RÃ©sultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 29-04-2023
ExÃ©cutÃ© par lordi (administrateur) sur DESKTOP-JHCR99Q (Micro-Star International Co., Ltd. MS-7B89) (29-04-2023 19:47:04)
ExÃ©cutÃ© depuis C:\Users\lordi\Desktop\FRST64.exe
Profils chargÃ©s: lordi
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.2846 (X64) Langue: FranÃ§ais (France)
Navigateur par dÃ©faut: Brave
Mode d'amorÃ§age: Normal

==================== Processus (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le processus sera arrÃªtÃ©. Le fichier ne sera pas dÃ©placÃ©.)

(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <28>
(explorer.exe ->) (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signÃ©] C:\Users\lordi\AppData\Local\Clavier64\Clavier.exe
(explorer.exe ->) (Marek Jasinski -> Marek Jasinski) C:\Program Files (x86)\FreeCommanderXE-32-public_portable\FreeCommander.exe
(explorer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signÃ©] C:\Users\lordi\AppData\Roaming\ZHP\ZHPSuite.exe
(explorer.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) G:\Telegram\Telegram.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(services.exe ->) (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com) C:\Windows\SysWOW64\Ext2Srv.EXE
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_1f4f13287900d9b3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe <2>
(services.exe ->) (Surfshark B.V. -> Surfshark) C:\Program Files (x86)\Surfshark\Surfshark.Service.exe
(svchost.exe ->) (ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registre (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, l'Ã©lÃ©ment de Registre sera restaurÃ© Ã  la valeur par dÃ©faut ou supprimÃ©. Le fichier ne sera pas dÃ©placÃ©.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe [3495840 2022-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\Run: [Clavier+] => C:\Users\lordi\AppData\Local\Clavier64\Clavier.exe [184320 2020-06-07] (Guillaume Ryder (hxxp://utilfr42.free.fr)) [Fichier non signÃ©]
HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\Run: [MicrosoftEdgeAutoLaunch_6C48C0CA9278FE6DCA8E403B5C1137CF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139984 2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-329816075-2688303404-493038192-1001\...\Run: [Surfshark] => C:\Program Files (x86)\Surfshark\Surfshark.exe [13501128 2023-04-21] (Surfshark B.V. -> Surfshark)
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\...\Windows x64\Print Processors\RIC60Fpr: C:\Windows\System32\spool\prtprocs\x64\RIC60FPR.DLL [80384 2012-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\Appmon: AppMon.dll (Pas de fichier)
HKLM\...\Print\Monitors\Local Port: localspl.dll (Pas de fichier)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL (Pas de fichier)
HKLM\...\Print\Monitors\RIC60Flm: RIC60Flm.dll (Pas de fichier)
HKLM\...\Print\Monitors\rica1llm: rica1llm.dll (Pas de fichier)
HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll (Pas de fichier)
HKLM\...\Print\Monitors\USB Monitor: usbmon.dll (Pas de fichier)
HKLM\...\Print\Monitors\WSD Port: APMon.dll (Pas de fichier)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\Installer\chrmstp.exe [2023-04-23] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2020-09-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\SysWOW64\dmenrollengine.dll [2023-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2023-03-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> hvsigpext.dll
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\Windows\SysWOW64\appmgmts.dll [2020-10-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> dggpext.dll
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> dggpext.dll
IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe
Startup: C:\Users\lordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenRGB - Raccourci.lnk [2020-10-23]
ShortcutTarget: OpenRGB - Raccourci.lnk -> C:\OpenRGB Windows 64-bit\OpenRGB.exe () [Fichier non signÃ©]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction - Edge <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== TÃ¢ches planifiÃ©es (Avec liste blanche) ============

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

Task: {83A445E1-B161-46E8-9E17-FF51523BF75A} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{75FECBDF-885F-48E7-A931-506E4BAF8B27} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9D693FE1-0A29-4148-AA42-76E195F8031A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-04-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB05B368-13F7-468A-9B30-E553C06B5449} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [38400 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {AD342077-C3AF-423D-9FB1-433E01CB39C1} - System32\Tasks\CCleanerCrashReporting => G:\Programme Portable\ccsetup589\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "G:\Programme Portable\ccsetup589\LOG" --programpath "G:\Programme Portable\ccsetup589" --configpath "G:\Programme Portable\ccsetup589\Setup" --guid "8b1b2919-afd8-45b1-9a4c-8aff6294b885" --version "6.05.10110" --silent
Task: {B353F7AB-5EB8-4810-9569-0E21A6360AF7} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{9B26B2CD-8E98-4EDA-ABC8-953962170AE5} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CF350A46-4FAA-4878-A72A-728D85CE0420} - System32\Tasks\CCleanerSkipUAC - lordi => G:\Programme Portable\ccsetup589\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D7314911-24E2-496F-BBEF-62245F8771AE} - System32\Tasks\CCleaner Update => G:\Programme Portable\ccsetup589\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {EC98BD72-518E-44A0-8930-610919B085FF} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F25AF894-B40B-42EE-BA64-0A4C0C5CC19D} - System32\Tasks\Core Temp Autostart lordi => C:\Program Files\Core Temp\Core Temp.exe [1040648 2022-12-05] (ALCPU -> ALCPU)

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier tÃ¢che (.job) sera dÃ©placÃ©. Le fichier exÃ©cutÃ© par la tÃ¢che ne sera pas dÃ©placÃ©.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => G:\Programme Portable\ccsetup589\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, s'il s'agit d'un Ã©lÃ©ment du Registre, il sera supprimÃ© ou restaurÃ© Ã  la valeur par dÃ©faut.)

Hosts: Il y a plus d'un Ã©lÃ©ment dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{096aa985-7857-4a0f-bc5f-6bc6b885766f}: [NameServer] 9.9.9.9,149.112.112.112,192.168.1.1
Tcpip\..\Interfaces\{096aa985-7857-4a0f-bc5f-6bc6b885766f}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge: 
=======
DownloadDir: C:\Users\lordi\Downloads
Edge Profile: C:\Users\lordi\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-26]
Edge Extension: (Edge relevant text changes) - C:\Users\lordi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-26]

FireFox:
========
FF DefaultProfile: qn9gjyj9.default
FF ProfilePath: C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default [2022-02-09]
FF Extension: (Avira Browser Safety) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default\Extensions\abs@avira.com [2022-01-12]
FF Extension: (Avira Password Manager) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default\Extensions\passwordmanager@avira.com [2022-01-12]
FF Extension: (Avira SafeSearch Plus) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\qn9gjyj9.default\Extensions\safesearchplus2@avira.com [2022-01-12] [hxxps://package.avira.com/package/safesearch/firefox/update-plus2.json]
FF ProfilePath: C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release [2023-04-29]
FF DownloadDir: C:\Users\lordi\Desktop
FF Homepage: Mozilla\Firefox\Profiles\vukr3a9w.default-release -> hxxps://duckduckgo.com/?t=ffsb
FF NetworkProxy: Mozilla\Firefox\Profiles\vukr3a9w.default-release -> proxy_over_tls", false
FF Extension: (Disconnect) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\2.0@disconnect.me.xpi [2020-10-07]
FF Extension: (CanvasBlocker) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\CanvasBlocker@kkapsner.de.xpi [2023-04-23]
FF Extension: (Cookie AutoDelete) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\CookieAutoDelete@kennydo.com.xpi [2022-12-12]
FF Extension: (Default Bookmark Folder) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\default-bookmark-folder@gustiaux.com.xpi [2021-01-27]
FF Extension: (Drag-Select Link Text) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\dragselectlinktext@kestrel.xpi [2018-01-24]
FF Extension: (Elemental â Soft) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\elemental-soft-colorway@mozilla.org.xpi [2023-03-21]
FF Extension: (Glitter Drag) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\glitterdrag@harytfw.xpi [2022-06-12]
FF Extension: (HTTPSÂ partout) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\https-everywhere@eff.org.xpi [2021-07-14]
FF Extension: (Dashlane) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2023-04-06] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Decentraleyes) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-02]
FF Extension: (I don't care about cookies) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-02-23]
FF Extension: (Privacy Badger) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-02-03]
FF Extension: (MyJDownloader Browser Extension) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-06-24] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (ResizeIT 2) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\resizeit-2@futuretech.in.xpi [2023-03-15]
FF Extension: (S3.Traducteur) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\s3@translator.xpi [2022-09-09]
FF Extension: (uBlock Origin) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-04-28]
FF Extension: (MetaMask) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\webextension@metamask.io.xpi [2023-04-18]
FF Extension: (PopUpOFF - Popup and overlay blocker) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{154cddeb-4c8b-4627-a478-c7e5b427ffdf}.xpi [2021-10-29]
FF Extension: (Youtube Playlist Duration Calculator) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{343b0933-6ab6-4049-a4ec-4fe4d365f9fc}.xpi [2021-05-15]
FF Extension: (NoScript) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-04-06]
FF Extension: (smartUp Gestures) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{77b19bb0-313b-49c8-9e58-cef2e4ebf317}.xpi [2023-04-03]
FF Extension: (Phantom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{7c42eea1-b3e4-4be4-a56f-82a5852b12dc}.xpi [2023-03-11]
FF Extension: (Country Flags & IP Whois) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\vukr3a9w.default-release\Extensions\{802a552e-13d1-4683-a40a-1e5325fba4bb}.xpi [2023-04-13]
FF Extension: (Pas de nom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [non trouvÃ©(e)]
FF Extension: (Pas de nom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\resizeit@sonej.xpi [non trouvÃ©(e)]
FF Extension: (Pas de nom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [non trouvÃ©(e)]
FF Extension: (Pas de nom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\startup.maker@gmail.com.xpi [non trouvÃ©(e)]
FF Extension: (Pas de nom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\s3google@translator.xpi [non trouvÃ©(e)]
FF Extension: (Pas de nom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [non trouvÃ©(e)]
FF Extension: (Pas de nom) - C:\Users\lordi\AppData\Roaming\Mozilla\Firefox\Profiles\a63pqt3w.default\extensions\https-everywhere@eff.org.xpi [non trouvÃ©(e)]

Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-04-29]
BRA DownloadDir: C:\Users\lordi\Desktop
BRA HomePage: Default -> hxxps://duckduckgo.com/?atb=v307-5&atb=v307-5
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default -> :d
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Extension: (Country Flags & IP Whois) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bffjckjhidlcnenenacdahhpbacpgapo [2023-04-12]
BRA Extension: (Phantom) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bfnaelmomeimhlpmgjnjophhpkkoljpa [2023-04-27]
BRA Extension: (smartUp Gestures) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bgjfekefhjemchdeigphccilhncnjldn [2023-04-22]
BRA Extension: (DuckDuckGo) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2023-04-12]
BRA Extension: (S3.Traducteur) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\debnnjfbneojbmioajinefnflopdohjk [2022-10-17]
BRA Extension: (Keplr) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dmkamcknogkgcdfhhbddcghachkejeap [2023-04-26]
BRA Extension: (Dashlane - Gestionnaire de mots de passe) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2023-04-23]
BRA Extension: (Cookie AutoDelete) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fhcgjolkccmbidfldomjliifgaodjagh [2022-12-09]
BRA Extension: (I don't care about cookies) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-04-24]
BRA Extension: (Return YouTube Dislike) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-20]
BRA Extension: (PopUpOFF - Popup and overlay blocker) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifnkdbpmgkdbfklnbfidaackdenlmhgh [2022-10-17]
BRA Extension: (Disconnect) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2022-10-17]
BRA Extension: (Window Resizer) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2022-10-17]
BRA Extension: (Decentraleyes) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2022-10-17]
BRA Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2023-04-25]
BRA Extension: (AVG Online Security) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nbmoafcmbajniiapeidgficgifbfmjfo [2022-10-17]
BRA Extension: (Keepa - Amazon Price Tracker) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2022-12-11]
BRA Extension: (MetaMask) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-13]
BRA Extension: (Canvas Blocker - Fingerprint Protect) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nomnklagbgmgghhjidfhnoelnjfndfpd [2022-10-17]
BRA Extension: (Youtube Playlist Duration Calculator) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pijbakhgmhhadeakaocjfockpndcpobk [2023-01-18]
BRA Extension: (Privacy Badger) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2023-02-08]
BRA Extension: (GameStop Wallet) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pkkjjapmlcncipeecdmlhaipahfdphkd [2023-03-07]
BRA Profile: C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2022-10-17]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-04-29]
BRA Extension: (Brave NTP background images) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-10-17]
BRA Extension: (Brave Ad Block Updater (uBlock Annoyances List (used with Fanboy Annoyances List))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfoofkaohomljmodljoameijbaichadj [2022-12-02]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-04-29]
BRA Extension: (Brave Ads Resources) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\bgifagoclclhhoflocdefiklgodpihog [2023-04-19]
BRA Extension: (Wallet Data Files Updater) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-04-24]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices (plaintext))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-04-29]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-02]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-11-30]
BRA Extension: (Brave Ad Block Updater (AdGuard FranÃ§ais)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-12-02]
BRA Extension: (Brave Ad Block Updater (AdGuard FranÃ§ais (plaintext))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-04-29]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-04-25]
BRA Extension: (Brave Ads Resources) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\ijgkfgmfiinppefbonemjidmkhgbonei [2022-10-17]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-04-29]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-10-17]
BRA Extension: (Brave Ad Block Updater (Fanboy Social List)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\jkmfbjpchgojnebkdleeiplnaagomnll [2022-12-02]
BRA Extension: (Brave Ad Block Updater (Fanboy Annoyances List)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\kfhcejhgfapmkapakabicnjhpglajkao [2022-12-02]
BRA Extension: (Brave NTP sponsored images) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-04-29]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfgnenkkneohplacnfabidofpgcdpofm [2022-12-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-16]
BRA Extension: (Brave Ad Block Updater (Fanboy Social List (plaintext))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\nbkknaieglghmocpollinelcggiehfco [2023-04-29]
BRA Extension: (Brave Ad Block Updater (Fanboy Annoyances List (plaintext))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\omoaeaghhgmiojkeaemjkpkmelmalbgo [2023-04-29]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-04-25]
BRA Extension: (Brave Ad Block Updater (uBlock Annoyances List (used with Fanboy Annoyances List) (plaintext))) - C:\Users\lordi\AppData\Local\BraveSoftware\Brave-Browser\User Data\pnoagbonokhdnppohfeemefhjbbofplk [2023-04-29]

==================== Services (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2020-06-16] (Acronis International GmbH -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-01-08] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\brave_vpn_helper.exe [3015472 2023-04-19] (Brave Software, Inc. -> Brave Software, Inc.)
R2 Ext2Srv; C:\Windows\SysWOW64\Ext2Srv.EXE [42488 2021-12-31] (Beijing NormalSoft technology Co.,Ltd. -> www.ext2fsd.com)
S3 ImDskSvc; C:\Windows\system32\imdsksvc.exe [31544 2020-06-16] (Lagerkvist Teknisk RÃ¥dgivning i BorÃ¥s HB -> Olof Lagerkvist)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10225408 2022-12-08] (Logitech Inc -> Logitech, Inc.)
S3 LxssManagerUser; C:\Windows\system32\lxss\wslclient.dll [393216 2023-03-26] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-24] (Malwarebytes Inc. -> Malwarebytes)
S3 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [285088 2023-03-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Surfshark Service; C:\Program Files (x86)\Surfshark\Surfshark.Service.exe [4430024 2023-04-21] (Surfshark B.V. -> Surfshark)
R3 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> )
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\elevation_service.exe" [X]
S2 CMigrationService; "C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_1f4f13287900d9b3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_1f4f13287900d9b3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R3 ALSysIO; D:\Users\lordi\AppData\Local\Temp\ALSysIO64.sys [43528 2023-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Arthur Liberman) <==== ATTENTION
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [21048 2020-06-16] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [687768 2020-06-16] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [390592 2020-06-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [182832 2020-06-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 ImDisk; C:\Windows\system32\DRIVERS\imdisk.sys [48704 2020-06-16] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2020-08-17] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47928 2018-04-30] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2022-10-24] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-10-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2022-10-24] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198584 2023-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-04-29] (Malwarebytes Inc. -> Malwarebytes)
R0 MsSecCore; C:\Windows\System32\drivers\msseccore.sys [26480 2023-03-26] (Microsoft Windows -> Microsoft Corporation)
S3 MsSecWfp; C:\Windows\System32\drivers\mssecwfp.sys [29568 2023-03-26] (Microsoft Windows -> Microsoft Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 SSGDIO; C:\Windows\SysWOW64\DRIVERS\ssgdio64.sys [14608 2020-09-15] (ATI Technologies, Inc -> ATI Technologies Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SurfsharkSplitTunnelDriver; C:\Program Files (x86)\Surfshark\Resources\x64\SurfsharkSplitTunnelCalloutDriver.sys [39648 2022-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tapsurfshark; C:\Windows\System32\drivers\tapsurfshark.sys [38728 2022-02-01] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)
S3 tib; C:\Windows\system32\DRIVERS\tib.sys [883256 2020-06-16] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [171968 2020-06-16] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [693768 2020-06-16] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [330176 2020-06-16] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2020-06-16] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2023-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [497920 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2022-12-01] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U4 DiagTrack; pas de ImagePath
U4 dmwappushservice; pas de ImagePath
S3 GPUZ-v2; \??\D:\Windows\TEMP\GPUZ-v2.sys [X]
S3 HWiNFO_161; \??\D:\Users\lordi\AppData\Local\Temp\HWiNFO64A_161.SYS [X] <==== ATTENTION
S3 HWiNFO_165; \??\D:\Users\lordi\AppData\Local\Temp\HWiNFO64A_165.SYS [X] <==== ATTENTION

==================== NetSvcs (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)


==================== Trois mois (crÃ©Ã©s) (Avec liste blanche) =========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2023-04-29 19:47 - 2023-04-29 19:47 - 000040023 _____ C:\Users\lordi\Desktop\FRST.txt
2023-04-29 19:46 - 2023-04-29 19:47 - 000000000 ____D C:\FRST
2023-04-29 19:29 - 2023-04-29 19:29 - 000343070 _____ C:\Users\lordi\Desktop\ZHPDiag.txt
2023-04-29 19:26 - 2023-04-29 19:26 - 000000116 _____ C:\Users\lordi\Desktop\PROCEDURE A SUIVRE POUR UNE DEMANDE DE DIAGNOSTIC.url
2023-04-29 19:25 - 2023-04-29 19:25 - 000000910 _____ C:\Users\lordi\Desktop\ZHPSuite.lnk
2023-04-29 19:24 - 2023-04-29 19:24 - 002382848 _____ (Farbar) C:\Users\lordi\Desktop\FRST64.exe
2023-04-29 19:24 - 2023-04-29 19:24 - 000000000 ____D C:\Users\lordi\AppData\LocalLow\IGDump
2023-04-29 17:22 - 2023-04-29 17:22 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-04-28 17:26 - 2023-04-28 17:28 - 000000000 ____D C:\ProgramData\TEMP
2023-04-28 17:01 - 2023-04-28 17:01 - 005025647 _____ C:\Users\lordi\Desktop\Install_Win10_10064_04252023.zip
2023-04-28 16:59 - 2023-04-28 16:59 - 000000000 ____D C:\Users\lordi\AppData\Roaming\Cybelsoft
2023-04-27 09:56 - 2023-04-27 14:55 - 000000000 ____D C:\platform-tools
2023-04-26 12:29 - 2023-04-26 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Surfshark
2023-04-26 12:29 - 2023-04-26 12:29 - 000000000 ____D C:\Program Files (x86)\Surfshark
2023-04-24 17:54 - 2023-04-24 17:54 - 000000029 _____ C:\Users\lordi\Desktop\asp.txt
2023-04-24 17:41 - 2023-04-24 17:41 - 000065776 _____ C:\Users\lordi\Desktop\Asp_depot_aide_cheque_bois_recap_CHQ2300865001_21042023.pdf
2023-04-24 17:39 - 2023-04-24 17:39 - 000269615 _____ C:\Users\lordi\Desktop\attestation.pdf
2023-04-23 12:43 - 2023-04-23 12:43 - 000000000 ____D C:\Users\lordi\AppData\Roaming\Goldberg UplayEmu Saves
2023-04-23 12:43 - 2023-04-23 12:43 - 000000000 ____D C:\Users\lordi\AppData\Roaming\Goldberg SteamEmu Saves
2023-04-22 13:41 - 2023-04-23 09:24 - 000000000 ____D C:\found.000
2023-04-22 13:33 - 2023-04-22 13:33 - 000000000 ____D C:\Users\lordi\AppData\Roaming\Thunderbird
2023-04-22 13:23 - 2023-04-22 13:23 - 000000000 ____D C:\Windows\pss
2023-04-22 13:17 - 2023-04-22 13:17 - 000000000 ____D C:\Windows\CSC
2023-04-22 12:17 - 2023-04-22 13:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-18 18:05 - 2023-04-18 18:05 - 000001986 _____ C:\Users\lordi\Desktop\4kvideodownloader.lnk
2023-04-18 11:11 - 2023-04-18 11:11 - 000000675 _____ C:\Users\Public\Desktop\Assassin's Creed Valhalla.lnk
2023-04-15 11:43 - 2023-04-15 11:43 - 000000000 ____D C:\Users\lordi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2023-04-12 14:39 - 2023-04-12 14:39 - 000000000 ___HD C:\$WinREAgent
2023-04-09 09:15 - 2023-04-09 09:15 - 000000000 ____D C:\Windows\system32\MpEngineStore
2023-04-06 09:37 - 2023-04-06 09:37 - 000000000 ____D C:\ProgramData\BraveSoftware
2023-03-26 20:40 - 2023-04-29 08:30 - 000000000 ____D C:\Users\lordi\AppData\Roaming\cross-the-ages-launcher
2023-03-26 20:37 - 2023-03-26 20:37 - 000000000 ____D C:\Users\lordi\AppData\LocalLow\Unknown Vendor
2023-03-26 18:32 - 2023-03-26 18:32 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-03-23 11:36 - 2023-03-23 11:36 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-18 19:33 - 2023-03-18 19:33 - 000000000 ____D C:\Program Files (x86)\Unigine
2023-03-18 09:45 - 2023-03-18 09:46 - 088314696 _____ (OCCT - Ocbase - Adrien Mercier) C:\Users\lordi\Documents\OCCT.exe
2023-03-14 12:48 - 2023-03-14 22:20 - 000001014 _____ C:\Users\lordi\Desktop\Decks.txt
2023-03-08 19:13 - 2023-03-08 19:13 - 006367130 _____ C:\Users\lordi\Desktop\Par Akim BOUTERRA LA DETOX ET.pdf
2023-02-20 06:21 - 2023-02-20 06:21 - 000007277 _____ C:\Windows\Info.xml
2023-02-13 19:51 - 2023-04-26 17:22 - 000000000 ____D C:\platform-toolsOLD
2023-02-10 09:19 - 2023-04-28 16:44 - 000000000 ____D C:\Users\lordi\Downloads\Telegram Desktop
2023-02-09 22:55 - 2023-02-09 22:56 - 000003205 ____R C:\Users\lordi\Documents\dashlane-credential-export.zip
2023-02-08 09:50 - 2023-02-08 09:52 - 000124409 _____ C:\Users\lordi\Documents\CV.pdf
2023-02-07 18:02 - 2023-04-25 17:03 - 000000000 ____D C:\Users\lordi\AppData\LocalLow\Unity
2023-02-07 18:01 - 2023-03-26 18:01 - 000000000 ____D C:\Users\lordi\AppData\LocalLow\CrossTheAges

==================== Trois mois (modifiÃ©s) ==================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2023-04-29 19:45 - 2020-06-14 12:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-29 19:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-29 19:29 - 2022-02-02 20:42 - 000000000 ____D C:\Users\lordi\AppData\Roaming\ZHP
2023-04-29 19:22 - 2020-06-14 13:02 - 001771910 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-29 19:22 - 2019-12-07 16:50 - 000792000 _____ C:\Windows\system32\perfh00C.dat
2023-04-29 19:22 - 2019-12-07 16:50 - 000150166 _____ C:\Windows\system32\perfc00C.dat
2023-04-29 19:22 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-29 18:46 - 2020-06-14 13:09 - 000000000 ____D C:\Users\lordi\AppData\LocalLow\Mozilla
2023-04-29 18:28 - 2021-08-01 17:40 - 000208896 _____ C:\Users\lordi\AppData\Roaming\emp.bin
2023-04-29 17:22 - 2022-09-13 21:39 - 000003142 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-04-29 17:22 - 2022-09-08 18:46 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-29 17:22 - 2021-12-30 17:38 - 000000517 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2023-04-29 17:22 - 2020-06-14 12:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-29 14:30 - 2019-12-07 11:03 - 000262144 _____ C:\Windows\system32\config\BBI
2023-04-29 12:53 - 2022-08-27 13:47 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-04-29 09:19 - 2022-02-11 10:29 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-29 08:22 - 2020-06-14 12:55 - 000266952 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-28 20:32 - 2020-06-15 20:44 - 000065391 _____ C:\Users\lordi\AppData\Roaming\WinSCP.ini
2023-04-28 20:32 - 2020-06-14 21:11 - 000000128 _____ C:\Users\lordi\AppData\Roaming\winscp.rnd
2023-04-28 18:07 - 2023-01-26 18:51 - 000045544 _____ C:\Users\lordi\Desktop\Collection-CTA.xlsx
2023-04-28 18:07 - 2023-01-25 22:21 - 000064265 _____ C:\Users\lordi\Desktop\COLLECTION ARKHANTE DOC DE @TH - Copie.XLSX
2023-04-28 17:34 - 2022-11-30 22:15 - 000000000 ____D C:\Users\lordi\AppData\Roaming\Surfshark
2023-04-28 17:13 - 2020-06-14 21:10 - 000000000 ____D C:\Program Files (x86)\xmplay37_Portable
2023-04-28 09:11 - 2021-04-14 17:52 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-28 09:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-28 09:11 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-28 08:26 - 2020-06-14 13:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-28 08:26 - 2020-06-14 13:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-27 21:55 - 2020-06-14 13:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-26 16:54 - 2021-12-30 17:33 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2023-04-26 13:42 - 2020-06-14 12:58 - 000000000 ____D C:\Users\lordi
2023-04-26 12:29 - 2022-11-30 22:15 - 000000000 ____D C:\ProgramData\Surfshark
2023-04-24 18:11 - 2022-03-26 16:00 - 000000000 ____D C:\Users\lordi\AppData\LocalLow\Adobe
2023-04-24 18:11 - 2021-12-27 22:34 - 000000000 ____D C:\Users\lordi\AppData\Roaming\Adobe
2023-04-23 09:38 - 2020-06-14 14:24 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-04-23 09:38 - 2020-06-14 13:22 - 000000000 ____D C:\ProgramData\Package Cache
2023-04-23 08:54 - 2022-01-08 09:49 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-04-22 13:40 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-22 13:22 - 2020-07-06 19:00 - 000000000 ____D C:\Users\lordi\AppData\LocalLow\Temp
2023-04-22 13:19 - 2022-05-06 22:03 - 000004224 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-04-19 17:51 - 2020-06-14 13:09 - 000000000 ____D C:\Windows\system32\MRT
2023-04-18 22:22 - 2020-06-20 14:31 - 000000000 ____D C:\Users\lordi\AppData\Roaming\vlc
2023-04-18 14:46 - 2022-09-27 17:00 - 000000816 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-04-18 10:02 - 2022-08-29 08:31 - 000000000 ____D C:\Program Files (x86)\FreeCommanderXE-32-public_portable
2023-04-18 09:44 - 2022-09-27 17:00 - 000003528 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-04-15 17:51 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-13 20:46 - 2020-06-14 19:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-04-13 18:44 - 2020-06-14 19:45 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-04-12 15:49 - 2020-06-14 13:09 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-04-12 14:48 - 2021-12-30 17:33 - 000000000 ____D C:\Program Files\Hyper-V
2023-04-12 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-12 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-12 14:41 - 2020-06-14 12:57 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-12 14:21 - 2020-08-29 21:02 - 000000000 ____D C:\Users\Public\Documents\Steam
2023-04-12 14:07 - 2020-06-14 12:55 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-04-03 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-04-01 10:05 - 2021-04-14 17:52 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-01 10:05 - 2021-04-14 17:52 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Fichiers Ã  la racine de certains dossiers ========

2022-11-19 21:13 - 2022-11-19 21:13 - 000524288 ___SH () C:\Users\lordi\NT0AC4~1.REG
2022-11-19 21:13 - 2022-11-19 21:13 - 000524288 ___SH () C:\Users\lordi\NTC5E3~1.REG
2021-08-01 17:40 - 2023-04-29 18:28 - 000208896 _____ () C:\Users\lordi\AppData\Roaming\emp.bin
2022-02-25 18:47 - 2022-02-25 18:47 - 000000112 _____ () C:\Users\lordi\AppData\Roaming\PrÃ©fs JP2KÂ CS6
2020-06-15 20:44 - 2023-04-28 20:32 - 000065391 _____ () C:\Users\lordi\AppData\Roaming\WinSCP.ini
2020-06-14 21:11 - 2023-04-28 20:32 - 000000128 _____ () C:\Users\lordi\AppData\Roaming\winscp.rnd
2022-08-22 13:01 - 2023-03-18 19:37 - 001065984 _____ () C:\Users\lordi\AppData\Local\file__0.localstorage
2020-08-17 16:56 - 2020-08-17 16:56 - 000000291 _____ () C:\Users\lordi\AppData\Local\ledConfiguration.config
2020-06-15 20:43 - 2023-03-07 20:41 - 000000128 _____ () C:\Users\lordi\AppData\Local\PUTTY.RND
2023-03-28 21:23 - 2023-03-28 21:23 - 000000218 _____ () C:\Users\lordi\AppData\Local\recently-used.xbel
2020-06-23 19:54 - 2020-06-23 19:54 - 000007619 _____ () C:\Users\lordi\AppData\Local\Resmon.ResmonCfg

==================== SigCheckExt =========================

2021-01-03 18:59 - 2021-11-23 10:04 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2020-06-14 13:13 - 2021-06-05 16:27 - 000006656 _____ C:\Windows\system32\lpcio.dll
2012-09-28 21:45 - 2012-09-28 21:45 - 000246272 _____ C:\Windows\system32\rtvcvfw64.dll
2021-06-02 12:51 - 2021-10-03 17:04 - 000249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2021-06-02 12:51 - 2021-10-03 17:04 - 000073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2020-06-27 12:43 - 2018-08-19 08:43 - 000456704 _____ (FragSoft) C:\Windows\SysWOW64\ISDone.dll
2012-09-28 21:45 - 2012-09-28 21:45 - 000247296 _____ C:\Windows\SysWOW64\rtvcvfw32.dll
2020-06-27 12:43 - 2018-08-19 08:46 - 000306688 _____ C:\Windows\SysWOW64\unarc.dll
2000-07-15 00:00 - 2000-07-15 00:00 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2023-04-29 19:24 - 2023-04-29 19:24 - 002382848 _____ (Farbar) C:\Users\lordi\Desktop\FRST64.exe
2020-06-14 20:43 - 2021-05-18 19:25 - 007310824 _____ (HeiDoc V.O.F.) C:\Users\lordi\Documents\Windows-ISO-Downloader.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas Ã  la vÃ©rification.)


==================== BCD ================================

==================== Fin de FRST.txt ========================