Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2022
Exécuté par utente (administrateur) sur YLAN (17-06-2022 07:52:01)
Exécuté depuis C:\Users\utente\Downloads
Profils chargés: utente
Plate-forme: Microsoft Windows 11 Professionnel Version 21H2 22000.739 (X64) Langue: Italien (Italie) -> Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe ->) (Digital Communications Inc -> DlGlTAL COMMUNICATIONS INC) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusClient.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <7>
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(Discord Inc. -> Discord Inc.) C:\Users\utente\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Digital Communications Inc -> DlGlTAL COMMUNICATIONS INC) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe
(services.exe ->) (Digital Communications Inc -> DlGlTAL COMMUNICATIONS INC) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SpaceAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [182888 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Discord] => C:\Users\utente\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Chromium] => "c:\users\utente\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [4195328 2017-10-07] (The Chromium Authors) [Fichier non signé]
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\utente\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Lync] => "C:\Program Files\Microsoft Office\root\Office16\lync.exe" /fromrunkey (Pas de fichier)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114000240 2021-10-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\MountPoints2: {6407ab4e-d9ad-11eb-865e-40b0767b8891} - "F:\setup.EXE" /AUTORUN
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\WINDOWS\system32\hpinkstsCE11LM.dll [393352 2017-03-20] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {062BCD89-6236-47FA-B0EB-8E4A6969A18B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D7C823A-2578-46E2-8B9A-ED659E565C57} - System32\Tasks\ChromiumUpdateTaskUserS-1-5-21-1261292212-1751163016-2004386437-1001UA => C:\Users\utente\AppData\Local\Chromium\Update\ChromiumUpdate.exe /ua /installsource scheduler (Pas de fichier) <==== ATTENTION
Task: {256801B0-1A88-44B0-80D1-D0689A367331} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2E16EACC-3D75-4243-9360-289FAFE2ACC6} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [355840 2021-10-05] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {381E5DC4-550E-4A9D-A9C0-2B17A133F1B7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3A498C3B-4C0D-4178-A991-A684844C3ECE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {46C06F81-0282-4373-80E3-F59ED8A6A836} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate (Pas de fichier)
Task: {5DF70306-C051-4551-8B09-D13E61FD6B18} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (Pas de fichier) <==== ATTENTION
Task: {66FFDC33-DCC4-4E3F-ABD1-9D4B8DBDEAE5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D20CDD8-2112-49D5-A205-8BA1E9949B12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76317D09-2134-4415-B1D2-0915258D572B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {768A8FFB-E2A1-4BD0-98CF-37453C815BA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-13] (Google Inc -> Google Inc.)
Task: {7E7763DE-2EF6-483E-BCA9-808BBE5CF2CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8558D8EF-1C88-4CB1-A8BE-33C6B9FEB7A2} - System32\Tasks\ChromiumUpdateTaskUserS-1-5-21-1261292212-1751163016-2004386437-1001Core => C:\Users\utente\AppData\Local\Chromium\Update\ChromiumUpdate.exe /c (Pas de fichier) <==== ATTENTION
Task: {8BD82C15-D432-47F8-8A7A-2265A14219D3} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615909299 => C:\Users\utente\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\utente\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\AMDInstallLauncher" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AMDLinkUpdate" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AMDRyzenMasterSDKTask" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\ByteFence" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - utente" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7c6a92958614f" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\ModifyLinkUpdate" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1261292212-1751163016-2004386437-1001" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Opera GX scheduled assistant Autoupdate 1615909299" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Opera GX scheduled Autoupdate 1593200924" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\StartAUEP" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\StartCNBM" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\StartDVR" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\TrackerAutoUpdate" /ENABLE
Task: {8BE897BB-7657-4888-8264-7FDC1C933B15} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {8C5092B9-9220-467D-8004-06128F13609F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {9BD7952E-972E-46F3-8436-3540653D4567} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {B91971F4-7DFA-4F2F-AD92-1D28450841AD} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C5655F3F-7422-49B5-BB98-EE3C10C5682A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C73A914A-9E51-4D70-AADF-5C57762ADB29} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C8D0C9F8-BA1D-422D-9E8B-2C027F6F7457} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {D2CAB94B-9D0E-40F7-8574-1482C66E615C} - System32\Tasks\S-1-5-21-1261292212-1751163016-2004386437-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Pas de fichier)
Task: {DBD5BAE8-CDE5-444C-BC7B-D60D5C09F944} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-13] (Google Inc -> Google Inc.)
Task: {E9989958-E022-426D-8AB5-A5BE304D0145} - System32\Tasks\Microsoft\Windows\Clip\LicenseImdsIntegration => C:\WINDOWS\system32\fclip.exe [480720 2022-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFAADF78-568D-46B2-BE3F-D7F186BC1BFF} - System32\Tasks\Opera GX scheduled Autoupdate 1593200924 => C:\Users\utente\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{551bed3f-88e4-4d84-80d8-d832b961b696}: [DhcpNameServer] 192.168.216.21
Tcpip\..\Interfaces\{b6c81a2e-e55c-4e4d-922e-a2f4d47b581b}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-1261292212-1751163016-2004386437-1001 -> hxxp://www.fr-gogo.com/
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\utente\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-16]
Edge HomePage: Default -> hxxp://www.fr-gogo.com/
Edge StartupUrls: Default -> "hxxp://www.fr-gogo.com/"
Edge DefaultSearchURL: Default -> hxxp://www.fr-gogo.com/search?q={searchTerms}
Edge DefaultSearchKeyword: Default -> fr-gogo.com

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [Pas de fichier]
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1261292212-1751163016-2004386437-1001: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Users\utente\AppData\Local\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1261292212-1751163016-2004386437-1001: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Users\utente\AppData\Local\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1261292212-1751163016-2004386437-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [Pas de fichier]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-08]
CHR Notifications: Profile 1 -> hxxps://crosscall.com; hxxps://hellcase.com; hxxps://maranhesduve.club; hxxps://moviestime.icu; hxxps://skinhub.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www1.bethanyharrell.pro; hxxps://www1.debrahinton.pro; hxxps://www3.bethanyharrell.pro; hxxps://youzik.com
CHR HomePage: Profile 1 -> hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8Ub0EY2Gw1%2BGHUjjYvd2SYk7lAgnvWth4n8%2FBSYu1o%2FyfhHkCh0FNOLEuI1pmOSZHHIfRn9A7wwDZM0DbrHinz4Ub%2FESfgUYnBe9amH5GGpsgTR7sN2%2FVtuHAMS%2B5KNoZwLpjjW%2FVqJoyQLQLt5YzhNaBu99okukEbZWDH6DSNrFdt2QFSR3KEY7DtXrNwVuniliMNPG4nnD6ZvoCgSeyQ4iDgD6ZEC68o7wa3tuaaITbA%2BCw3990Vn8IMe1%2BeeFffmcvu5%2BxY6UksPwVihUlLttfKBdtSc7KWKz%2B9MJkx4TecwvZMRhqvB9GfqZG5CS%2B
CHR StartupUrls: Profile 1 -> "hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5hCXwbidSYdCtavfmu%2Fjoi%2BdDvaJndYyOo9JvkWd9euFXYlPtEOTUsC6L4ifQsU3DWmHwUSSEDTHSTC%2Ff8ygqpf9lEccR%2F7Fz9JXWLDvXR%2B3w19GKWSLJFmF2G9TNJhBvMYKg1iSPin9Q80Br2kO4GOCyzpWDW3PCOwAAncG5FhDYx5psWPxfAPCRWicaMuP6NlAMFHBb9rTs01oCc8iuq1uoumA1GZV5yJesMs5BRU5ou6IULXsqjy%2BjKqIZBqVHJ","hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5hYj%2B57ypotuPG%2FO6bhFGJuVCA4qhsnafsWoP57Hmesycv1khMXg%2FhUrnDFCUYhCI4bsPQhNANbrP%2FniU00ZByd%2BUaxwSjbVIa8CV9DZV9y7WRzZFJXiq0K8FbRmZ%2FGwO30UD4qX%2FO9bhtU4srnI1jjqMMLOSeYAa1lJ93loK%2FT8KjKLemOYSBMq7vNTn0d%2BahV0wh2iQo6vI62mildK7SgQ2AXKhxTC425ll1dJh5E26eaqY6NCVxCkBA%2FHOmCgFF","hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5haWRQ%2Fof4GUY%2FD9JdbLYB6RG%2F4NugsADnk4irNyc5Nd7K3mEheco3HtzvNXc2t416eI5iI28%2F9HtPpuKErOR0U9ceUSm5GbWhm1Qyfj3cTCKljBYIa649o5at7odaoGcxjkPutPv8dw5GhEWFiG2a1%2BuT2%2BDDt0rCD6UjydLtm0ym9GA3BwIrHdlbsNBaERySLKJJaWtFCCOLbOMsBrFVBsw7sig4L%2F%2Fj8MlBGaDrtAPISZChZxfhiDbBHClXN9aZ","hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5hVuHeN4jXXCZ4Cs9BWYmet0l3YJthtrhBseuenfOJ7R2mtWdG1kZiqNFGOo0gcWixqyrVvLJfo2oXqnuXp40HnSZy8jiGascQlSbIom%2FQ89CcYN9Y7kaaFW5drp9VYLeQrjYP%2BlnCa5gdAjE%2FMZX00YZNprzo4zYe13W6OB9RBPJXhAtJe1nPQWAHkweoQ1SCfNhzEZlLDXwUtQmnhWkc4k9iEoW0c6c2IbA5nqTzuWWK%2BDkg3PDC21FVD24rMKsk"
CHR DefaultSearchURL: Profile 1 -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR91082G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> mcafee
CHR DefaultSuggestURL: Profile 1 -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-06-02]
CHR Extension: (wanteeed) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emnoomldgleagdjapdeckpmebokijail [2022-06-02]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-02-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-16]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-06-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Extension: (Search Manager) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2020-06-08]
CHR Profile: C:\Users\utente\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-12]
CHR HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1261292212-1751163016-2004386437-1001) Opera GXStable - "C:\Users\utente\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

"SAntivirusIC" => service a été déverrouillé. <==== ATTENTION

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-20] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe [616344 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [231528 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [205928 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [81512 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-04-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [8344720 2022-01-28] (Int3 Software AB -> Int3 Software AB)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146608 2022-05-25] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [513200 2022-05-25] (Oculus VR, LLC -> Facebook Technologies, LLC)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2559896 2022-03-19] (Rockstar Games, Inc. -> Rockstar Games)
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [6941200 2022-01-25] (Digital Communications Inc -> DlGlTAL COMMUNICATIONS INC) <==== ATTENTION
R2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [690704 2022-01-25] (Digital Communications Inc -> DlGlTAL COMMUNICATIONS INC) <==== ATTENTION
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6207704 2022-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 spacedeskService; %SystemRoot%\System32\spacedeskService.exe [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [94720 2021-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 BadlionAnticheat; C:\Windows\system32\drivers\BadlionAnticheat.sys [2506784 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-10-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé]
R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60312 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [46600 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22536 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 EQU8_HELPER_36; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_36.sys [38032 2022-01-21] (Int3 Software AB -> )
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [111960 2022-05-13] (Microsoft Windows -> Microsoft Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2021-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2021-05-26] (Oculus VR, LLC -> Facebook Inc.)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 RTCore64; D:\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [42856 2016-03-27] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions)
S3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [36800 2021-07-15] (Datronicsoft, Inc. -> )
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [86024 2022-01-25] (Digital Communications Inc -> DlGlTAL COMMUNICATIONS INC) <==== ATTENTION
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-03-09] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-01-27] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
S2 AMDRyzenMasterDriver; \??\C:\Program Files\AMD\Performance Profile Client\AMDRyzenMasterDriver.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 MpKsl88d5d8f7; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22E4A9D1-A20B-4355-92FC-1EE738D73A1B}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-06-17 07:52 - 2022-06-17 07:52 - 000037344 _____ C:\Users\utente\Downloads\FRST.txt
2022-06-17 07:51 - 2022-06-17 07:52 - 000000000 ____D C:\FRST
2022-06-17 07:51 - 2022-06-17 07:51 - 002368512 _____ (Farbar) C:\Users\utente\Downloads\FRST64.exe
2022-06-16 20:38 - 2022-06-16 20:38 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-06-16 20:38 - 2022-06-16 20:38 - 000524288 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-06-16 20:38 - 2022-06-16 20:38 - 000299008 _____ C:\WINDOWS\system32\EsclScan.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000180224 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000167936 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000057344 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000015042 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-16 20:37 - 2022-06-16 20:37 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-16 20:37 - 2022-06-16 20:37 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-06-16 20:33 - 2022-06-16 20:33 - 000000000 ___HD C:\$WinREAgent
2022-06-07 18:16 - 2022-06-07 18:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-07 18:16 - 2022-06-07 18:16 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-06-04 21:53 - 2022-06-09 20:35 - 000000000 ____D C:\Users\utente\AppData\Roaming\.paladium
2022-06-04 16:30 - 2022-06-15 21:20 - 000000000 ____D C:\Users\utente\AppData\Roaming\paladium-group
2022-06-04 16:29 - 2022-06-04 16:29 - 065788104 _____ (Dysey) C:\Users\utente\Downloads\Paladium.exe
2022-06-04 16:29 - 2022-06-04 16:29 - 000002426 _____ C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paladium.lnk
2022-06-04 16:29 - 2022-06-04 16:29 - 000002418 _____ C:\Users\utente\Desktop\Paladium.lnk
2022-06-04 16:29 - 2022-06-04 16:29 - 000000000 ____D C:\Users\utente\AppData\Local\paladium-group-updater
2022-06-03 16:54 - 2022-06-03 16:54 - 117203298 _____ C:\Users\utente\OneDrive\Documents\survie quentin.zip
2022-06-02 14:15 - 2022-06-08 19:51 - 000000000 ____D C:\Users\utente\OneDrive\Documents\survie quentin
2022-05-29 10:39 - 2022-05-29 10:39 - 000000059 _____ C:\Users\utente\OneDrive\Documents\kentonio.txt
2022-05-24 15:08 - 2022-05-24 15:08 - 000000000 ____D C:\Users\utente\AppData\Local\Borderlands 3
2022-05-22 20:33 - 2022-05-22 20:33 - 000000314 _____ C:\Users\utente\Desktop\Borderlands 3.url
2022-05-22 18:34 - 2022-05-22 18:34 - 000000729 _____ C:\Users\Public\Desktop\Dead Space 2.lnk
2022-05-20 18:17 - 2022-05-20 18:16 - 000003427 ____T C:\Users\utente\OneDrive\Documents\Enchères.ods
2022-05-20 18:16 - 2022-05-20 18:16 - 000003427 ____T C:\Users\utente\Downloads\Enchères.ods

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-06-17 07:50 - 2020-09-22 18:00 - 000000000 ____D C:\Users\utente\AppData\Roaming\discord
2022-06-17 07:49 - 2020-09-22 18:00 - 000000000 ____D C:\Users\utente\AppData\Local\Discord
2022-06-17 07:49 - 2019-09-13 20:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-17 07:48 - 2021-05-26 13:56 - 000000000 ____D C:\Users\utente\AppData\Local\Oculus
2022-06-17 07:48 - 2019-09-15 10:10 - 000000000 ____D C:\Users\utente\AppData\Local\CrashDumps
2022-06-17 07:47 - 2022-05-04 13:16 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-06-17 07:47 - 2022-01-21 16:36 - 000003080 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-06-17 07:47 - 2021-10-21 20:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-17 07:47 - 2021-10-21 20:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-17 07:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-06-17 07:47 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-17 07:47 - 2021-01-01 21:42 - 000012288 ___SH C:\DumpStack.log.tmp
2022-06-16 23:57 - 2021-10-21 20:38 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-16 23:56 - 2021-05-26 16:01 - 000000000 ____D C:\Users\utente\AppData\Roaming\OculusClient
2022-06-16 20:54 - 2021-10-21 21:11 - 000795448 _____ C:\WINDOWS\system32\perfh00C.dat
2022-06-16 20:54 - 2021-10-21 21:11 - 000155606 _____ C:\WINDOWS\system32\perfc00C.dat
2022-06-16 20:54 - 2021-10-21 20:33 - 002731586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-16 20:54 - 2021-06-05 19:36 - 000792452 _____ C:\WINDOWS\system32\perfh010.dat
2022-06-16 20:54 - 2021-06-05 19:36 - 000150192 _____ C:\WINDOWS\system32\perfc010.dat
2022-06-16 20:54 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-06-16 20:48 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-16 20:48 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-16 20:47 - 2021-10-21 20:20 - 000532040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-16 20:47 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-16 20:47 - 2019-09-13 22:11 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-06-16 20:46 - 2021-06-05 19:43 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-06-16 20:46 - 2021-06-05 19:43 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-06-16 20:46 - 2021-06-05 19:43 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-16 20:46 - 2021-05-26 15:57 - 000000000 ____D C:\Users\utente\AppData\Roaming\Oculus
2022-06-16 20:45 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-16 20:45 - 2019-09-19 18:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-16 20:43 - 2019-09-19 18:56 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 20:37 - 2021-10-21 20:21 - 003101184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-16 07:29 - 2022-01-17 09:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1261292212-1751163016-2004386437-1001
2022-06-16 07:29 - 2021-10-21 20:31 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1261292212-1751163016-2004386437-1001
2022-06-16 07:29 - 2021-01-01 21:43 - 000002424 _____ C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-15 21:23 - 2021-10-21 20:22 - 000000000 ____D C:\Users\utente
2022-06-15 21:23 - 2020-09-13 21:08 - 000000000 ____D C:\Users\utente\AppData\Roaming\Origin
2022-06-15 21:23 - 2020-09-13 21:08 - 000000000 ____D C:\ProgramData\Origin
2022-06-15 21:22 - 2020-10-07 17:24 - 000000000 ____D C:\Users\utente\AppData\Roaming\.minecraft
2022-06-15 21:21 - 2020-10-07 17:24 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2022-06-15 21:12 - 2020-09-13 21:08 - 000000000 ____D C:\Users\utente\AppData\Local\Origin
2022-06-15 20:58 - 2019-10-21 12:51 - 000000000 ____D C:\Users\utente\AppData\Local\D3DSCache
2022-06-15 20:32 - 2020-09-26 09:54 - 000000000 ____D C:\Users\utente\AppData\Local\Spotify
2022-06-15 20:31 - 2020-09-26 09:52 - 000000000 ____D C:\Users\utente\AppData\Roaming\Spotify
2022-06-15 17:07 - 2020-06-22 09:03 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-15 17:00 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-06-14 18:11 - 2022-03-09 15:55 - 000001426 _____ C:\Users\utente\Desktop\Roblox Player.lnk
2022-06-14 18:11 - 2022-03-09 15:55 - 000000000 ____D C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-06-13 13:47 - 2021-11-17 12:48 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7c6a92958614f
2022-06-13 13:47 - 2021-10-21 20:31 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-10 08:38 - 2020-09-15 07:16 - 000000000 ____D C:\Program Files (x86)\Origin
2022-06-09 12:23 - 2020-09-22 18:00 - 000002236 _____ C:\Users\utente\Desktop\Discord.lnk
2022-06-07 18:21 - 2021-08-21 13:55 - 000000000 ____D C:\Users\utente\AppData\Local\AMD_Common
2022-06-07 18:16 - 2022-01-01 19:56 - 002762208 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000402920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000230864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000136672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-06-03 16:52 - 2021-10-21 20:31 - 000004186 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1593200924
2022-06-03 16:52 - 2020-06-26 21:48 - 000001441 _____ C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2022-06-02 14:14 - 2021-10-16 13:59 - 000000000 ____D C:\Users\utente\OneDrive\Documents\mod mogrof
2022-06-02 13:18 - 2019-09-13 23:48 - 000000000 ____D C:\ProgramData\Packages
2022-05-29 16:07 - 2019-12-02 21:31 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-28 13:39 - 2021-05-27 19:40 - 000000000 ____D C:\Users\utente\AppData\Roaming\SideQuest
2022-05-27 17:10 - 2021-08-16 16:45 - 000000000 ____D C:\Users\utente\AppData\Local\Paladium Launcher
2022-05-25 22:40 - 2021-05-26 15:52 - 000000000 ____D C:\Program Files\Oculus
2022-05-23 18:54 - 2021-10-22 20:37 - 000000000 ____D C:\Users\utente\OneDrive\Documents\My Games
2022-05-22 17:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-20 18:17 - 2019-09-13 23:48 - 000000000 ___RD C:\Users\utente\OneDrive

==================== Fichiers à la racine de certains dossiers ========

2020-06-06 09:52 - 2020-06-06 09:52 - 000000262 _____ () C:\ProgramData\fontcacheev1.dat
2021-10-27 17:40 - 2021-10-27 17:40 - 000000099 _____ () C:\Users\utente\AppData\Roaming\LauncherSettings_live.cfg
2021-10-26 11:44 - 2021-10-27 12:57 - 000000283 _____ () C:\Users\utente\AppData\Roaming\MelonLoader.Installer.cfg
2021-10-27 17:31 - 2021-10-27 17:31 - 000002577 _____ () C:\Users\utente\AppData\Roaming\TheHunterSettings_live.bin
2020-03-09 22:09 - 2020-03-18 20:27 - 000004676 _____ () C:\Users\utente\AppData\Roaming\VoiceMeeterDefault.xml
2022-01-27 16:56 - 2022-01-27 16:56 - 000000000 _____ () C:\Users\utente\AppData\Local\cur3C5.tmp
2021-04-27 12:06 - 2022-01-25 17:50 - 000016438 _____ () C:\Users\utente\AppData\Local\partner.bmp

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================