Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 04-08-2022 Exécuté par Trev (administrateur) sur DESKTOP-11M1NDA (14-08-2022 22:08:58) Exécuté depuis H:\Téléchargements Profils chargés: Trev Plate-forme: Microsoft Windows 10 Professionnel Version 21H1 19043.1889 (X64) Langue: Anglais (États-Unis) -> Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50> (explorer.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (explorer.exe ->) (ultracopier.first-world.info) [Fichier non signé] C:\Program Files\Supercopier\supercopier.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <31> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddig.inf_amd64_da396291e1b656bc\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe (svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.534.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333224 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [] => [X] HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\...\Run: [ultracopier] => C:\Program Files\Supercopier\supercopier.exe [829440 2015-07-27] (ultracopier.first-world.info) [Fichier non signé] HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\...\Run: [Bloom] => C:\Users\Trev\AppData\Roaming\Bloom\Bloom.exe [134316851 2022-04-01] (BloomSoftware) [Fichier non signé] <==== ATTENTION HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24605528 2022-06-27] (Plex, Inc. -> Plex, Inc.) HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\...\Run: [] => [X] HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\...\RunOnce: [Application Restart #0] => C:\Users\Trev\AppData\Roaming\Bloom\Bloom.exe [134316851 2022-04-01] (BloomSoftware) [Fichier non signé] HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24605528 2022-06-27] (Plex, Inc. -> Plex, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-09] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\104.1.42.88\Installer\chrmstp.exe [2022-08-07] (Brave Software, Inc. -> Brave Software, Inc.) IFEO\avgcsrvx.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgidsagent.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgrsx.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avgwdsvc.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\avp.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\bdagent.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\blindman.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\ccuac.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\ComboFix.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\egui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\hijackthis.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\keyscrambler.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mba.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbam.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamgui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbampt.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamscheduler.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\mbamservice.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MpCmdRun.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\MSASCui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\msseces.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\rstrui.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDFiles.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDMain.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\SDWinSec.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\spybotsd.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\wireshark.exe: [Debugger] C:\Windows\System32\svchost.exe IFEO\zlclient.exe: [Debugger] C:\Windows\System32\svchost.exe Startup: C:\Users\Trev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk [2021-02-18] ShortcutTarget: MemInfo.lnk -> C:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software) [Fichier non signé] BootExecute: autocheck autochk * GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy-Firefox-x32: Restriction <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {018B5FF3-074F-4947-94E5-594046EE54E6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {09FAA87F-1942-47E6-B3DA-446C29715D9B} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-15] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {152FAC8E-4634-408B-A9E1-667D24E7A39E} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1642080 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) Task: {17E8DC79-668E-46B2-82F6-36EF4D58F268} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {287B9828-1AD6-4533-AD4A-608D7BFD4838} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {3737AAC3-4EAB-46C8-A40E-58B333BFDEC4} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-09] (Microsoft Windows -> Microsoft Corporation) Task: {41B671D8-4AE1-4664-AAEA-31763B770C29} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [137088 2021-09-26] (Glarysoft LTD -> Glarysoft Ltd) Task: {4D1C562A-1FFA-415D-9C33-207484047AD8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {5815E821-68DB-4215-8594-86724054A322} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {593A1811-E58B-4EDF-91A4-BA48B02C9E98} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier) Task: {5A2AC974-2F8C-47AF-A1BF-171B8F802AD8} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {5A7DA96E-39D0-448B-B555-883182F22EBF} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry Task: {5A7DA96E-39D0-448B-B555-883182F22EBF} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog Task: {5A7DA96E-39D0-448B-B555-883182F22EBF} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector Task: {7E457827-48B9-4503-AD84-D311294FD342} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-15] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {7E5249F7-EB43-47D5-A74B-D00C2C4412CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {7F7793C8-0318-4D39-AF6E-BB29294D9096} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {9909F95B-3D26-49DF-BDC7-9D788B7E1F8D} - \GU5SkipUAC -> Pas de fichier <==== ATTENTION Task: {A7351DE7-B70E-4AE0-88BB-1354704C33AE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {ACEB51A3-5560-427E-B43C-2D8CED7421E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {B4ADD78E-C60B-4C2E-8116-55FC41B2800F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {B51E656A-27D4-495E-BF14-EB7F17641640} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {B585A0C5-7E15-4FED-B693-5458BC2DA40A} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [258472 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) Task: {B7CD765A-1941-4CA2-AAE3-789F5FE9A2DB} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32837648 2022-07-27] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) Task: {BD5CE567-081E-4CBE-9DAC-19E7639ADA5C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) Task: {C314CFF1-0EC6-4C90-9DD1-A6432F4C43C9} - System32\Tasks\chrome tab => cmd /c powershell -WindowStyle Hidden -E "CgAKAAoAJABqAGQAIAA9ACAAJABuAHUAbABsADsACgAKACQAZQBuAGMAUwB0AHIAQQBzAGMAPQBbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBBAFMAQwBJAEkAOwAKACQAagBwAD0AJABuAHUAbABsADsACgAKAAoAZgB1AG4AYwB0AGkAbwBuACAAZwBlAHQAVgBhAGwAdQBlAE4AZQB3ACgAWwBzAHQAcgBpAG (l'élément de données a 4955 caractères en plus). <==== ATTENTION Task: {C969C956-4BAE-4C2E-AB80-1A87649C2568} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-09] (Microsoft Windows -> Microsoft Corporation) Task: {CC15AA5E-1B43-4B41-ABBF-DECAB7A5840D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK Task: {D3CE71A5-E5CE-4E07-83E1-BF252CFF9054} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-04-14] (Google Inc -> Google Inc.) Task: {D503EAD2-7AD3-4EE3-B421-447F242DF697} - \chrome cast -> Pas de fichier <==== ATTENTION Task: {D6C70A02-FCDE-429E-8FC3-1C47144112CA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {DC9B65E3-CFE6-4876-AF71-6868D35CEC1E} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {DF9B984E-4507-4DA3-AEE7-71EF1E28DBCA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {F61C6F39-BC98-4F13-93F3-5639BF458F08} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {F6253AB8-8578-436F-AD0F-602843B715ED} - System32\Tasks\unityplayeer => c:\users\trev\appdata\roaming\unityplayeer.exe (Pas de fichier) <==== ATTENTION Task: {F8B6960E-0535-4287-831E-E934EB08AA35} - System32\Tasks\{05495A62-E68C-45C8-A480-174A873A5D0A} => C:\Windows\system32\pcalua.exe -a "D:\Firewatch [Update14]\Setup.exe" -d "D:\Firewatch [Update14]" Task: {FEBE404E-D5CC-41BF-B569-EE2ADC8A8315} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-04-14] (Google Inc -> Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6cb6213f-01a2-4393-b9ad-a44f02d8ca6d}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{6cb6213f-01a2-4393-b9ad-a44f02d8ca6d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\Trev\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-11] FireFox: ======== FF DefaultProfile: flej815r.default-1535309650499 FF ProfilePath: C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499 [2022-08-14] FF DownloadDir: H:\Téléchargements FF Homepage: Mozilla\Firefox\Profiles\flej815r.default-1535309650499 -> moz-extension://5a99605b-b15b-48d3-a82b-52e612771815/index.html FF Session Restore: Mozilla\Firefox\Profiles\flej815r.default-1535309650499 -> est activé. FF HomepageOverride: Mozilla\Firefox\Profiles\flej815r.default-1535309650499 -> Enabled: extension@tabliss.io FF NewTabOverride: Mozilla\Firefox\Profiles\flej815r.default-1535309650499 -> Enabled: extension@tabliss.io FF Extension: (Facebook Container) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\@contain-facebook.xpi [2022-03-18] FF Extension: (Cisco Webex Extension) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\ciscowebexstart1@cisco.com.xpi [2022-07-24] FF Extension: (Tabliss) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\extension@tabliss.io.xpi [2022-04-27] FF Extension: (web.skype.com for Firefox) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\firefox-web-skype@phts.xpi [2021-03-09] FF Extension: (Real-Debrid) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\firefox@realdebrid.xpi [2018-08-26] [UpdateUrl:hxxps://app.real-debrid.com/rest/1.0/firefox/update.json] FF Extension: (I don't care about cookies) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-08-12] FF Extension: (NordPass® Password Manager & Digital Vault) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\nordpass@nordpass.com.xpi [2022-08-09] FF Extension: (Google Consent Dialog Remover) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\{26b743a8-b1b0-4b8c-a51e-0fc3797727a8}.xpi [2021-03-25] FF Extension: (Shut Up: Comment Blocker) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\{b6840179-45a1-4a2d-a4ef-e2815c1faa28}.xpi [2022-07-08] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-07-06] FF Extension: (Greasemonkey) - C:\Users\Trev\AppData\Roaming\Mozilla\Firefox\Profiles\flej815r.default-1535309650499\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-09-04] FF Extension: (Cisco WebEx Extension) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\ciscowebexstart1@cisco.com.xpi [2020-03-05] FF HKLM\...\Firefox\Extensions: [conferencing@plugin.com] - C:\Program Files (x86)\Conferencing Appshare Plugin\Firefox\appshare_addon.xpi FF Extension: (Conferencing Plugin) - C:\Program Files (x86)\Conferencing Appshare Plugin\Firefox\appshare_addon.xpi [2018-07-09] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF HKLM-x32\...\Firefox\Extensions: [conferencing@plugin.com] - C:\Program Files (x86)\Conferencing Appshare Plugin\Firefox\appshare_addon.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-03-05] (Cisco WebEx LLC -> Cisco WebEx LLC) FF Plugin-x32: Conferencing App -> C:\Program Files (x86)\Conferencing Appshare Plugin\NPAPI\npANWShare25.dll [2018-07-09] (Arkadin -> Anywhere Conference) [Fichier non signé] Chrome: ======= CHR Profile: C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default [2022-08-14] CHR DownloadDir: H:\Téléchargements CHR NewTab: Default -> Active:"chrome-extension://hipekcciheckooncpjeljhnekcoolahp/index.html" CHR Session Restore: Default -> est activé. CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-05] CHR Extension: (Recherche Google) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-14] CHR Extension: (NordPass® Password Manager & Digital Vault) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\fooolghllnmhmmndgjiamiiodkpenpbb [2022-07-19] CHR Extension: (Avast Online Security & Privacy) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-07-21] CHR Extension: (Tabliss - A Beautiful New Tab) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipekcciheckooncpjeljhnekcoolahp [2022-04-26] CHR Extension: (Ugly Email) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldgiafaliifpknmgofiifianlnbgflgj [2022-06-09] CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2022-04-06] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Real-Debrid extension) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2022-06-12] CHR Extension: (Shut Up: Comment Blocker) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\oklfoejikkmejobodofaimigojomlfim [2022-07-09] CHR Extension: (Material Theme Dark [blue-grey]) - C:\Users\Trev\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoafodbgcjnmijjepmpgnlhnogaahme [2022-07-11] CHR Extension: (Properties) - C:\Users\Trev\AppData\Local\chrome_tools [2022-05-16] CHR Profile: C:\Users\Trev\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-13] CHR HKLM\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] CHR HKLM\...\Chrome\Extension: [pfngopommdknnpihdofckgpeddipoeai] CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] CHR HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] CHR HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] CHR HKU\S-1-5-21-4249077115-3693650588-2046397932-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] CHR HKLM-x32\...\Chrome\Extension: [pfngopommdknnpihdofckgpeddipoeai] CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-08-14] BRA DefaultSearchURL: Default -> hxxp://securedserch.com/?q={searchTerms} BRA DefaultSearchKeyword: Default -> sse BRA DefaultSuggestURL: Default -> hxxp://securedsearch.xyz/?s={searchTerms} BRA Extension: (Avira Password Manager) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-08-10] BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-08-10] BRA Extension: (NordPass® Password Manager & Digital Vault) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fooolghllnmhmmndgjiamiiodkpenpbb [2022-07-24] BRA Extension: (Avast Online Security & Privacy) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-07-24] BRA Extension: (Secured Search) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ilnidodcffjfecahcfiihlhiohnaobic [2019-12-14] BRA Extension: (Search Manager) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2019-12-14] BRA Extension: (Search Manager) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2020-06-10] BRA Profile: C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2021-01-15] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-08-14] BRA Extension: (Brave NTP background images) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-14] BRA Extension: (Wallet Data Files Updater) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-07-24] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-08-14] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-07-17] BRA Extension: (Brave SpeedReader Updater) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-11] BRA Extension: (Brave NTP sponsored images) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-08-14] BRA Extension: (PDF Viewer) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-05-15] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Trev\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-08-11] StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264400 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) S4 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [284136 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-15] (Brave Software, Inc. -> BraveSoftware Inc.) S4 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-15] (Brave Software, Inc. -> BraveSoftware Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd) S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-11-28] (EasyAntiCheat Oy -> Epic Games, Inc) R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8505424 2022-08-13] (Avira Operations GmbH -> Avira Operations GmbH) S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8505424 2022-08-13] (Avira Operations GmbH -> Avira Operations GmbH) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1748552 2020-05-30] (GOG Sp. z o.o. -> GOG.com) S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-05-30] (GOG Sp. z o.o. -> GOG.com) S4 GUBootService; C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe [867712 2021-09-26] (Glarysoft LTD -> Glarysoft Ltd) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [225368 2022-07-14] (HP Inc. -> HP Inc.) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-06-09] (Electronic Arts, Inc. -> Electronic Arts) S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-06-09] (Electronic Arts, Inc. -> Electronic Arts) S3 Parsec; C:\Program Files\Parsec\pservice.exe [396488 2021-10-04] (Parsec Cloud, Inc. -> Parsec) R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [586896 2022-06-27] (Plex, Inc. -> Plex, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S4 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146168 2020-03-05] (Cisco WebEx LLC -> Cisco WebEx LLC) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 BraveElevationService; "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\104.1.42.88\elevation_service.exe" [X] S4 CloudflareWARP; "C:\Program Files\Cloudflare\Cloudflare WARP\warp-svc.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvddig.inf_amd64_da396291e1b656bc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvddig.inf_amd64_da396291e1b656bc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 PSI_SVC_2_x64; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2022-06-02] (Avast Software s.r.o. -> WireGuard LLC) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-06-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-13] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-13] (Disc Soft Ltd -> Disc Soft Ltd) S3 gdrv; C:\Windows\gdrv.sys [26192 2016-04-14] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2021-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2019-10-30] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2022-05-05] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [24024 2022-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH) R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [203288 2022-08-13] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [189560 2022-08-13] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [47560 2022-06-24] (Avira Operations GmbH -> Avira Operations GmbH) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> ) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] S3 OCULUSVRHEADSET; \SystemRoot\System32\drivers\OCULUS119B.sys [X] S3 OCUSBVID; \SystemRoot\System32\drivers\ocusbvid111.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-14 21:48 - 2022-08-14 22:09 - 000000000 ____D C:\FRST 2022-08-12 10:24 - 2022-08-12 10:24 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\FuturLab 2022-08-12 10:18 - 2022-08-12 10:18 - 000001267 _____ C:\Users\Trev\Desktop\Cult Of The Lamb.exe.lnk 2022-08-12 09:51 - 2022-08-12 09:51 - 000000768 _____ C:\Users\Trev\Desktop\PowerWash Simulator.lnk 2022-08-12 09:51 - 2022-08-12 09:51 - 000000768 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerWash Simulator.lnk 2022-08-11 13:51 - 2022-08-11 13:51 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\HappyJuice 2022-08-11 13:49 - 2022-08-11 13:49 - 000000932 _____ C:\Users\Trev\Desktop\Lost In Play.lnk 2022-08-11 13:33 - 2022-08-11 13:33 - 000000697 _____ C:\Users\Trev\Desktop\vz.txt 2022-08-10 16:47 - 2022-08-10 16:47 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\qureate 2022-08-10 16:42 - 2022-08-10 16:43 - 000000000 ____D C:\Users\Trev\Desktop\beat refle 2022-08-10 16:20 - 2022-08-10 16:20 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Crate Entertainment 2022-08-10 15:03 - 2022-08-10 15:03 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\11 bit studios 2022-08-10 14:10 - 2022-08-10 14:10 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\MercuryGameStudioLtd 2022-08-10 11:55 - 2022-08-10 11:55 - 000001277 _____ C:\Users\Trev\Desktop\Ori and the Will of the Wisp.lnk 2022-08-10 09:33 - 2022-08-10 09:33 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\uTorrent 2022-08-09 23:24 - 2022-08-09 23:24 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-08-09 23:24 - 2022-08-09 23:24 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-08-09 23:23 - 2022-08-09 23:23 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-08-09 23:23 - 2022-08-09 23:23 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-08-09 23:23 - 2022-08-09 23:23 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2022-08-09 23:23 - 2022-08-09 23:23 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2022-08-09 23:23 - 2022-08-09 23:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-08-09 23:23 - 2022-08-09 23:23 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-09 23:12 - 2022-08-09 23:12 - 000000000 ___HD C:\$WinREAgent 2022-08-03 22:11 - 2022-08-03 22:11 - 000000843 _____ C:\Users\Trev\Desktop\Frogun.lnk 2022-08-03 22:11 - 2022-08-03 22:11 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Molegato 2022-08-03 21:49 - 2022-08-03 21:49 - 000000862 _____ C:\Users\Trev\Desktop\South Of The Circle.lnk 2022-08-03 00:06 - 2022-08-03 00:06 - 000000837 _____ C:\Users\Public\Desktop\Xenoblade Chronicles 3.lnk 2022-07-27 23:55 - 2022-07-28 00:28 - 000000000 ____D C:\Users\Trev\AppData\Local\Aurelia 2022-07-27 23:07 - 2022-07-27 23:07 - 000003794 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify 2022-07-25 01:23 - 2022-07-31 19:11 - 000001316 _____ C:\Users\Trev\Desktop\Tabletop Gaming 08.2022.pdf.lnk 2022-07-24 23:53 - 2022-07-24 23:53 - 000016484 _____ C:\Users\Trev\Desktop\SupportTelVoiture.stl 2022-07-24 21:35 - 2022-07-25 00:34 - 000826440 _____ C:\Users\Trev\Desktop\SupportTelVoiture.blend 2022-07-24 21:35 - 2022-07-24 22:11 - 000826440 _____ C:\Users\Trev\Desktop\SupportTelVoiture.blend1 2022-07-24 17:36 - 2022-07-24 17:36 - 000282284 _____ C:\Users\Trev\Desktop\120_110.stl 2022-07-24 17:35 - 2022-07-24 17:35 - 000282284 _____ C:\Users\Trev\Desktop\120_120.stl 2022-07-24 15:14 - 2022-07-24 15:30 - 000000000 ____D C:\Users\Trev\Documents\The Riftbreaker 2022-07-24 12:46 - 2022-07-24 12:46 - 000001128 _____ C:\Users\Trev\Desktop\HellPie.exe.lnk 2022-07-24 12:46 - 2022-07-24 12:46 - 000000000 ____D C:\Users\Trev\AppData\Local\HellPie 2022-07-19 19:00 - 2022-07-19 19:00 - 000000000 ____D C:\Users\Trev\AppData\Local\Hk_project 2022-07-19 18:59 - 2022-07-19 18:59 - 000000998 _____ C:\Users\Trev\Desktop\Stray.lnk 2022-07-19 13:17 - 2022-07-19 13:17 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Little Flag Software, LLC 2022-07-15 17:02 - 2022-07-15 17:02 - 000000000 ____D C:\Users\Trev\AppData\Local\Lizardcube 2022-07-15 00:05 - 2022-07-15 00:05 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Subcreation 2022-07-14 02:02 - 2022-07-14 02:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server 2022-07-13 23:47 - 2022-07-13 23:47 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-13 23:47 - 2022-07-13 23:47 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-13 23:47 - 2022-07-13 23:47 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-13 23:47 - 2022-07-13 23:47 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-07-13 23:47 - 2022-07-13 23:47 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-07-13 23:47 - 2022-07-13 23:47 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-07-13 23:47 - 2022-07-13 23:47 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-07-13 23:47 - 2022-07-13 23:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-13 23:47 - 2022-07-13 23:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-13 23:47 - 2022-07-13 23:47 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-13 23:47 - 2022-07-13 23:47 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-13 23:47 - 2022-07-13 23:47 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-13 23:47 - 2022-07-13 23:47 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-13 23:47 - 2022-07-13 23:47 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-07-13 23:46 - 2022-07-13 23:46 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-13 23:46 - 2022-07-13 23:46 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-13 23:46 - 2022-07-13 23:46 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-12 19:50 - 2022-07-12 19:50 - 000000000 ____D C:\Users\Trev\AppData\Local\GUI 2022-07-12 18:44 - 2022-07-12 18:44 - 000000000 ____D C:\Users\Trev\AppData\Local\Blizzard Entertainment 2022-07-12 18:44 - 2022-07-12 18:44 - 000000000 ____D C:\ProgramData\Battle.net 2022-07-12 17:52 - 2022-07-12 17:52 - 000000000 ____D C:\Users\Trev\AppData\Roaming\Cuphead 2022-07-12 17:50 - 2022-07-12 17:50 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Studio MDHR 2022-07-12 17:33 - 2022-07-12 17:33 - 000000000 ____D C:\Users\Trev\AppData\Local\Microsoft_Corporation 2022-07-12 15:13 - 2022-07-12 15:13 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance 2022-07-12 15:13 - 2022-07-12 15:13 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog 2022-07-11 20:14 - 2022-07-11 20:14 - 000013984 _____ C:\WINDOWS\system32\Tasks\chrome tab 2022-07-01 16:32 - 2022-07-01 16:32 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\GameraInteractive 2022-07-01 09:49 - 2022-07-01 09:49 - 000000913 _____ C:\Users\Trev\Desktop\Cuphead The Delicious Last Course.lnk 2022-06-30 00:15 - 2022-06-30 00:15 - 000000000 ____D C:\Users\Trev\.ms-ad 2022-06-28 00:04 - 2022-08-14 02:05 - 008881032 _____ C:\WINDOWS\system32\rtp.db 2022-06-28 00:04 - 2022-08-13 13:57 - 000203288 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys 2022-06-28 00:04 - 2022-08-13 13:57 - 000189560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys 2022-06-28 00:04 - 2022-06-28 00:04 - 000000000 ____D C:\Program Files\Avira 2022-06-28 00:04 - 2022-06-24 12:57 - 000047560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys 2022-06-28 00:04 - 2022-06-24 12:57 - 000024024 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys 2022-06-28 00:04 - 2022-06-21 17:57 - 000230520 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\BdSentry.sys 2022-06-28 00:04 - 2022-06-15 09:28 - 000100128 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys 2022-06-25 01:07 - 2022-06-25 01:07 - 000000000 ____D C:\Program Files (x86)\Plex 2022-06-24 23:08 - 2022-06-24 23:08 - 000002443 _____ C:\Users\Trev\Desktop\DLNA.txt 2022-06-24 00:26 - 2022-08-13 01:12 - 000000000 ____D C:\Users\Trev\AppData\Local\Plex 2022-06-24 00:26 - 2022-06-24 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex 2022-06-24 00:25 - 2022-06-24 00:25 - 000000000 ____D C:\Program Files\Plex 2022-06-23 08:57 - 2022-06-23 08:57 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\SVGames 2022-06-22 00:49 - 2022-06-22 00:49 - 000000000 ____D C:\Users\Trev\AppData\Local\AviraWebView2Cache 2022-06-20 18:48 - 2022-06-20 18:48 - 000000000 ____D C:\Program Files\Google 2022-06-19 23:44 - 2022-06-19 23:44 - 000000727 _____ C:\Users\Public\Desktop\The LEGO NINJAGO Movie - Video Game DX11.lnk 2022-06-18 19:09 - 2022-06-18 19:09 - 012082889 _____ C:\Users\Trev\Desktop\Cook_Set_Chef_Supported.gcode 2022-06-17 17:44 - 2022-06-17 17:44 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\ClockStone Software GmbH 2022-06-16 17:50 - 2022-06-16 17:50 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\RedCandleGames 2022-06-16 17:41 - 2022-06-16 17:41 - 000000000 ____D C:\Users\Trev\Documents\BaldoTheGuardianOwls 2022-06-16 17:41 - 2022-06-16 17:41 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\NapsTeam 2022-06-16 15:18 - 2022-06-16 15:18 - 000000223 _____ C:\Users\Trev\Desktop\Teenage Mutant Ninja Turtles Shredder's Revenge.url 2022-06-16 14:20 - 2022-06-16 14:20 - 000000803 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldo The Guardian Owls The Three Fairies.lnk 2022-06-15 19:40 - 2022-06-15 19:40 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-06-15 19:40 - 2022-06-15 19:40 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2022-06-15 19:40 - 2022-06-15 19:40 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-06-15 19:40 - 2022-06-15 19:40 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2022-06-15 19:39 - 2022-06-15 19:39 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-06-15 00:16 - 2022-06-15 00:16 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\illusion__HoneySelect2_Steam 2022-06-14 23:59 - 2022-06-14 23:59 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\JacobDzwinel 2022-06-14 23:38 - 2022-06-14 23:38 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Black Mermaid 2022-06-13 23:53 - 2022-06-13 23:53 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\FloppyClub 2022-06-13 21:19 - 2022-06-13 21:19 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Massive Monster 2022-06-09 21:55 - 2022-06-09 21:55 - 000000000 ____D C:\Users\Trev\AppData\Local\Haze1 2022-06-07 18:57 - 2022-06-07 18:57 - 000000000 ____D C:\Users\Trev\AppData\Local\NemesisLD 2022-06-07 18:02 - 2022-06-07 18:02 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\RetroForgeGames 2022-06-07 16:59 - 2022-06-07 16:59 - 000000897 _____ C:\Users\Trev\Desktop\Honey Select 2 DX.lnk 2022-06-03 23:08 - 2022-06-03 23:08 - 000000223 _____ C:\Users\Trev\Desktop\Nemesis Lockdown.url 2022-06-02 22:52 - 2022-06-02 22:52 - 000000000 ____D C:\Users\Trev\AppData\Local\Sifu 2022-06-02 22:26 - 2022-06-02 22:26 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Hanging Gardens Interactive 2022-06-02 21:46 - 2022-06-02 21:46 - 000000000 ___HD C:\$AV_ASW 2022-06-02 21:40 - 2022-06-02 21:40 - 000037104 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\aswWintun.sys 2022-06-02 21:39 - 2022-06-02 21:39 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2022-06-02 13:42 - 2022-06-02 13:42 - 000000223 _____ C:\Users\Trev\Desktop\A Way Out.url 2022-05-31 00:48 - 2022-05-31 00:48 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Broken Rules 2022-05-30 23:42 - 2022-05-30 23:42 - 000000803 _____ C:\Users\Public\Desktop\The Stanley Parable - Ultra Deluxe.lnk 2022-05-25 19:56 - 2022-05-25 19:56 - 000003597 _____ C:\Users\Trev\AppData\Local\recently-used.xbel 2022-05-21 14:21 - 2022-06-03 22:47 - 101482484 _____ C:\Users\Trev\Desktop\STL_Cook_Set_Chef_Supported.stl 2022-05-18 23:40 - 2022-05-18 23:40 - 000000223 _____ C:\Users\Trev\Desktop\Titanfall® 2.url 2022-05-18 14:56 - 2022-06-18 19:43 - 082044384 _____ C:\Users\Trev\Desktop\32mm_Adventurer-Sci-Fi_Supported.stl 2022-05-17 11:58 - 2022-06-18 19:43 - 015000284 _____ C:\Users\Trev\Desktop\32mm_Adventurer-Sci-Fi_Base.stl 2022-05-17 10:52 - 2022-05-17 10:52 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-05-17 10:52 - 2022-05-17 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-05-17 10:52 - 2022-05-05 03:00 - 002859264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2022-05-17 10:52 - 2022-05-05 03:00 - 002200272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2022-05-17 10:52 - 2022-05-05 03:00 - 001295104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2022-05-17 10:52 - 2022-05-05 03:00 - 000168656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2022-05-17 10:52 - 2022-05-05 03:00 - 000144592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2022-05-17 10:52 - 2022-05-05 03:00 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2022-05-17 10:49 - 2022-05-05 03:00 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2022-05-17 10:49 - 2022-05-05 03:00 - 000050272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys 2022-05-17 10:49 - 2022-05-05 03:00 - 000048552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2022-05-17 10:49 - 2022-05-05 03:00 - 000047792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2022-05-17 10:47 - 2022-05-05 20:50 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-05-17 10:47 - 2022-05-05 20:50 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-05-17 10:47 - 2022-05-05 20:50 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-05-17 10:47 - 2022-05-05 20:50 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-05-17 10:47 - 2022-05-05 20:50 - 001467976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-05-17 10:47 - 2022-05-05 20:50 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-05-17 10:47 - 2022-05-05 20:50 - 001432320 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-05-17 10:47 - 2022-05-05 20:50 - 001209416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-05-17 10:47 - 2022-05-05 20:50 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-05-17 10:47 - 2022-05-05 20:50 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-05-17 10:47 - 2022-05-05 20:47 - 000724688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-05-17 10:47 - 2022-05-05 20:47 - 000586440 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-05-17 10:47 - 2022-05-05 20:47 - 000461392 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-05-17 10:47 - 2022-05-05 20:46 - 002120912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-05-17 10:47 - 2022-05-05 20:46 - 001602256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-05-17 10:47 - 2022-05-05 20:46 - 001529552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-05-17 10:47 - 2022-05-05 20:46 - 001178184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-05-17 10:47 - 2022-05-05 20:46 - 000713280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-05-17 10:47 - 2022-05-05 20:45 - 006963928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-05-17 10:47 - 2022-05-05 20:45 - 006226624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-05-17 10:47 - 2022-05-05 20:45 - 005100744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-05-17 10:47 - 2022-05-05 20:45 - 002932928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-05-17 10:47 - 2022-05-05 20:45 - 000731208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-05-17 10:47 - 2022-05-05 20:45 - 000581840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-05-17 10:47 - 2022-05-05 20:45 - 000458816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-05-17 10:47 - 2022-05-05 20:44 - 005729848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-05-17 10:47 - 2022-05-05 20:43 - 000851152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-05-17 10:47 - 2022-05-05 03:00 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb 2022-05-17 10:16 - 2022-05-17 10:16 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\ThinkingStars 2022-05-17 09:12 - 2022-05-17 09:12 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Roll7 2022-05-16 21:11 - 2022-05-16 21:11 - 000000000 ____D C:\Users\Trev\AppData\Local\chrome_tools ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-08-14 22:09 - 2016-04-13 23:49 - 000000000 ____D C:\Users\Trev\AppData\Roaming\vlc 2022-08-14 22:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-14 21:41 - 2016-04-14 13:19 - 000000000 ____D C:\Program Files (x86)\Google 2022-08-14 21:37 - 2020-10-05 11:38 - 000728992 _____ C:\WINDOWS\system32\perfh00C.dat 2022-08-14 21:37 - 2020-10-05 11:38 - 000141542 _____ C:\WINDOWS\system32\perfc00C.dat 2022-08-14 21:37 - 2020-10-05 02:01 - 001638740 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-14 21:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-14 21:37 - 2017-07-29 10:10 - 000000000 ____D C:\ProgramData\NVIDIA 2022-08-14 21:37 - 2016-12-16 17:24 - 000000000 ____D C:\Users\Trev\AppData\LocalLow\Mozilla 2022-08-14 21:30 - 2020-10-05 02:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-14 21:30 - 2020-10-05 01:55 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-14 21:30 - 2016-06-12 17:02 - 000000000 ____D C:\Users\Trev\AppData\Local\Plex Media Server 2022-08-14 02:05 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-08-14 01:53 - 2016-04-13 23:28 - 000000000 ____D C:\Program Files (x86)\Steam 2022-08-14 01:08 - 2020-10-05 01:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-13 20:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-13 14:11 - 2020-08-05 17:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-13 14:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-12 09:12 - 2019-07-20 09:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-08-12 09:12 - 2019-01-15 21:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-08-11 16:27 - 2021-10-09 17:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-08-11 16:27 - 2016-04-13 23:16 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-08-11 13:51 - 2020-10-14 15:14 - 000000000 ____D C:\Users\Trev\Documents\DARKSiDERS 2022-08-10 23:15 - 2021-02-15 12:42 - 000000000 ____D C:\Users\Trev\AppData\Roaming\NordPass 2022-08-10 23:15 - 2018-02-07 10:43 - 000000000 ____D C:\Users\Trev\AppData\Roaming\discord 2022-08-10 23:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-10 19:38 - 2022-03-11 11:16 - 000000000 ____D C:\Users\Trev\AppData\Local\Discord 2022-08-10 16:55 - 2020-03-13 17:13 - 000000000 ____D C:\Users\Trev\AppData\Roaming\Goldberg SteamEmu Saves 2022-08-10 16:20 - 2016-04-13 23:37 - 000000000 ____D C:\Users\Trev\Documents\my games 2022-08-10 12:05 - 2016-05-20 22:57 - 000000000 ____D C:\Users\Trev\AppData\Local\CrashDumps 2022-08-10 11:57 - 2020-03-11 23:36 - 000000000 ____D C:\Users\Trev\AppData\Local\Ori and the Will of The Wisps 2022-08-10 09:33 - 2019-07-15 22:03 - 000000000 ____D C:\Users\Trev\AppData\Local\BitTorrentHelper 2022-08-10 09:33 - 2016-04-13 23:50 - 000000000 ____D C:\Users\Trev\AppData\Roaming\uTorrent 2022-08-10 09:24 - 2020-10-05 02:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-08-10 09:23 - 2021-11-08 01:02 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-08-10 00:02 - 2020-10-05 01:55 - 000776176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-10 00:00 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-08-10 00:00 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-10 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-09 23:23 - 2020-10-05 01:58 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-09 23:23 - 2015-10-30 10:13 - 000415530 __RSH C:\bootmgr 2022-08-09 23:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-09 23:12 - 2016-04-14 13:20 - 000000000 ____D C:\ProgramData\Package Cache 2022-08-09 23:11 - 2021-02-17 11:46 - 000000000 ____D C:\Program Files\dotnet 2022-08-09 23:11 - 2016-03-09 10:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-09 23:07 - 2016-03-09 10:41 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-09 22:43 - 2016-04-14 13:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-08-08 22:35 - 2022-04-26 21:01 - 000000000 ____D C:\Users\Trev\AppData\Roaming\WhatsApp 2022-08-08 22:19 - 2016-04-13 23:05 - 000000000 ____D C:\Users\Trev\AppData\Roaming\foobar2000 2022-08-07 09:58 - 2019-05-15 20:57 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-08-05 23:38 - 2020-05-10 21:12 - 000000000 ____D C:\ProgramData\Avira 2022-08-03 22:11 - 2016-04-22 00:58 - 000000000 ____D C:\Users\Trev\Documents\SkidRow 2022-08-03 01:26 - 2020-03-18 23:58 - 000000000 ____D C:\Users\Trev\AppData\Roaming\Luniitheque 2022-08-03 00:14 - 2020-03-20 10:43 - 000000000 ____D C:\Users\Trev\AppData\Roaming\Signal 2022-08-02 18:40 - 2022-03-22 00:13 - 000000000 ____D C:\Users\Trev\Desktop\GAME ARTS 2022-07-29 23:17 - 2020-05-14 17:28 - 000000000 ____D C:\Users\Trev\AppData\Roaming\RenPy 2022-07-28 19:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-07-27 21:05 - 2020-10-05 02:06 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-07-27 21:05 - 2020-10-05 02:06 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-07-25 23:36 - 2016-04-14 00:08 - 000000000 ____D C:\Users\Trev\AppData\Roaming\Origin 2022-07-25 23:36 - 2016-04-14 00:07 - 000000000 ____D C:\ProgramData\Origin 2022-07-25 23:32 - 2016-04-14 00:08 - 000000000 ____D C:\Users\Trev\AppData\Local\Origin 2022-07-25 10:35 - 2018-07-13 10:31 - 000000000 ____D C:\Users\Trev\AppData\Local\D3DSCache 2022-07-19 13:17 - 2021-05-18 15:27 - 000000000 ____D C:\Users\Trev\AppData\Roaming\FLT 2022-07-16 22:02 - 2021-05-15 22:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2022-07-16 21:59 - 2021-04-26 10:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2022-07-15 17:01 - 2018-12-15 15:36 - 000000000 ____D C:\Users\Trev\AppData\Local\EpicGamesLauncher ==================== Fichiers à la racine de certains dossiers ======== 2020-03-06 13:23 - 2020-03-06 22:48 - 000000007 _____ () C:\Users\Trev\AppData\Roaming\account_name.txt 2016-12-29 15:35 - 2017-10-09 22:13 - 000000034 _____ () C:\Users\Trev\AppData\Roaming\AdobeWLCMCache.dat 2020-03-06 13:23 - 2020-03-06 22:48 - 000000017 _____ () C:\Users\Trev\AppData\Roaming\DLC.txt 2021-03-07 23:13 - 2021-04-25 00:06 - 000012288 _____ () C:\Users\Trev\AppData\Roaming\emp.bin 2020-03-06 13:23 - 2020-03-06 22:48 - 000000007 _____ () C:\Users\Trev\AppData\Roaming\language.txt 2020-03-06 13:23 - 2020-03-06 22:48 - 000000005 _____ () C:\Users\Trev\AppData\Roaming\listen_port.txt 2020-03-06 13:23 - 2020-03-06 22:48 - 000000007 _____ () C:\Users\Trev\AppData\Roaming\local_save.txt 2020-03-06 13:23 - 2020-03-06 22:48 - 000000001 _____ () C:\Users\Trev\AppData\Roaming\offline.txt 2020-03-06 13:23 - 2020-03-06 22:48 - 000000006 _____ () C:\Users\Trev\AppData\Roaming\steam_appid.txt 2020-03-06 13:23 - 2020-03-06 22:48 - 000000000 _____ () C:\Users\Trev\AppData\Roaming\user_steam_id.txt 2018-01-07 18:48 - 2019-05-21 20:52 - 000000059 _____ () C:\Users\Trev\AppData\Roaming\~SiMPLEX.ini 2021-01-03 23:26 - 2021-01-03 23:26 - 000000019 _____ () C:\Users\Trev\AppData\Local\nyrna_config.json 2020-11-28 10:45 - 2020-11-28 10:45 - 000000000 _____ () C:\Users\Trev\AppData\Local\oobelibMkey.log 2022-05-25 19:56 - 2022-05-25 19:56 - 000003597 _____ () C:\Users\Trev\AppData\Local\recently-used.xbel 2018-05-04 17:17 - 2021-05-10 11:20 - 000007618 _____ () C:\Users\Trev\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2016-07-16 13:42 - 2016-07-16 13:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll 2016-07-12 21:15 - 2016-07-01 05:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe 2015-10-30 09:19 - 2015-10-30 09:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll 2017-04-11 22:38 - 2017-03-28 07:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-05-09 22:46 - 2017-03-04 08:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-07-16 13:43 - 2016-11-20 20:30 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2015-05-08 00:05 - 2015-05-08 00:05 - 000304640 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Ncs2Setp.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll 2016-07-16 13:43 - 2016-11-20 20:30 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe 2016-04-14 12:50 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll 2016-04-14 12:50 - 2016-04-14 12:50 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll 2016-07-10 21:42 - 2016-07-10 21:42 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe 2021-06-30 14:20 - 2021-06-30 14:20 - 000249856 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe 2021-06-30 14:20 - 2021-06-30 14:20 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE 2016-07-16 13:43 - 2016-07-16 13:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll 2015-10-30 09:19 - 2015-10-30 09:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll 2017-03-14 20:53 - 2017-03-04 08:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 13:44 - 2016-11-20 20:29 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2015-05-22 10:00 - 2015-05-22 10:00 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll 2015-10-30 09:19 - 2016-09-15 18:24 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-10-30 09:19 - 2016-09-15 18:24 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2000-07-15 00:00 - 2000-07-15 00:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2021-05-12 19:24 - 2021-07-21 18:15 - 001396736 _____ (3DMGAME) C:\Users\Trev\Desktop\Resident Evil Village v1.0 Plus 23 Trainer.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=C: description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {d94bae3b-06f0-11eb-802b-930b09f38f38} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {01ea4677-e147-11e6-91df-fc0b86c0aced} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{01ea4678-e147-11e6-91df-fc0b86c0aced} path \windows\system32\winload.exe description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{01ea4678-e147-11e6-91df-fc0b86c0aced} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {29e634d7-069d-11eb-80c0-dc308893b19a} device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{29e634d8-069d-11eb-80c0-dc308893b19a} path \windows\system32\winload.exe description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{29e634d8-069d-11eb-80c0-dc308893b19a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.exe description Windows 10 locale en-US inherit {bootloadersettings} recoverysequence {29e634d7-069d-11eb-80c0-dc308893b19a} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {d94bae3b-06f0-11eb-802b-930b09f38f38} nx OptIn bootmenupolicy Standard Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {d94bae3b-06f0-11eb-802b-930b09f38f38} device partition=C: path \WINDOWS\system32\winresume.exe description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {29e634d7-069d-11eb-80c0-dc308893b19a} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=C: path \boot\memtest.exe description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {29e634d8-069d-11eb-80c0-dc308893b19a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================