Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2022
Exécuté par utente (administrateur) sur YLAN (17-06-2022 10:30:41)
Exécuté depuis C:\Users\utente\Downloads
Profils chargés: utente
Plate-forme: Microsoft Windows 11 Professionnel Version 21H2 22000.739 (X64) Langue: Italien (Italie) -> Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [Fichier non signé] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <7>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(C:\Users\utente\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\utente\AppData\Local\Programs\Opera GX\86.0.4363.70\opera_crashreporter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(Discord Inc. -> Discord Inc.) C:\Users\utente\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Opera Software AS -> Opera Software) C:\Users\utente\AppData\Local\Programs\Opera GX\opera.exe <18>
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.66.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [182888 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Discord] => C:\Users\utente\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\utente\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Lync] => "C:\Program Files\Microsoft Office\root\Office16\lync.exe" /fromrunkey (Pas de fichier)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114000240 2021-10-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1261292212-1751163016-2004386437-1001\...\MountPoints2: {6407ab4e-d9ad-11eb-865e-40b0767b8891} - "F:\setup.EXE" /AUTORUN
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\WINDOWS\system32\hpinkstsCE11LM.dll [393352 2017-03-20] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-15] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {062BCD89-6236-47FA-B0EB-8E4A6969A18B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E16EACC-3D75-4243-9360-289FAFE2ACC6} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [355840 2021-10-05] (Advanced Micro Devices, Inc.) [Fichier non signé]
Task: {381E5DC4-550E-4A9D-A9C0-2B17A133F1B7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3A498C3B-4C0D-4178-A991-A684844C3ECE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {46C06F81-0282-4373-80E3-F59ED8A6A836} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate (Pas de fichier)
Task: {4B1D98FF-C9F1-49C3-AB5E-8B7A958EA770} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {66FFDC33-DCC4-4E3F-ABD1-9D4B8DBDEAE5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {768A8FFB-E2A1-4BD0-98CF-37453C815BA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-13] (Google Inc -> Google Inc.)
Task: {8ADC9079-1411-4DC7-87F5-F158A4814059} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8BD82C15-D432-47F8-8A7A-2265A14219D3} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615909299 => C:\Users\utente\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\utente\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {8C5092B9-9220-467D-8004-06128F13609F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {9BD7952E-972E-46F3-8436-3540653D4567} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C73A914A-9E51-4D70-AADF-5C57762ADB29} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C8D0C9F8-BA1D-422D-9E8B-2C027F6F7457} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {D2CAB94B-9D0E-40F7-8574-1482C66E615C} - System32\Tasks\S-1-5-21-1261292212-1751163016-2004386437-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Pas de fichier)
Task: {DBD5BAE8-CDE5-444C-BC7B-D60D5C09F944} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-09-13] (Google Inc -> Google Inc.)
Task: {E9989958-E022-426D-8AB5-A5BE304D0145} - System32\Tasks\Microsoft\Windows\Clip\LicenseImdsIntegration => C:\WINDOWS\system32\fclip.exe [480720 2022-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFAADF78-568D-46B2-BE3F-D7F186BC1BFF} - System32\Tasks\Opera GX scheduled Autoupdate 1593200924 => C:\Users\utente\AppData\Local\Programs\Opera GX\launcher.exe [2369792 2022-05-30] (Opera Software AS -> Opera Software)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{551bed3f-88e4-4d84-80d8-d832b961b696}: [DhcpNameServer] 192.168.216.21
Tcpip\..\Interfaces\{b6c81a2e-e55c-4e4d-922e-a2f4d47b581b}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\utente\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-17]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1261292212-1751163016-2004386437-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [Pas de fichier]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-17]
CHR Notifications: Profile 1 -> hxxps://crosscall.com; hxxps://hellcase.com; hxxps://moviestime.icu; hxxps://skinhub.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www1.bethanyharrell.pro; hxxps://www3.bethanyharrell.pro; hxxps://youzik.com
CHR HomePage: Profile 1 -> hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8Ub0EY2Gw1%2BGHUjjYvd2SYk7lAgnvWth4n8%2FBSYu1o%2FyfhHkCh0FNOLEuI1pmOSZHHIfRn9A7wwDZM0DbrHinz4Ub%2FESfgUYnBe9amH5GGpsgTR7sN2%2FVtuHAMS%2B5KNoZwLpjjW%2FVqJoyQLQLt5YzhNaBu99okukEbZWDH6DSNrFdt2QFSR3KEY7DtXrNwVuniliMNPG4nnD6ZvoCgSeyQ4iDgD6ZEC68o7wa3tuaaITbA%2BCw3990Vn8IMe1%2BeeFffmcvu5%2BxY6UksPwVihUlLttfKBdtSc7KWKz%2B9MJkx4TecwvZMRhqvB9GfqZG5CS%2B
CHR StartupUrls: Profile 1 -> "hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5hCXwbidSYdCtavfmu%2Fjoi%2BdDvaJndYyOo9JvkWd9euFXYlPtEOTUsC6L4ifQsU3DWmHwUSSEDTHSTC%2Ff8ygqpf9lEccR%2F7Fz9JXWLDvXR%2B3w19GKWSLJFmF2G9TNJhBvMYKg1iSPin9Q80Br2kO4GOCyzpWDW3PCOwAAncG5FhDYx5psWPxfAPCRWicaMuP6NlAMFHBb9rTs01oCc8iuq1uoumA1GZV5yJesMs5BRU5ou6IULXsqjy%2BjKqIZBqVHJ","hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5hYj%2B57ypotuPG%2FO6bhFGJuVCA4qhsnafsWoP57Hmesycv1khMXg%2FhUrnDFCUYhCI4bsPQhNANbrP%2FniU00ZByd%2BUaxwSjbVIa8CV9DZV9y7WRzZFJXiq0K8FbRmZ%2FGwO30UD4qX%2FO9bhtU4srnI1jjqMMLOSeYAa1lJ93loK%2FT8KjKLemOYSBMq7vNTn0d%2BahV0wh2iQo6vI62mildK7SgQ2AXKhxTC425ll1dJh5E26eaqY6NCVxCkBA%2FHOmCgFF","hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5haWRQ%2Fof4GUY%2FD9JdbLYB6RG%2F4NugsADnk4irNyc5Nd7K3mEheco3HtzvNXc2t416eI5iI28%2F9HtPpuKErOR0U9ceUSm5GbWhm1Qyfj3cTCKljBYIa649o5at7odaoGcxjkPutPv8dw5GhEWFiG2a1%2BuT2%2BDDt0rCD6UjydLtm0ym9GA3BwIrHdlbsNBaERySLKJJaWtFCCOLbOMsBrFVBsw7sig4L%2F%2Fj8MlBGaDrtAPISZChZxfhiDbBHClXN9aZ","hxxps://homesearchdesign.com/tab?session=y6bdVFVIsvuYsgEClQfz8KPHfvH%2BSL4GendPJIeK%2B%2FksMSqKVQeiw3UNn5SW%2FzQ8EVJgESJhU8GmP%2BlNHMbtXMUGNki9MLoohv3l%2BJ9ubcc2TvyqsdEoN3%2B79v3dMN5hVuHeN4jXXCZ4Cs9BWYmet0l3YJthtrhBseuenfOJ7R2mtWdG1kZiqNFGOo0gcWixqyrVvLJfo2oXqnuXp40HnSZy8jiGascQlSbIom%2FQ89CcYN9Y7kaaFW5drp9VYLeQrjYP%2BlnCa5gdAjE%2FMZX00YZNprzo4zYe13W6OB9RBPJXhAtJe1nPQWAHkweoQ1SCfNhzEZlLDXwUtQmnhWkc4k9iEoW0c6c2IbA5nqTzuWWK%2BDkg3PDC21FVD24rMKsk"
CHR DefaultSearchURL: Profile 1 -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR91082G0&p={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-06-02]
CHR Extension: (wanteeed) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emnoomldgleagdjapdeckpmebokijail [2022-06-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-16]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-06-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-09]
CHR Profile: C:\Users\utente\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-17]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1261292212-1751163016-2004386437-1001) Opera GXStable - "C:\Users\utente\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-04-20] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\WINDOWS\system32\CorsairGamingAudioCfgService64.exe [616344 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [231528 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [205928 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [81512 2022-01-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-04-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [8344720 2022-01-28] (Int3 Software AB -> Int3 Software AB)
S2 GameInput Service; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [75240 2022-05-25] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-17] (Malwarebytes Inc. -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146608 2022-05-25] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [513200 2022-05-25] (Oculus VR, LLC -> Facebook Technologies, LLC)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2559896 2022-03-19] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6207704 2022-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 spacedeskService; %SystemRoot%\System32\spacedeskService.exe [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [94720 2021-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 BadlionAnticheat; C:\Windows\system32\drivers\BadlionAnticheat.sys [2506784 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-10-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé]
R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60312 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [46600 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22536 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 EQU8_HELPER_36; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_36.sys [38032 2022-01-21] (Int3 Software AB -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [111960 2022-05-13] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [192960 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74680 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-06-17] (Malwarebytes Inc. -> Malwarebytes)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2021-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2021-05-26] (Oculus VR, LLC -> Facebook Inc.)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 RTCore64; D:\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [42856 2016-03-27] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions)
S3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [36800 2021-07-15] (Datronicsoft, Inc. -> )
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-03-09] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-01-27] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-12] (Microsoft Windows -> Microsoft Corporation)
S2 AMDRyzenMasterDriver; \??\C:\Program Files\AMD\Performance Profile Client\AMDRyzenMasterDriver.sys [X]
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 MpKsl88d5d8f7; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22E4A9D1-A20B-4355-92FC-1EE738D73A1B}\MpKslDrv.sys [X]
S1 TASANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-06-17 09:48 - 2022-06-17 09:48 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-06-17 09:48 - 2022-06-17 09:48 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-06-17 09:48 - 2022-06-17 09:48 - 000074680 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-06-17 09:48 - 2022-06-17 09:48 - 000000000 ____D C:\Users\utente\AppData\LocalLow\IGDump
2022-06-17 09:47 - 2022-06-17 09:49 - 000014828 _____ C:\Users\utente\Downloads\compte rendu.txt
2022-06-17 09:39 - 2022-06-17 09:40 - 000000000 ____D C:\Users\utente\AppData\Local\mbam
2022-06-17 09:39 - 2022-06-17 09:39 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-17 09:39 - 2022-06-17 09:39 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-06-17 09:39 - 2022-06-17 09:39 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-06-17 09:39 - 2022-06-17 09:39 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-06-17 09:39 - 2022-06-17 09:38 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-06-17 09:39 - 2022-06-17 09:38 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-06-17 09:38 - 2022-06-17 09:38 - 002549096 _____ (Malwarebytes) C:\Users\utente\Downloads\MBSetup.exe
2022-06-17 09:38 - 2022-06-17 09:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-06-17 09:38 - 2022-06-17 09:38 - 000000000 ____D C:\Program Files\Malwarebytes
2022-06-17 09:33 - 2022-06-17 09:37 - 000022961 _____ C:\Users\utente\Downloads\Fixlog.txt
2022-06-17 08:06 - 2022-06-17 08:06 - 000000228 _____ C:\Users\utente\Downloads\qzdqzdqzdqzdqzdqzdqzdqzd.txt
2022-06-17 07:53 - 2022-06-17 07:55 - 000147656 _____ C:\Users\utente\Downloads\Addition.txt
2022-06-17 07:52 - 2022-06-17 10:31 - 000029032 _____ C:\Users\utente\Downloads\FRST.txt
2022-06-17 07:51 - 2022-06-17 10:31 - 000000000 ____D C:\FRST
2022-06-17 07:51 - 2022-06-17 07:51 - 002368512 _____ (Farbar) C:\Users\utente\Downloads\FRST64.exe
2022-06-16 20:38 - 2022-06-16 20:38 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-06-16 20:38 - 2022-06-16 20:38 - 000524288 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-06-16 20:38 - 2022-06-16 20:38 - 000299008 _____ C:\WINDOWS\system32\EsclScan.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000180224 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000167936 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000057344 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-06-16 20:38 - 2022-06-16 20:38 - 000015042 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-16 20:37 - 2022-06-16 20:37 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-16 20:37 - 2022-06-16 20:37 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-06-16 20:33 - 2022-06-16 20:33 - 000000000 ___HD C:\$WinREAgent
2022-06-07 18:16 - 2022-06-07 18:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-06-07 18:16 - 2022-06-07 18:16 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-06-04 21:53 - 2022-06-09 20:35 - 000000000 ____D C:\Users\utente\AppData\Roaming\.paladium
2022-06-04 16:30 - 2022-06-15 21:20 - 000000000 ____D C:\Users\utente\AppData\Roaming\paladium-group
2022-06-04 16:29 - 2022-06-04 16:29 - 065788104 _____ (Dysey) C:\Users\utente\Downloads\Paladium.exe
2022-06-04 16:29 - 2022-06-04 16:29 - 000002426 _____ C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paladium.lnk
2022-06-04 16:29 - 2022-06-04 16:29 - 000002418 _____ C:\Users\utente\Desktop\Paladium.lnk
2022-06-04 16:29 - 2022-06-04 16:29 - 000000000 ____D C:\Users\utente\AppData\Local\paladium-group-updater
2022-06-03 16:54 - 2022-06-03 16:54 - 117203298 _____ C:\Users\utente\OneDrive\Documents\survie quentin.zip
2022-06-02 14:15 - 2022-06-08 19:51 - 000000000 ____D C:\Users\utente\OneDrive\Documents\survie quentin
2022-05-29 10:39 - 2022-05-29 10:39 - 000000059 _____ C:\Users\utente\OneDrive\Documents\kentonio.txt
2022-05-24 15:08 - 2022-05-24 15:08 - 000000000 ____D C:\Users\utente\AppData\Local\Borderlands 3
2022-05-22 20:33 - 2022-05-22 20:33 - 000000314 _____ C:\Users\utente\Desktop\Borderlands 3.url
2022-05-22 18:34 - 2022-05-22 18:34 - 000000729 _____ C:\Users\Public\Desktop\Dead Space 2.lnk
2022-05-20 18:17 - 2022-05-20 18:16 - 000003427 ____T C:\Users\utente\OneDrive\Documents\Enchères.ods
2022-05-20 18:16 - 2022-05-20 18:16 - 000003427 ____T C:\Users\utente\Downloads\Enchères.ods

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-06-17 10:18 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-17 10:07 - 2020-09-22 18:00 - 000000000 ____D C:\Users\utente\AppData\Roaming\discord
2022-06-17 09:55 - 2021-10-21 21:11 - 000795448 _____ C:\WINDOWS\system32\perfh00C.dat
2022-06-17 09:55 - 2021-10-21 21:11 - 000155606 _____ C:\WINDOWS\system32\perfc00C.dat
2022-06-17 09:55 - 2021-10-21 20:33 - 002731586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-17 09:55 - 2021-06-05 19:36 - 000792452 _____ C:\WINDOWS\system32\perfh010.dat
2022-06-17 09:55 - 2021-06-05 19:36 - 000150192 _____ C:\WINDOWS\system32\perfc010.dat
2022-06-17 09:55 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-06-17 09:52 - 2020-09-22 18:00 - 000000000 ____D C:\Users\utente\AppData\Local\Discord
2022-06-17 09:50 - 2019-09-13 20:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-17 09:49 - 2019-09-15 10:10 - 000000000 ____D C:\Users\utente\AppData\Local\CrashDumps
2022-06-17 09:48 - 2022-05-04 13:16 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-06-17 09:48 - 2022-01-21 16:36 - 000003080 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-06-17 09:48 - 2021-10-21 20:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-17 09:48 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-06-17 09:48 - 2021-05-26 13:56 - 000000000 ____D C:\Users\utente\AppData\Local\Oculus
2022-06-17 09:48 - 2021-01-01 21:42 - 000012288 ___SH C:\DumpStack.log.tmp
2022-06-17 09:48 - 2019-09-13 22:11 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-06-17 09:39 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-06-17 09:36 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-17 09:35 - 2021-06-11 17:13 - 000000000 ____D C:\Users\utente\AppData\LocalLow\Temp
2022-06-17 09:33 - 2021-10-21 20:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-06-17 09:31 - 2021-04-27 12:06 - 000000000 ____D C:\Program Files (x86)\VevyStriakeCu
2022-06-17 07:47 - 2021-10-21 20:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-16 23:57 - 2021-10-21 20:38 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-16 23:56 - 2021-05-26 16:01 - 000000000 ____D C:\Users\utente\AppData\Roaming\OculusClient
2022-06-16 20:48 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-16 20:48 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-16 20:47 - 2021-10-21 20:20 - 000532040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-16 20:46 - 2021-06-05 19:43 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-06-16 20:46 - 2021-06-05 19:43 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-06-16 20:46 - 2021-06-05 19:43 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-06-16 20:46 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-16 20:46 - 2021-05-26 15:57 - 000000000 ____D C:\Users\utente\AppData\Roaming\Oculus
2022-06-16 20:45 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-16 20:45 - 2019-09-19 18:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-16 20:43 - 2019-09-19 18:56 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-16 20:37 - 2021-10-21 20:21 - 003101184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-16 07:29 - 2022-01-17 09:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1261292212-1751163016-2004386437-1001
2022-06-16 07:29 - 2021-10-21 20:31 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1261292212-1751163016-2004386437-1001
2022-06-16 07:29 - 2021-01-01 21:43 - 000002424 _____ C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-15 21:23 - 2021-10-21 20:22 - 000000000 ____D C:\Users\utente
2022-06-15 21:23 - 2020-09-13 21:08 - 000000000 ____D C:\Users\utente\AppData\Roaming\Origin
2022-06-15 21:23 - 2020-09-13 21:08 - 000000000 ____D C:\ProgramData\Origin
2022-06-15 21:22 - 2020-10-07 17:24 - 000000000 ____D C:\Users\utente\AppData\Roaming\.minecraft
2022-06-15 21:21 - 2020-10-07 17:24 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2022-06-15 21:12 - 2020-09-13 21:08 - 000000000 ____D C:\Users\utente\AppData\Local\Origin
2022-06-15 20:58 - 2019-10-21 12:51 - 000000000 ____D C:\Users\utente\AppData\Local\D3DSCache
2022-06-15 20:32 - 2020-09-26 09:54 - 000000000 ____D C:\Users\utente\AppData\Local\Spotify
2022-06-15 20:31 - 2020-09-26 09:52 - 000000000 ____D C:\Users\utente\AppData\Roaming\Spotify
2022-06-15 17:07 - 2020-06-22 09:03 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-15 17:00 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-06-14 18:11 - 2022-03-09 15:55 - 000001426 _____ C:\Users\utente\Desktop\Roblox Player.lnk
2022-06-14 18:11 - 2022-03-09 15:55 - 000000000 ____D C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-06-13 13:47 - 2021-11-17 12:48 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7c6a92958614f
2022-06-13 13:47 - 2021-10-21 20:31 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-10 08:38 - 2020-09-15 07:16 - 000000000 ____D C:\Program Files (x86)\Origin
2022-06-09 12:23 - 2020-09-22 18:00 - 000002236 _____ C:\Users\utente\Desktop\Discord.lnk
2022-06-07 18:21 - 2021-08-21 13:55 - 000000000 ____D C:\Users\utente\AppData\Local\AMD_Common
2022-06-07 18:16 - 2022-01-01 19:56 - 002762208 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000402920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000230864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000136672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-06-07 18:16 - 2022-01-01 19:56 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-06-03 16:52 - 2021-10-21 20:31 - 000004186 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1593200924
2022-06-03 16:52 - 2020-06-26 21:48 - 000001441 _____ C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2022-06-02 14:14 - 2021-10-16 13:59 - 000000000 ____D C:\Users\utente\OneDrive\Documents\mod mogrof
2022-06-02 13:18 - 2019-09-13 23:48 - 000000000 ____D C:\ProgramData\Packages
2022-05-29 16:07 - 2019-12-02 21:31 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-28 13:39 - 2021-05-27 19:40 - 000000000 ____D C:\Users\utente\AppData\Roaming\SideQuest
2022-05-27 17:10 - 2021-08-16 16:45 - 000000000 ____D C:\Users\utente\AppData\Local\Paladium Launcher
2022-05-25 22:40 - 2021-05-26 15:52 - 000000000 ____D C:\Program Files\Oculus
2022-05-23 18:54 - 2021-10-22 20:37 - 000000000 ____D C:\Users\utente\OneDrive\Documents\My Games
2022-05-22 17:45 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-05-20 18:17 - 2019-09-13 23:48 - 000000000 ___RD C:\Users\utente\OneDrive

==================== Fichiers à la racine de certains dossiers ========

2020-06-06 09:52 - 2020-06-06 09:52 - 000000262 _____ () C:\ProgramData\fontcacheev1.dat
2021-10-27 17:40 - 2021-10-27 17:40 - 000000099 _____ () C:\Users\utente\AppData\Roaming\LauncherSettings_live.cfg
2021-10-26 11:44 - 2021-10-27 12:57 - 000000283 _____ () C:\Users\utente\AppData\Roaming\MelonLoader.Installer.cfg
2021-10-27 17:31 - 2021-10-27 17:31 - 000002577 _____ () C:\Users\utente\AppData\Roaming\TheHunterSettings_live.bin
2020-03-09 22:09 - 2020-03-18 20:27 - 000004676 _____ () C:\Users\utente\AppData\Roaming\VoiceMeeterDefault.xml
2022-01-27 16:56 - 2022-01-27 16:56 - 000000000 _____ () C:\Users\utente\AppData\Local\cur3C5.tmp
2021-04-27 12:06 - 2022-01-25 17:50 - 000016438 _____ () C:\Users\utente\AppData\Local\partner.bmp

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================