Jump to content

Every time I do a scan and reboot the computer, new threats keep appearing


Recommended Posts

Hello,

I recently downloaded a file that was infected, and my computer was full of malwares. I did a couple of scans and thought I had removed everything, but I received a message from Google saying that some unknown app was trying to access one of my account and i got disconnected. So I ran malwarebyte again and now every time I do, I still have threats.

The log is in copy.

log.txt

Link to post
Share on other sites

Hello Neven_ and welcome to Malwarebytes,

Run the following scan, lets see if anything shows up:

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status... If English is not your primary language Right click on FRST/FRST64 and rename FRSTEnglish/FRST64English

 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Thank you,

Kevin
Link to post
Share on other sites

Here you go

 

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2021
Exécuté par neven (administrateur) sur DESKTOP-4FCV720 (ASUSTeK COMPUTER INC. ROG Strix G531GT_G531GT) (02-06-2021 16:38:19)
Exécuté depuis C:\Users\neven\Downloads
Profils chargés: neven
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\GetMonitorInfo.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSOptimization\AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ASUSTeK COMPUTER INC.) [Fichier non signé] C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> A-Volute) C:\Users\neven\AppData\Local\NhNotifSys\sonicstudio\asusns.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_71b2d6b70a111c53\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_71b2d6b70a111c53\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_3623bab62426ba87\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_04c699496abece1e\AsusPTPService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\NVDisplay.Container.exe <2>
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\Program Files\PostgreSQL\12\bin\postgres.exe <8>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Spotify AB -> Spotify Ltd) C:\Users\neven\AppData\Roaming\Spotify\Spotify.exe <6>
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353784 2020-10-07] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-19] (Valve -> Valve Corporation)
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [Discord] => C:\Users\neven\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33223648 2021-05-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4141112 2020-01-11] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2794472 2020-12-20] (Skutta, Kristjan -> )
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [Spotify] => C:\Users\neven\AppData\Roaming\Spotify\Spotify.exe [23976064 2021-05-29] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\Run: [] => [X]
HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\MountPoints2: {353f6c3a-c241-11eb-b30a-04d4c47b30c9} - "D:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] (Google LLC -> Google LLC)
Startup: C:\Users\neven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pilot-spellchecker.lnk [2021-05-17]
ShortcutTarget: pilot-spellchecker.lnk -> C:\Users\neven\AppData\Roaming\PilotSpellchecker\spellchecker.exe (Pas de fichier)
Startup: C:\Users\neven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2019-12-20]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\Users\neven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUNDLL32.EXE.lnk [2021-05-17]
ShortcutAndArgument: RUNDLL32.EXE.lnk -> C:\Windows\System32\rundll32.exe => C:\Users\neven\AppData\Roaming\FOWHSX~1.DLL,TEEL5A==
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {08156C39-902F-4FB9-BC95-F4D0781D7713} - System32\Tasks\eujyxn => C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\eujyxn\eujyxn.dll",eujyxn <==== ATTENTION
Task: {0AD601CE-A251-4800-BF8A-64693E5C0959} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [881440 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {18F6D7F8-C1EA-4BBB-82E5-0B7F577E9989} - System32\Tasks\HyperXRamApp => C:\Users\neven\AppData\Local\Packages\33C30B79.HyperXNGenuity_0a78dr3hq0pvt\LocalState\\HyperXMemoryPlug-in.exe [72760 2020-01-17] (Kingston Technology Company, Inc. -> )
Task: {1C50EA27-51D8-4BCB-99FB-34E54C419EE8} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {2CB5C1C7-6C1D-4B3C-A383-798BEBF67D2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {390B4A05-A1E0-403B-8C06-AC5DA15749A3} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_3cc49901bafdb0c5\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Task: {4448C428-6F75-430C-A546-EE5D3FF67A8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-20] (Google LLC -> Google LLC)
Task: {462B54A0-C826-48D4-A138-ABFD03479117} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSoftwareManager\AsusUpdateChecker.exe [677928 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {4AC82BB3-77DD-4558-AD60-3CEFC50A3A07} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7573BFDE-0B2C-485F-8F2D-D09A4CA8AA3B} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {77BC6F1E-32FC-4516-9D45-E5813C666231} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7894B772-9943-487A-9932-4C98F3B6F144} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\ASUS Optimization 36D18D69AFC3" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\ASUS Update Checker 2.0" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\PostponeDeviceSetupToast_S-1-5-21-3535254449-3580351772-4124887380-1001_0" /ENABLE
Task: {7EF6FCE8-D7B1-4652-BEDD-42474BA06436} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {7FE83D38-058E-4B1A-9E38-962BAB3BE309} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {81B4FE6E-21CC-4F93-A356-043D99F8CF1B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {81CEA004-DD6B-4847-9B5D-6BBC983D43C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-20] (Google LLC -> Google LLC)
Task: {9A90C86B-A835-488B-9374-46844BCD5BFB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9DE53547-3CE2-4239-BA79-800BFE86E360} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\WINDOWS\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {A28A030D-4B39-4B30-AFE8-FB5DDFD11121} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {A491A709-6ABC-45BA-8A32-856FB38D885A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4D805D3-0B00-44B2-8A9C-767EA2C992FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A88BEACF-7C6F-4BD8-9637-AC2B4A2C74A8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
Task: {AEF7DF74-D7D1-417C-8797-243659DBAD2B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {B3B2D560-A2A5-4CE1-8282-9F973337415B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB1391BA-BEB3-410C-80F1-7C98D9D8E7FD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {BC514BAC-5897-4E32-8D05-0DB241A2F49D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {C965FD7A-9C03-4AD6-9D6D-3D563C3D86A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CB006DD4-B2E4-4799-8A18-824BBFF3B68C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8231FBA-8D82-4418-9C6E-E234824D90B2} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSOptimization\AsusHotkeyExec.exe [231992 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {DD01AC0B-AC20-42C5-891F-3C85FA5AB13B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {E5D18804-2973-46CB-831F-8AAE14520E74} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F754BA34-5A3B-4B6F-9BE8-CA0A235ECF65} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB3F7D1F-4C52-476A-B4F8-F771F4D7F9E5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF35B1FD-E59D-4AB5-92D6-29E20B43876B} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [3855544 2016-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{617ce735-0a4a-4d63-8173-304610afdbc1}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{cd449857-e6ac-4cc0-b444-717373edf531}: [DhcpNameServer] 192.168.1.254

Edge: 
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\neven\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-02]
Edge Extension: (IDM Integration Module) - C:\Users\neven\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-18]
Edge HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-11]

FireFox:
========
FF HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\neven\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\neven\AppData\Roaming\IDM\idmmzcc5 [2020-01-20] [] [non signé]
FF HKU\S-1-5-21-3535254449-3580351772-4124887380-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin HKU\S-1-5-21-3535254449-3580351772-4124887380-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\neven\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-13] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default [2021-06-02]
CHR Notifications: Default -> hxxps://aternos.org
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR Extension: (Slides) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-20]
CHR Extension: (YouTube) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-05-15]
CHR Extension: (Theme Creator) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2019-12-20]
CHR Extension: (Docs) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-20]
CHR Extension: (Google Drive) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-20]
CHR Extension: (uBlock Origin) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-15]
CHR Extension: (Sheets) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17]
CHR Extension: (Contrôle du volume pour Google Chrome™) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlfnonibbbggmlaacojkhhppaonibdp [2021-05-15]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2021-05-15]
CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2021-03-08]
CHR Extension: (FACEIT Enhancer) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2021-02-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\neven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-26]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-11]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S2 AppServicea; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceb; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicec; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServiced; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicee; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicef; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceg; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceh; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicei; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicej; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicek; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicel; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicem; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicen; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceo; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicep; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceq; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicer; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServices; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicet; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceu; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicev; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicew; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicex; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
S2 AppServicey; C:\WINDOWS\system32\35UQF0K7I1.tmp [6144 2021-05-18] (Microsoft Corporation) [Fichier non signé]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-12-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkNear\AsusLinkNear.exe [1189936 2021-04-21] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkNear\AsusLinkNearExt.exe [142272 2021-04-21] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSLinkRemote\AsusLinkRemote.exe [791584 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 AsusMultiAntennaSvc; C:\Program Files\ASUS\ASUS MultiAntenna Service\AsusMultiAntennaSvc.exe [517632 2019-02-27] (ASUSTeK COMPUTER INC.) [Fichier non signé]
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSOptimization\AsusOptimization.exe [329264 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 AsusPTPService; C:\WINDOWS\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_04c699496abece1e\AsusPTPService.exe [175504 2019-07-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSoftwareManager\AsusSoftwareManager.exe [885808 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2540072 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [626096 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2020-03-16] (BattlEye Innovations e.K. -> )
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24729488 2021-05-19] (FACE IT LIMITED -> )
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-05-17] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-05-17] (GOG Sp. z o.o. -> GOG.com)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2109376 2019-07-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-02] (Malwarebytes Inc -> Malwarebytes)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [2719664 2020-11-04] (A-Volute -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547288 2021-05-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487320 2021-05-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [394256 2020-10-29] (Parsec Cloud, Inc. -> Parsec)
R2 postgresql-x64-12; C:\Program Files\PostgreSQL\12\bin\pg_ctl.exe [116736 2020-08-11] (PostgreSQL Global Development Group) [Fichier non signé]
S2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [37344 2020-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [42680 2016-11-24] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9912616 2020-10-07] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-06-21] (ASUSTeK Computer Inc. -> )
S3 AsusNumpadKbd; C:\WINDOWS\System32\DriverStore\FileRepository\asusdigifilterkbd.inf_amd64_ca6873608812d804\AsusDigiFilter.sys [137472 2019-08-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusNumpadPTP; C:\WINDOWS\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_04c699496abece1e\AsusDigiFilter.sys [136448 2019-07-19] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSSystemAnalysis\ASUSSAIO.sys [38952 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_e72ab2c70c461382\ASUSOptimization\atkwmiacpi64.sys [44704 2021-04-21] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [11148264 2021-05-23] (FACE IT LIMITED -> )
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-02] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-02] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl5358a080; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{77B3F116-D2D6-4265-90E1-84AB517B1713}\MpKslDrv.sys [107744 2021-06-02] (Microsoft Windows -> Microsoft Corporation)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5463560 2020-10-07] (Riot Games, Inc. -> Riot Games, Inc.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-02 16:38 - 2021-06-02 16:38 - 000043356 _____ C:\Users\neven\Downloads\FRST.txt
2021-06-02 16:37 - 2021-06-02 16:38 - 000000000 ____D C:\FRST
2021-06-02 16:36 - 2021-06-02 16:36 - 002300416 _____ (Farbar) C:\Users\neven\Downloads\FRST64.exe
2021-06-02 16:27 - 2021-06-02 16:28 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-02 15:36 - 2021-06-02 15:36 - 000000000 ____D C:\WINDOWS\Panther
2021-06-01 23:26 - 2021-06-01 23:26 - 000001140 _____ C:\Users\neven\Downloads\TPex3.txt
2021-06-01 23:00 - 2021-06-01 23:00 - 000001077 _____ C:\Users\neven\Downloads\exo3.l
2021-06-01 17:27 - 2021-06-01 17:27 - 000002095 _____ C:\Users\neven\Downloads\Exo-4-tp-pt2.txt
2021-06-01 16:56 - 2021-06-01 16:56 - 000001073 _____ C:\Users\neven\Downloads\ex3.l
2021-06-01 14:44 - 2021-06-01 14:44 - 000000804 _____ C:\ProgramData\droidcam-client-options-v2
2021-06-01 14:44 - 2021-06-01 14:44 - 000000360 _____ C:\ProgramData\droidcam-settings
2021-06-01 14:43 - 2021-06-01 14:43 - 000000000 ____D C:\Users\neven\.keras
2021-06-01 14:23 - 2021-06-01 14:23 - 000000000 ____D C:\Users\neven\.jupyter
2021-06-01 14:22 - 2021-06-01 14:22 - 000000000 ____D C:\Users\neven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2021-06-01 14:22 - 2021-06-01 14:22 - 000000000 ____D C:\Program Files (x86)\DroidCam
2021-05-31 19:32 - 2021-05-31 19:32 - 000000222 _____ C:\Users\neven\Desktop\Rocksmith® 2014 Edition - Remastered.url
2021-05-31 15:55 - 2021-05-31 15:55 - 000612914 _____ C:\Users\neven\Downloads\SST2_Viguié_Neven.pdf
2021-05-31 13:37 - 2021-05-31 13:37 - 002528845 _____ C:\Users\neven\Downloads\2021-06_-_infographie.pdf
2021-05-29 20:50 - 2021-05-29 20:50 - 000072328 _____ C:\Users\neven\battery-report.html
2021-05-27 23:21 - 2021-05-27 23:21 - 000851760 _____ C:\Users\neven\Downloads\CM-3.pdf
2021-05-27 20:27 - 2021-05-27 20:27 - 000005367 _____ C:\Users\neven\Downloads\Partiel.txt
2021-05-27 15:45 - 2021-05-27 15:45 - 000000000 ____D C:\Users\neven\Downloads\files
2021-05-25 18:20 - 2021-05-25 18:20 - 001113965 _____ C:\Users\neven\Downloads\TD_3__4_-_Prise_en_main_de_React_Native__Expo.pdf
2021-05-24 19:51 - 2021-05-24 19:51 - 000147870 _____ C:\Users\neven\Downloads\calendrier_2020_2021_FISE_v4.pdf
2021-05-24 18:06 - 2021-05-24 18:06 - 000464944 _____ C:\Users\neven\Downloads\PIECHOWIAK-LES-AUTOMATES.pdf
2021-05-24 14:59 - 2021-05-24 14:59 - 000234322 _____ C:\Users\neven\Downloads\fiche_TP_FISE graphe.pdf
2021-05-22 14:39 - 2021-05-22 14:39 - 001390156 _____ C:\Users\neven\Downloads\Git - GitLab.pdf
2021-05-22 14:39 - 2021-05-22 14:39 - 001293594 _____ C:\Users\neven\Downloads\CM_2_3_4.zip
2021-05-22 14:39 - 2021-05-22 14:39 - 000105052 _____ C:\Users\neven\Downloads\Introduction - Motivation.pdf
2021-05-22 14:12 - 2021-05-22 14:12 - 000027058 _____ C:\Users\neven\Downloads\TP Développement Mobile.pdf
2021-05-21 16:48 - 2021-05-21 16:48 - 000792979 _____ C:\Users\neven\Downloads\cours_Spring.pdf
2021-05-21 16:48 - 2021-05-21 16:48 - 000628928 _____ C:\Users\neven\Downloads\cours_BDD.pdf
2021-05-21 16:48 - 2021-05-21 16:48 - 000100084 _____ C:\Users\neven\Downloads\Technos_web_-_infos_supplementaires (1).pdf
2021-05-19 15:12 - 2021-05-19 15:12 - 000008278 _____ C:\Users\neven\Downloads\3.jpeg
2021-05-19 14:58 - 2021-05-19 14:58 - 000004216 _____ C:\Users\neven\Downloads\ProjetSecuINSA.pcapng
2021-05-19 12:26 - 2021-05-19 12:26 - 000249836 _____ C:\Users\neven\Downloads\PIECHOWIAK-TP-PROLOG-SUJETS-2020-2021-INSA-FISE.pdf
2021-05-18 22:55 - 2021-05-19 18:55 - 000000000 ____D C:\Users\neven\Documents\Anno 1800
2021-05-18 22:48 - 2021-05-13 12:38 - 000037656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-05-18 22:47 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-18 22:47 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-18 22:47 - 2021-05-13 20:22 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-05-18 22:47 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-18 22:47 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-18 22:47 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-18 22:47 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-18 22:47 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-18 22:47 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-18 22:47 - 2021-05-13 20:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-05-18 22:47 - 2021-05-13 20:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-05-18 22:47 - 2021-05-13 20:19 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-05-18 22:47 - 2021-05-13 20:19 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-05-18 22:47 - 2021-05-13 20:19 - 000626968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-05-18 22:47 - 2021-05-13 20:19 - 000575768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-05-18 22:47 - 2021-05-13 20:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-05-18 22:47 - 2021-05-13 20:18 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-05-18 22:47 - 2021-05-13 20:18 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-05-18 22:47 - 2021-05-13 20:18 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-05-18 22:47 - 2021-05-13 20:18 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-05-18 22:47 - 2021-05-13 20:17 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-05-18 22:47 - 2021-05-13 20:17 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-05-18 22:47 - 2021-05-13 20:17 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-05-18 22:47 - 2021-05-13 20:16 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-05-18 22:47 - 2021-05-13 12:38 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-05-18 22:41 - 2020-08-14 09:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-05-18 20:18 - 2021-05-18 20:18 - 000000000 ____D C:\Users\neven\AppData\Local\COTS
2021-05-18 17:48 - 2021-05-18 17:53 - 000000000 ____D C:\Users\neven\AppData\Roaming\playstation-now
2021-05-18 17:47 - 2021-05-18 17:47 - 000000000 ____D C:\Users\neven\AppData\Local\Sony Interactive Entertainment Network America LLC
2021-05-18 17:47 - 2021-05-18 17:47 - 000000000 ____D C:\Users\neven\AppData\Local\Gaikai
2021-05-18 17:47 - 2021-05-18 17:47 - 000000000 ____D C:\Program Files (x86)\PlayStationNow
2021-05-18 17:46 - 2021-05-18 17:48 - 000000000 ____D C:\Users\neven\AppData\Roaming\Sony Interactive Entertainment Network America LLC
2021-05-18 16:53 - 2021-05-21 15:40 - 000000235 _____ C:\Users\neven\Desktop\Anno 1800.url
2021-05-17 02:58 - 2021-05-17 02:58 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-17 02:58 - 2021-05-17 02:58 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-17 02:58 - 2021-05-17 02:58 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-17 02:57 - 2021-05-17 02:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-17 02:57 - 2021-05-17 02:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-17 02:57 - 2021-05-17 02:57 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-17 02:57 - 2021-05-17 02:57 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-17 02:57 - 2021-05-17 02:57 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-17 02:57 - 2021-05-17 02:57 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-17 02:57 - 2021-05-17 02:57 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-17 02:57 - 2021-05-17 02:57 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-05-17 02:57 - 2021-05-17 02:57 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-17 02:57 - 2021-05-17 02:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-17 02:57 - 2021-05-17 02:57 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-17 02:57 - 2021-05-17 02:57 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-17 01:59 - 2021-05-17 01:59 - 000000000 ____D C:\Users\neven\AppData\Roaming\SUPERAntiSpyware.com
2021-05-17 01:59 - 2021-05-17 01:59 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2021-05-17 01:59 - 2021-05-17 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2021-05-17 01:59 - 2021-05-17 01:59 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2021-05-17 01:52 - 2021-05-17 01:52 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2021-05-17 01:52 - 2021-05-17 01:52 - 000000000 ____D C:\Users\neven\AppData\Local\Weather
2021-05-17 01:52 - 2021-05-17 01:52 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2021-05-17 01:51 - 2021-05-18 22:51 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\35UQF0K7I1.tmp
2021-05-17 01:41 - 2021-05-17 01:41 - 000016778 _____ C:\WINDOWS\system32\Tasks\eujyxn
2021-05-17 01:41 - 2021-05-17 01:41 - 000000000 _____ C:\Program Files (x86)\temp_files
2021-05-17 01:41 - 2020-10-22 11:16 - 000000000 ____D C:\Program Files (x86)\eujyxn
2021-05-17 01:40 - 2021-05-17 01:53 - 000000000 ____D C:\ProgramData\Data
2021-05-17 01:40 - 2021-05-17 01:40 - 000158720 _____ (Igor Pavlov) C:\ProgramData\7zxa.dll
2021-05-17 01:39 - 2021-05-17 01:51 - 000000000 ___HD C:\ProgramData\Windows Host
2021-05-17 01:39 - 2021-05-17 01:51 - 000000000 ____D (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus
2021-05-17 01:39 - 2021-05-17 01:49 - 000000000 ____D C:\Users\neven\AppData\Roaming\eR2qtmxoaJmx52Q8IsszQ4C9
2021-05-17 01:38 - 2021-05-17 01:50 - 000000000 ____D C:\Users\neven\AppData\Roaming\nailedp
2021-05-17 01:38 - 2021-05-17 01:49 - 000000000 ____D C:\Fontreviewdriversavesdhcp
2021-05-17 01:38 - 2021-05-17 01:39 - 000000000 ____D C:\Users\neven\AppData\LocalLow\cR1dL5pE5dG6mD5k
2021-05-17 01:38 - 2021-05-17 01:38 - 000000000 ____D C:\Users\neven\AppData\Roaming\Risen
2021-05-17 01:38 - 2021-05-17 01:38 - 000000000 ____D C:\ProgramData\CAK3QBPQ6WVPQL1QS34CAZGUK
2021-05-17 01:38 - 2021-05-17 01:38 - 000000000 ____D C:\ProgramData\4KE6612VBVSO5V2JZPF3Y98L8
2021-05-17 01:37 - 2021-05-17 01:49 - 000000000 ____D C:\Program Files (x86)\recording
2021-05-17 01:37 - 2021-05-17 01:39 - 000000013 _____ C:\ProgramData\kaosdma.txt
2021-05-17 01:37 - 2021-05-17 01:37 - 000000000 ____D C:\Users\neven\AppData\Local\AdvinstAnalytics
2021-05-17 01:36 - 2021-05-17 01:48 - 000000000 ____D C:\Program Files (x86)\Company
2021-05-17 01:36 - 2021-05-17 01:38 - 000000000 ____D C:\ProgramData\TY995UE6SYQIZ1XB0GTYHFGK6
2021-05-17 01:36 - 2021-05-17 01:38 - 000000000 ____D C:\ProgramData\FMIKMU1Q9OIP67F698T80L4PL
2021-05-17 01:36 - 2021-05-17 01:37 - 000000000 ____D C:\ProgramData\K8YDIJPQKIO2STI6KGQRUE1XY
2021-05-17 01:36 - 2021-05-17 01:37 - 000000000 ____D C:\ProgramData\8GNPVNEBZ2FM2EP52YCC2OAWY
2021-05-17 01:36 - 2021-05-17 01:36 - 000014544 _____ (OpenLibSys.org) C:\Users\neven\AppData\Roaming\WinRing0x64.sys
2021-05-17 01:36 - 2021-05-17 01:36 - 000000000 ____D C:\Program Files (x86)\Data Finder
2021-05-17 01:34 - 2021-06-02 16:28 - 000000000 ____D C:\Users\neven\AppData\LocalLow\IGDump
2021-05-17 01:33 - 2021-06-02 15:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-17 01:23 - 2021-05-17 01:52 - 000000000 ____D C:\Users\neven\AppData\Local\Disc_Soft_Ltd
2021-05-17 01:22 - 2021-05-17 02:40 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-05-17 01:22 - 2021-05-17 02:14 - 000000000 ____D C:\Users\neven\AppData\Roaming\Disc-Soft
2021-05-17 01:22 - 2021-05-17 01:22 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2021-05-17 01:22 - 2021-05-17 01:22 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2021-05-17 01:22 - 2021-05-17 01:22 - 000000000 ____D C:\Users\Public\Documents\Catch!
2021-05-17 01:22 - 2021-05-17 01:22 - 000000000 ____D C:\ProgramData\Documents\Catch!
2021-05-17 01:15 - 2021-05-17 01:15 - 000000000 ____D C:\Program Files (x86)\Bose Updater
2021-05-16 17:33 - 2021-05-16 17:33 - 000000000 ____D C:\Users\neven\AppData\Local\Rocket League
2021-05-15 20:16 - 2021-05-13 20:22 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-05-15 20:16 - 2021-05-13 20:17 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-05-15 19:51 - 2021-05-15 19:51 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71ace2e22bb2d

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-02 16:31 - 2021-03-17 03:43 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-02 16:31 - 2019-12-07 16:50 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-02 16:31 - 2019-12-07 16:50 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-02 16:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-02 16:29 - 2020-04-08 10:18 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-06-02 16:29 - 2020-01-15 21:20 - 000000000 ____D C:\Program Files\CCleaner
2021-06-02 16:29 - 2019-12-20 17:56 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-02 16:28 - 2020-06-02 14:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-02 16:27 - 2021-03-17 03:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-02 16:27 - 2021-03-17 03:32 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-02 16:27 - 2021-03-17 03:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-02 16:27 - 2020-08-10 21:55 - 000000544 __RSH C:\ProgramData\ntuser.pol
2021-06-02 16:27 - 2020-02-23 21:42 - 000000000 ____D C:\Users\neven\AppData\Roaming\Spotify
2021-06-02 16:27 - 2019-12-22 14:25 - 000004998 _____ C:\CosairDram.txt
2021-06-02 16:27 - 2019-12-20 18:26 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-02 16:27 - 2019-12-20 18:01 - 000000000 __SHD C:\Users\neven\IntelGraphicsProfiles
2021-06-02 16:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-02 16:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-02 16:25 - 2019-12-20 19:58 - 000000000 ____D C:\Users\neven\AppData\Roaming\DMCache
2021-06-02 15:47 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-02 15:46 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-02 15:43 - 2019-12-20 19:02 - 000000000 ____D C:\Users\neven\AppData\Roaming\Discord
2021-06-02 15:39 - 2019-12-20 19:02 - 000000000 ____D C:\Users\neven\AppData\Local\Discord
2021-06-02 15:36 - 2020-02-23 21:43 - 000000000 ____D C:\Users\neven\AppData\Local\Spotify
2021-06-02 15:35 - 2020-10-07 13:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-02 14:22 - 2019-12-23 22:21 - 000000000 ____D C:\Users\neven\AppData\Roaming\vlc
2021-06-02 14:22 - 2019-12-21 15:16 - 000000000 ____D C:\Users\neven\AppData\Local\CrashDumps
2021-06-02 10:12 - 2019-12-20 18:30 - 000000000 ____D C:\Users\neven\AppData\Roaming\.minecraft
2021-06-02 10:12 - 2019-12-20 18:30 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-06-01 14:52 - 2020-09-16 13:34 - 000000000 ____D C:\Users\neven\.conda
2021-06-01 14:49 - 2021-03-16 20:06 - 000000000 ____D C:\Users\neven\AppData\Roaming\obs-studio
2021-06-01 14:43 - 2021-03-17 03:34 - 000000000 ____D C:\Users\neven
2021-06-01 14:42 - 2020-03-17 11:26 - 000000000 ____D C:\Users\neven\AppData\Roaming\jupyter
2021-06-01 14:23 - 2020-09-16 13:34 - 000000043 _____ C:\Users\neven\.condarc
2021-06-01 14:17 - 2020-03-17 11:26 - 000000000 ____D C:\Users\neven\.spyder-py3
2021-05-31 22:50 - 2019-12-20 17:57 - 000000000 ____D C:\Users\neven\AppData\Local\D3DSCache
2021-05-31 19:30 - 2020-09-16 13:38 - 000000000 ____D C:\Users\neven\AppData\Roaming\CodeBlocks
2021-05-31 16:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-30 15:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-29 14:31 - 2020-06-20 16:53 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-29 14:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-28 23:48 - 2019-12-20 19:58 - 000000000 ____D C:\Users\neven\AppData\Roaming\IDM
2021-05-25 20:51 - 2019-12-20 19:22 - 000000000 ____D C:\Users\neven\Documents\Travail
2021-05-25 07:48 - 2020-10-07 13:52 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-05-25 07:48 - 2020-10-07 13:52 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-05-24 22:56 - 2020-01-12 15:36 - 000000000 ____D C:\Users\neven\AppData\Roaming\FACEIT
2021-05-24 18:28 - 2020-01-12 15:36 - 000000000 ____D C:\Program Files\FACEIT AC
2021-05-23 22:25 - 2020-01-01 22:17 - 000000000 ____D C:\Users\neven\AppData\Local\Ubisoft Game Launcher
2021-05-23 16:29 - 2020-01-12 15:37 - 011148264 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2021-05-23 15:39 - 2021-03-25 00:19 - 000000000 ____D C:\Users\neven\.VirtualBox
2021-05-23 15:05 - 2021-04-12 23:51 - 013107200 _____ C:\Users\neven\Downloads\SYSTEM
2021-05-23 15:05 - 2021-04-12 23:51 - 000262144 _____ C:\Users\neven\Downloads\SECURITY
2021-05-23 15:05 - 2021-04-12 23:51 - 000262144 _____ C:\Users\neven\Downloads\SAM
2021-05-23 15:02 - 2021-03-25 00:19 - 000000000 ____D C:\ProgramData\VirtualBox
2021-05-21 15:43 - 2021-03-25 00:20 - 000000000 ____D C:\Users\neven\VirtualBox VMs
2021-05-20 20:05 - 2020-10-22 11:16 - 001694672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-05-20 20:05 - 2020-10-22 11:16 - 000250304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-05-20 20:05 - 2020-10-22 11:16 - 000192952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-05-20 20:05 - 2020-10-22 11:16 - 000159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-05-20 20:05 - 2020-10-22 11:16 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-05-20 20:05 - 2020-10-22 11:16 - 000038328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-05-20 13:28 - 2019-12-21 15:31 - 000000000 ____D C:\Program Files (x86)\Origin
2021-05-19 17:00 - 2020-05-29 23:45 - 000000000 ____D C:\Users\neven\AppData\Local\FACEITApp
2021-05-18 22:41 - 2021-03-17 03:38 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2021-03-17 03:38 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-18 22:41 - 2019-12-24 14:47 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-18 22:41 - 2019-12-20 17:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-05-18 22:41 - 2019-12-20 17:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-18 17:48 - 2019-12-20 19:40 - 000000000 ____D C:\Users\neven\AppData\Local\NVIDIA
2021-05-18 15:09 - 2020-06-12 12:03 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-05-17 22:48 - 2020-12-27 23:52 - 000000000 ____D C:\Users\neven\AppData\LocalLow\Ion Lands
2021-05-17 17:38 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-17 03:01 - 2021-03-17 03:32 - 000303704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-17 03:00 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-17 03:00 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-17 03:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-17 03:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-17 02:59 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-17 02:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-17 02:57 - 2021-03-17 03:38 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-05-17 02:52 - 2019-12-24 01:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-17 02:50 - 2019-12-24 01:18 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-17 02:49 - 2021-03-17 03:38 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-17 02:47 - 2020-10-29 02:10 - 000000000 ____D C:\Users\neven\AppData\Roaming\Parsec
2021-05-17 02:47 - 2020-10-29 02:10 - 000000000 ____D C:\Program Files\Parsec
2021-05-17 02:15 - 2021-03-17 03:38 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-17 02:15 - 2020-04-23 14:04 - 000000000 ____D C:\temp
2021-05-17 01:50 - 2019-12-22 14:24 - 000000000 ____D C:\Program Files (x86)\LightingService
2021-05-17 01:39 - 2019-12-21 17:52 - 000000000 ____D C:\Users\neven\AppData\Local\VirtualStore
2021-05-17 01:36 - 2021-03-16 15:33 - 000000000 ____D C:\Program Files\JetBrains
2021-05-17 01:32 - 2020-01-02 23:33 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-17 01:31 - 2020-12-28 17:58 - 000000000 ____D C:\Users\neven\Downloads\Compressed
2021-05-16 21:26 - 2019-12-21 17:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-15 23:54 - 2019-12-30 21:09 - 000000000 ____D C:\Users\neven\AppData\Local\ElevatedDiagnostics
2021-05-15 20:05 - 2019-12-21 17:52 - 000000000 ____D C:\Users\neven\AppData\Local\Packages
2021-05-15 20:05 - 2019-12-20 18:07 - 000000000 ____D C:\ProgramData\Packages
2021-05-15 20:05 - 2019-12-20 17:53 - 000000000 ____D C:\Users\neven\AppData\Local\PlaceholderTileLogoFolder
2021-05-15 19:56 - 2021-03-17 03:38 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2021-05-15 19:56 - 2021-03-17 03:38 - 000003764 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-05-15 19:51 - 2021-03-17 03:38 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-15 19:51 - 2021-03-17 03:38 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-15 19:51 - 2021-03-17 03:38 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-13 20:18 - 2021-03-23 01:11 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-05-13 20:18 - 2021-03-14 18:31 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-05-13 20:15 - 2021-03-14 18:31 - 007212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-13 20:15 - 2021-03-14 18:31 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-05-13 12:38 - 2021-03-14 18:39 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

==================== Fichiers à la racine de certains dossiers ========

2021-05-17 01:40 - 2021-05-17 01:40 - 000158720 _____ (Igor Pavlov) C:\ProgramData\7zxa.dll
2020-09-16 15:40 - 2020-09-16 15:51 - 065538032 _____ (EnterpriseDB) C:\Users\neven\edb_languagepack.exe
2020-09-16 15:51 - 2020-09-16 17:28 - 011928264 _____ (EnterpriseDB) C:\Users\neven\edb_pgagent_pg12.exe
2020-09-16 16:57 - 2020-09-16 16:58 - 022082632 _____ (EnterpriseDB) C:\Users\neven\edb_pgbouncer.exe
2020-09-16 16:58 - 2020-09-16 16:59 - 014160584 _____ (EnterpriseDB) C:\Users\neven\edb_pgjdbc.exe
2021-03-30 18:22 - 2021-03-31 16:06 - 000000224 _____ () C:\Users\neven\hsqlprefs.dat
2021-05-17 01:41 - 2021-05-17 01:41 - 000000000 _____ () C:\Program Files (x86)\temp_files
2021-03-17 03:26 - 2021-03-17 03:26 - 000348811 ___SH () C:\Users\neven\AppData\Roaming\jvwurtv
2021-03-17 03:26 - 2021-03-17 03:26 - 000321226 ___SH () C:\Users\neven\AppData\Roaming\suubhci
2021-05-17 01:36 - 2021-05-17 01:36 - 000014544 _____ (OpenLibSys.org) C:\Users\neven\AppData\Roaming\WinRing0x64.sys
2020-06-26 20:31 - 2020-06-26 20:54 - 000001456 _____ () C:\Users\neven\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2020-04-02 09:05 - 2020-04-02 15:42 - 001065984 _____ () C:\Users\neven\AppData\Local\file__0.localstorage

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

Addition.txt

Link to post
Share on other sites

Hello Neven_,

Thanks for those logs, continue:

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.

NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed.

The following directories are emptied:
 
  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin


Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

user posted image

The system will be rebooted after the fix has run.

Next,

Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab.

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Close out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Open Malwarebytes
  • Click on the Detection History tab > from main interface.
  • Then click on "History" that will open to a historical list
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Text file (*.txt), then name the file and save to a place of choice, recommend "Desktop" then attach to reply


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download "Microsoft's Safety Scanner" and save direct to the desktop

Ensure to get the correct version for your system....

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download


Right click on the Tool, select Run as Administrator the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\msert.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs in your reply...

Thank you,

Kevin.

fixlist.txt

Link to post
Share on other sites

this should be the log from Adwcleaner (it didn't restart my computer I did manually and found the log)

 


---------------------------------------------------------------------------------------
Microsoft Safety Scanner v1.339, (build 1.339.1902.0)
Started On Wed Jun  2 22:55:59 2021

Engine: 1.1.18200.4
Signatures: 1.339.1902.0
MpGear: 1.1.16330.1
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Safety Scanner Finished On Wed Jun  2 23:00:21 2021


Return code: 0 (0x0)
 

AdwCleaner[C00].txt

Link to post
Share on other sites

Hiya Neven_

Thanks for those logs, lets run FRST one more time to make sure we`ve left no remnants of the infection...

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

user posted image
 
Thanks,
 
Kevin.
Link to post
Share on other sites

Hiya Neven_,

Thanks for those logs, continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

user posted image
 
Thank you,
 
Kevin.

fixlist.txt

Link to post
Share on other sites

Hiya Neven_,

Your PC should be ok now, continue to finish up:

Right click on FRST here: C:\Users\neven\Downloads\FRST.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator"

If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST to uninstall

That action will remove FRST and all created files and folders...

Next,

Remove all System Restore Points: https://www.tenforums.com/tutorials/33593-delete-system-restore-points-windows-10-a.html#option2

Create clean fresh Restore Point: http://www.thewindowsclub.com/create-system-restore-point

Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/

Condsider the following:

Disable Remote Desktop: https://www.tenforums.com/tutorials/92433-enable-disable-remote-desktop-connections-windows-10-pc.html

Disable Windows Telemetry: https://helpdeskgeek.com/windows-10/how-to-disable-windows-10-telemetry/

Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/

Malwarebytes Browser Guard (Free) for Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Will also work for Opera and Edge..

PatchMyPC, keep all your software upto date - https://patchmypc.com/home-updater#download

From there you should be good to go...

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.