-03 17:59 - 2021-11-23 09:04 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2020-06-14 12:13 - 2021-06-05 15:27 - 000006656 _____ C:\Windows\system32\lpcio.dll 2012-09-28 20:45 - 2012-09-28 20:45 - 000246272 _____ C:\Windows\system32\rtvcvfw64.dll 2021-06-02 11:51 - 2021-10-03 16:04 - 000249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2021-06-02 11:51 - 2021-10-03 16:04 - 000073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE 2020-06-27 11:43 - 2018-08-19 07:43 - 000456704 _____ (FragSoft) C:\Windows\SysWOW64\ISDone.dll 2012-09-28 20:45 - 2012-09-28 20:45 - 000247296 _____ C:\Windows\SysWOW64\rtvcvfw32.dll 2020-06-27 11:43 - 2018-08-19 07:46 - 000306688 _____ C:\Windows\SysWOW64\unarc.dll 2000-07-14 23:00 - 2000-07-14 23:00 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL 2022-02-02 20:12 - 2022-02-02 20:12 - 002311680 _____ (Farbar) C:\Users\ladi\Desktop\FRST64.exe 2022-02-02 19:41 - 2022-02-02 19:41 - 003479704 _____ (Nicolas Coolman) C:\Users\ladi\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {77e4349a-6e2d-11ec-809c-806e6f6e6963} timeout 1 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {a14c75f8-ae35-11ea-ab68-e58172dd9383} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {77e4349a-6e2d-11ec-809c-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \EFI\UBUNTU\SHIMX64.EFI description ubuntu Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {a14c75fa-ae35-11ea-ab68-e58172dd9383} displaymessageoverride CommandPrompt recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {a14c75f8-ae35-11ea-ab68-e58172dd9383} nx OptIn bootmenupolicy Standard hypervisorlaunchtype Auto Chargeur de d‚marrage Windows ----------------------------- identificateur {a14c75fa-ae35-11ea-ab68-e58172dd9383} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{a14c75fb-ae35-11ea-ab68-e58172dd9383} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{a14c75fb-ae35-11ea-ab68-e58172dd9383} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {a14c75f8-ae35-11ea-ab68-e58172dd9383} device partition=C: path \Windows\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {a14c75fa-ae35-11ea-ab68-e58172dd9383} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {a14c75fb-ae35-11ea-ab68-e58172dd9383} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================