Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2022
Exécuté par Matteo (administrateur) sur DESKTOP-CVTD1PS (Micro-Star International Co., Ltd. MS-7C52) (03-08-2022 15:58:05)
Exécuté depuis C:\Users\Matteo\AppData\Local\Temp\scoped_dir11340_232876286
Profils chargés: Matteo
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1826 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <4>
(C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe ->) (Reaction Software Limited -> Weather Zero) C:\Program Files (x86)\WeatherZero\WeatherZero.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Users\Matteo\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Matteo\AppData\Local\Programs\Opera GX\89.0.4447.64\opera_crashreporter.exe
(C:\Windows\runSW.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Discord Inc. -> Discord Inc.) C:\Users\Matteo\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\Matteo\AppData\Local\Programs\Opera GX\opera.exe <34>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Cowan Innovations Inc. -> Altruistic Software) C:\Program Files (x86)\Altruistics\Altruistics.exe <2>
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(services.exe ->) (IVT CORPORATION -> IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d5d5b9f929f4cb65\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(services.exe ->) (Reaction Software Limited -> Weather Information Service) C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> ) C:\Windows\runSW.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2>
(services.exe ->) (Reason Cybersecurity Inc. -> ) C:\Program Files\ReasonSaferWeb\rsDNSResolver.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\RAVVPN\rsVPNClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\RAVVPN\rsVPNSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonSaferWeb\rsDNSClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonSaferWeb\rsDNSSvc.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [488240 2015-07-28] (IVT CORPORATION -> IVT Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706000 2022-07-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\...\Run: [Discord] => C:\Users\Matteo\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\...\Run: [OneDriveService] => C:\Program Files\WindowsApps\Microsoft.x64__8wekyb3gfdfdgd8bbwe/file.exe (Pas de fichier)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-1025655619-4014309140-2894110501-1010\...\Run: [MicrosoftEdgeAutoLaunch_4634DC55C1C7AD59037619CECF150FAE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601840 2022-07-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1012\...\Run: [MicrosoftEdgeAutoLaunch_7023D4591EFD026EEFE0186513FFF418] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601840 2022-07-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1012\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\wind\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1012\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\wind\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\...\Print\Monitors\BlueSoleil Print Port: BsMonSvr
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{BE423CF8-7C59-4179-B70C-88901B6EC506}] -> IVTcPhoneProvider.dll
HKLM\Software\...\Authentication\Credential Providers: [{EF1BCB6C-FEA5-4a04-905F-190375E5B996}] -> C:\Windows\system32\IVTCredentialProvider.dll [2015-07-28] (IVT CORPORATION -> )
Lsa: [Notification Packages] scecli IVTCredentialProvider

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {01C486BC-19E2-473D-88F6-4604B57C0752} - System32\Tasks\WmiPrvSE => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {058414C4-6BF7-4277-ADD8-099007473A54} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-07-18] (Piriform Software Ltd -> Piriform)
Task: {05B10F85-9CA1-4F70-8085-A0774683B644} - System32\Tasks\GoogleUpdateTaskMachineCore{15C88344-F434-4BFE-8D3A-D57A43236AD1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-04-27] (Google LLC -> Google LLC)
Task: {084C8D05-6443-4B49-84F6-606D1E65CA1B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {116A4E26-CA7F-4D00-8F8E-491D084B8EF2} - System32\Tasks\OneDrive Status Checker => cmd.exe /C "PowerShell -Nologo -NoProfile -ExecutionPolicy Bypass -E "QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgACQARQBuAHYAOgBVAFMARQBSAFAAUgBPAEYASQBMAEUAXABBAHAAcABEAGEAdABhAA0ACgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAALQBFAHgAYwBsAHUAcwBpAG8AbgBQAGEAdABoAC (l'élément de données a 302 caractères en plus). <==== ATTENTION
Task: {216AE58D-2356-4BDE-9667-F1BAD1223A1C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2CFB4A50-ABBB-431E-B05E-5FF65B3C544A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {32068413-C67A-4C52-AD60-3D1E8C3D2524} - System32\Tasks\WindowsDefenderServices\WindowsDefenderServicesService_bk3016 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {346B191C-1C7A-456C-A866-87F27E794C64} - System32\Tasks\NvStray => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {364621BE-18A5-4328-8E3A-42C8E6F4C6D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {37DC7F96-8589-42ED-81EC-910B908AB21A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {41258974-BF56-463F-B181-7EF93B6D2D10} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4219CAFE-C6A2-4F98-AB10-0B6A75EA610A} - System32\Tasks\SettingSysHost\SettingSysHostService_bk979 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {4E1826DC-12D0-4CCA-9AD5-F14034730729} - System32\Tasks\SettingSysHost\SettingSysHostService_bk6740 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {554A078A-72A3-4824-A724-C6FD8AA096BE} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [669320 2022-03-23] (Advanced Micro Devices Inc. -> )
Task: {60ADD1CF-410B-414B-8C11-7F5B6C8152C8} - System32\Tasks\WindowsDefenderServices\WindowsDefenderServicesService_bk8822 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {6F8F71BD-4B51-456A-846E-2F1003E58767} - System32\Tasks\OneDriveService => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {6FF6BFAE-28F5-4FC7-A581-2BE283479C05} - System32\Tasks\OneDrive Status Checker Start => cmd.exe /C "PowerShell -Nologo -NoProfile -ExecutionPolicy Bypass -E "QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgACQARQBuAHYAOgBVAFMARQBSAFAAUgBPAEYASQBMAEUAXABBAHAAcABEAGEAdABhAA0ACgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAALQBFAHgAYwBsAHUAcwBpAG8AbgBQAGEAdABoAC (l'élément de données a 2389 caractères en plus). <==== ATTENTION
Task: {817D2E38-3895-4C1D-B221-EDE776A4B6E9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {870586F5-5CB1-4AB4-991D-BE65AC0FC57D} - System32\Tasks\CCleanerSkipUAC - Matteo => C:\Program Files\CCleaner\CCleaner.exe [31101528 2022-07-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {885FD7E1-C975-45A2-916D-6D8C7A3C6797} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8BA1FC6B-9C57-4868-A7AC-A2524C1DF262} - System32\Tasks\SecurityHealthSystray => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {96E2068B-8CE6-4587-B88E-4D4538E3A068} - System32\Tasks\AntiMalwareServiceExecutable => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {98272AAE-36F1-436E-82C1-967CB188B4A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E5BFA39-28A1-401B-B960-2DFBB59D24DA} - System32\Tasks\MicrosoftEdgeUpd => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {9EDA2BC8-5113-42F4-B173-6490CF344901} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1652314025 => C:\Users\Matteo\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Matteo\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {A01405E9-1AA9-4366-91B3-9BC1E9A873AC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A997E6C2-8EE9-4B8D-8EE7-327B57087759} - System32\Tasks\AntiMalwareSericeExecutable\AntiMalwareSericeExecutableService_bk2980 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {BD6B2B92-CFA7-4F57-B75A-9E0D3E2CC8ED} - System32\Tasks\WindowsDefender => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {BF68AF84-565C-4F21-B3CC-A821B9E0360F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C26E8903-E34A-4085-A070-B6D92B8CF4AB} - System32\Tasks\MicrosoftUpdateServices\MicrosoftUpdateServicesService_bk4911 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {D300A9AF-F91C-4A9E-A0F4-0B45A01C5327} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DA76B42B-4E14-41A6-85FC-710BBFD41361} - System32\Tasks\AntiMalwareSericeExecutable\AntiMalwareSericeExecutableService_bk4756 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {DDFC1AC4-50B4-4134-9DC8-BDBB67307745} - System32\Tasks\GoogleUpdateTaskMachineUA{E78B27F1-8186-4664-B0C5-E740B7CFC58E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-04-27] (Google LLC -> Google LLC)
Task: {DFFF30BD-32B0-4732-A539-D609C7C055CD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F5EE415B-1AAD-4879-8A5D-698610F6F708} - System32\Tasks\Opera GX scheduled Autoupdate 1651018002 => C:\Users\Matteo\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1c95f62f-262e-45fe-82dd-bd1556550db6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ccca966a-f859-4baa-8852-2561ff255fbb}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Matteo\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-03]
Edge Notifications: Default -> hxxps://captcha4you.top
Edge Extension: (Kaspersky Protection) - C:\Users\Matteo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-03]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-1025655619-4014309140-2894110501-1010\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-1025655619-4014309140-2894110501-1012\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [isend@www.bluesoleil.com] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\FireFox\isend@www.bluesoleil.com
FF Extension: (BlueSoleil Extension) - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\FireFox\isend@www.bluesoleil.com [2022-04-27] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default [2022-08-01]
CHR Extension: (Kaspersky Protection) - C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-07-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Matteo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-27]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [cocpghbdppojfnfpjhmlcfkljjjfpika] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\Chrome\TS_Chrome.crx [2015-07-27]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1025655619-4014309140-2894110501-1001) Opera GXStable - "C:\Users\Matteo\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

"AltruisticsService" => service a été déverrouillé. <==== ATTENTION

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AltruisticsService; C:\Program Files (x86)\Altruistics\Altruistics.exe [18041728 2022-07-28] (Cowan Innovations Inc. -> Altruistic Software)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2022-07-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [3300080 2015-07-28] (IVT CORPORATION -> IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [156976 2015-07-28] (IVT CORPORATION -> IVT Corporation)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081432 2022-07-18] (Piriform Software Ltd -> )
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11302536 2022-08-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-05-26] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-03-25] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_service_10.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.1\kpm_service.exe [518472 2022-07-18] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-08-03] (Malwarebytes Inc. -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [396488 2022-04-28] (Parsec Cloud, Inc. -> Parsec)
R2 rsDNSClientSvc; C:\Program Files\ReasonSaferWeb\rsDNSClientSvc.exe [741192 2022-07-28] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsDNSResolver; C:\Program Files\ReasonSaferWeb\rsDNSResolver.exe [10827592 2022-07-28] (Reason Cybersecurity Inc. -> )
R2 rsDNSSvc; C:\Program Files\ReasonSaferWeb\rsDNSSvc.exe [328008 2022-07-28] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsVPNClientSvc; C:\Program Files\RAVVPN\rsVPNClientSvc.exe [740680 2022-07-28] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsVPNSvc; C:\Program Files\RAVVPN\rsVPNSvc.exe [306504 2022-07-28] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 RunSwUSB; C:\Windows\runSW.exe [59232 2018-05-02] (Realtek Semiconductor Corp. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6232176 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 TermService; C:\Windows\System32\svchost.exe [55320 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) <==== ATTENTION (pas de ServiceDLL)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WeatherZeroSvc; C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe [3256744 2022-06-12] (Reaction Software Limited -> Weather Information Service)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d5d5b9f929f4cb65\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d5d5b9f929f4cb65\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 BlueletAudio; C:\Windows\System32\drivers\blueletaudio.sys [41184 2013-10-08] (IVT CORPORATION -> IVT Corporation)
S3 BlueletAudio; C:\Windows\SysWOW64\drivers\blueletaudio.sys [41184 2013-10-08] (IVT CORPORATION -> IVT Corporation)
R3 BT; C:\Windows\System32\drivers\btnetdrv.sys [22240 2011-12-21] (IVT CORPORATION -> IVT Corporation.)
S3 BTCOM; C:\Windows\system32\DRIVERS\btcomport.sys [28456 2014-10-16] (IVT CORPORATION -> IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [51264 2015-07-07] (IVT CORPORATION -> IVT Corporation.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [287744 2022-05-02] (Microsoft Corporation) [Fichier non signé]
R3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT CORPORATION -> IVT Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 e2esoft_ivcamaudio_simple; C:\Windows\system32\drivers\iVCamAud.sys [255464 2020-11-04] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 HidHide; C:\Windows\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 iVCam; C:\Windows\system32\DRIVERS\iVCam.sys [1092552 2021-12-03] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT CORPORATION -> IVT Corporation.)
R3 IvtComBusSrv; C:\Windows\System32\Drivers\btcombus.sys [25824 2014-05-06] (IVT CORPORATION -> IVT Corporation.)
R3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT CORPORATION -> IVT Corporation.)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [703056 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1582672 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [190696 2022-07-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-07-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-07-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [357136 2022-07-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [187200 2022-07-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [270752 2022-07-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-08-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [192960 2022-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [74704 2022-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-08-03] (Malwarebytes Inc. -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 rsDwf; C:\Windows\system32\DRIVERS\rsDwf.sys [54144 2022-07-28] (Reason CyberSecurity Inc. -> Reason CyberSecurity Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2022-04-27] (Bruce James -> Scarlet.Crush Productions)
R3 VHidMinidrv; C:\Windows\system32\drivers\VHIDMini.sys [18088 2014-08-12] (IVT CORPORATION -> IVT Corporation.)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-07-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [452856 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\Matteo\AppData\Local\Temp\tmpD796.tmp [14544 2022-08-02] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ATTENTION
U1 aswbdisk; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-08-03 15:57 - 2022-08-03 15:58 - 000000000 ____D C:\FRST
2022-08-03 15:56 - 2022-08-03 15:56 - 002370048 _____ (Farbar) C:\Users\Matteo\Downloads\FRST64.exe
2022-08-03 15:53 - 2022-08-03 15:53 - 000051597 _____ C:\Users\Matteo\OneDrive\Documents\analyse.txt
2022-08-03 08:16 - 2022-08-03 08:16 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-08-03 08:16 - 2022-08-03 08:16 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-08-03 08:16 - 2022-08-03 08:16 - 000074704 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-08-03 08:09 - 2022-08-03 08:09 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-08-03 08:09 - 2022-08-03 08:09 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-08-03 08:09 - 2022-08-03 08:09 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-08-03 08:09 - 2022-08-03 08:09 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-08-03 08:09 - 2022-08-03 08:09 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-08-03 08:09 - 2022-08-03 08:09 - 000000000 ____D C:\Users\Matteo\AppData\Local\mbam
2022-08-03 08:08 - 2022-08-03 08:08 - 002556344 _____ (Malwarebytes) C:\Users\Matteo\Downloads\MBSetup.exe
2022-08-03 08:08 - 2022-08-03 08:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-08-03 08:08 - 2022-08-03 08:08 - 000000000 ____D C:\Program Files\Malwarebytes
2022-08-02 17:39 - 2022-08-02 17:39 - 000000000 ____D C:\Users\Matteo\AppData\LocalLow\Megagon Industries
2022-08-02 17:36 - 2022-08-02 17:36 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\HelloGames
2022-08-01 16:16 - 2022-08-01 16:16 - 000000000 ____D C:\Users\Matteo\AppData\Local\Kaspersky Lab
2022-07-30 19:18 - 2022-07-30 19:18 - 000000000 ____D C:\ProgramData\Piriform
2022-07-30 19:15 - 2022-08-03 08:18 - 000000000 ____D C:\Program Files\CCleaner
2022-07-30 19:15 - 2022-07-30 19:15 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-07-30 19:15 - 2022-07-30 19:15 - 000002908 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Matteo
2022-07-30 19:15 - 2022-07-30 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-07-29 20:09 - 2022-07-29 20:59 - 000000008 _____ C:\Users\Matteo\AppData\Roaming\DofusAppId0_3
2022-07-29 20:09 - 2022-07-29 20:09 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Dofus-3
2022-07-28 22:08 - 2022-07-28 22:08 - 000001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk
2022-07-28 22:08 - 2022-07-28 22:08 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2022-07-28 22:08 - 2022-07-28 22:08 - 000000000 ____D C:\Program Files (x86)\dotnet
2022-07-28 22:07 - 2022-07-28 22:07 - 000357136 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2022-07-28 22:06 - 2022-07-28 22:06 - 000376920 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2022-07-28 22:06 - 2022-07-28 22:06 - 000270752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2022-07-28 22:06 - 2022-07-28 22:06 - 000187200 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2022-07-28 22:05 - 2022-07-28 22:08 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-07-28 22:05 - 2022-07-28 22:08 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-07-28 22:05 - 2022-07-28 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2022-07-28 22:05 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2022-07-28 22:05 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2022-07-28 22:05 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2022-07-28 19:12 - 2022-07-30 18:37 - 000007606 _____ C:\Users\Matteo\AppData\Local\resmon.resmoncfg
2022-07-28 14:53 - 2022-07-28 17:04 - 000000008 _____ C:\Users\Matteo\AppData\Roaming\DofusAppId0_2
2022-07-28 14:53 - 2022-07-28 14:53 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Macromedia
2022-07-28 14:53 - 2022-07-28 14:53 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Dofus-2
2022-07-28 14:53 - 2022-07-28 14:53 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\AnkamaCertificates
2022-07-28 14:52 - 2022-07-29 20:59 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Dofus
2022-07-28 14:52 - 2022-07-29 20:09 - 000000117 _____ C:\Users\Matteo\AppData\Roaming\D2Info0
2022-07-28 14:52 - 2022-07-28 15:37 - 000000008 _____ C:\Users\Matteo\AppData\Roaming\DofusAppId0_1
2022-07-28 14:52 - 2022-07-28 14:52 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\[Worker].null
2022-07-28 02:29 - 2022-07-28 02:29 - 000000000 ____D C:\Users\Matteo\AppData\Local\Hk_project
2022-07-28 01:57 - 2022-07-28 02:19 - 2453404177 _____ C:\Users\Matteo\Downloads\Stray.zip
2022-07-28 01:52 - 2022-07-28 01:52 - 000000000 ___HD C:\ProgramData\Dllhost
2022-07-28 01:13 - 2022-08-03 08:15 - 000000000 ____D C:\Windows\system32\Tasks\Outbyte
2022-07-28 01:13 - 2022-08-03 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte
2022-07-28 01:11 - 2022-07-28 01:11 - 000000348 ____H C:\mib.bin
2022-07-28 00:47 - 2022-07-28 13:19 - 000000000 ____D C:\Program Files\WinRAR
2022-07-28 00:47 - 2022-07-28 01:00 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-07-28 00:47 - 2022-07-28 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-07-28 00:47 - 2022-07-28 00:52 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\WinRAR
2022-07-28 00:19 - 2022-08-03 15:24 - 000000000 ____D C:\ProgramData\ReasonSaferWebService
2022-07-28 00:19 - 2022-08-02 19:48 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\ReasonSaferWeb
2022-07-28 00:19 - 2022-07-28 00:19 - 000054144 _____ (Reason CyberSecurity Inc.) C:\Windows\system32\Drivers\rsDwf.sys
2022-07-28 00:19 - 2022-07-28 00:19 - 000000000 ____D C:\ProgramData\ReasonSaferWebBackup
2022-07-28 00:18 - 2022-08-03 15:18 - 000000000 ____D C:\ProgramData\RAVVPNService
2022-07-28 00:18 - 2022-08-03 15:05 - 000000000 ____D C:\ProgramData\Altruistics
2022-07-28 00:18 - 2022-08-03 04:24 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Altruistics
2022-07-28 00:18 - 2022-08-02 19:48 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\RAVVPN
2022-07-28 00:18 - 2022-07-28 00:19 - 000000000 ____D C:\Program Files\ReasonSaferWeb
2022-07-28 00:18 - 2022-07-28 00:18 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-07-28 00:18 - 2022-07-28 00:18 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\WeatherZero
2022-07-28 00:18 - 2022-07-28 00:18 - 000000000 ____D C:\ProgramData\RAVVPNBackup
2022-07-28 00:18 - 2022-07-28 00:18 - 000000000 ____D C:\Program Files\RAVVPN
2022-07-28 00:17 - 2022-07-28 23:05 - 000000000 ____D C:\Program Files (x86)\AuraproductionsBomida
2022-07-28 00:17 - 2022-07-28 00:17 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viewndow
2022-07-28 00:17 - 2022-07-28 00:17 - 000000000 ____D C:\ProgramData\SSO
2022-07-28 00:17 - 2022-07-28 00:17 - 000000000 ____D C:\Program Files (x86)\WeatherZero
2022-07-28 00:17 - 2022-07-28 00:17 - 000000000 ____D C:\Program Files (x86)\Altruistics
2022-07-28 00:17 - 2022-07-28 00:17 - 000000000 _____ C:\Windows\AlteratioInform.INI
2022-07-28 00:16 - 2022-07-28 00:16 - 000000000 ____D C:\Program Files (x86)\BrightTRAMPhviUtil
2022-07-27 23:52 - 2022-07-28 01:06 - 000684984 _____ (Mozilla Foundation) C:\Users\Matteo\AppData\LocalLow\freebl3.dll
2022-07-27 23:52 - 2022-07-28 01:06 - 000627128 _____ (Mozilla Foundation) C:\Users\Matteo\AppData\LocalLow\mozglue.dll
2022-07-27 23:52 - 2022-07-28 01:06 - 000254392 _____ (Mozilla Foundation) C:\Users\Matteo\AppData\LocalLow\softokn3.dll
2022-07-27 23:52 - 2022-07-28 01:06 - 000000162 _____ C:\Users\Matteo\AppData\LocalLow\nssdbm3.dll
2022-07-27 23:37 - 2022-07-27 23:37 - 000003600 _____ C:\Windows\system32\Tasks\AntiMalwareServiceExecutable
2022-07-27 23:37 - 2022-07-27 23:37 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpd
2022-07-27 23:37 - 2022-07-27 23:37 - 000000000 ____D C:\Windows\system32\Tasks\MicrosoftUpdateServices
2022-07-27 23:34 - 2022-07-28 22:30 - 000000000 ____D C:\Windows\system32\Tasks\AntiMalwareSericeExecutable
2022-07-27 23:34 - 2022-07-27 23:37 - 000000000 ____D C:\Windows\system32\Tasks\WindowsDefenderServices
2022-07-27 23:34 - 2022-07-27 23:37 - 000000000 ____D C:\Windows\system32\Tasks\SettingSysHost
2022-07-27 23:34 - 2022-07-27 23:34 - 000003586 _____ C:\Windows\system32\Tasks\SecurityHealthSystray
2022-07-27 23:34 - 2022-07-27 23:34 - 000003574 _____ C:\Windows\system32\Tasks\WindowsDefender
2022-07-27 23:34 - 2022-07-27 23:34 - 000003574 _____ C:\Windows\system32\Tasks\OneDriveService
2022-07-27 23:34 - 2022-07-27 23:34 - 000003560 _____ C:\Windows\system32\Tasks\WmiPrvSE
2022-07-27 23:34 - 2022-07-27 23:34 - 000003558 _____ C:\Windows\system32\Tasks\NvStray
2022-07-27 23:33 - 2022-07-28 00:34 - 000000000 ___HD C:\ProgramData\SystemFiles
2022-07-27 23:33 - 2022-07-28 00:33 - 000000000 ___HD C:\ProgramData\SystemData
2022-07-27 23:32 - 2022-07-27 23:32 - 000000000 ____D C:\Users\Matteo\AppData\Local\Yandex
2022-07-27 23:15 - 2022-07-27 23:15 - 000000000 ____D C:\Users\Matteo\AppData\Local\Ankama
2022-07-27 20:19 - 2022-07-30 05:31 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Ankama Launcher
2022-07-27 20:19 - 2022-07-30 02:55 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\zaap
2022-07-27 19:02 - 2022-07-27 19:02 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ankama
2022-07-27 19:02 - 2022-07-27 19:02 - 000000000 ____D C:\Users\Matteo\AppData\Local\zaap-updater
2022-07-25 22:19 - 2022-07-25 22:19 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\NVIDIA
2022-07-24 23:35 - 2022-07-25 04:17 - 000000000 ____D C:\Users\wind\AppData\Local\CrashDumps
2022-07-24 20:36 - 2022-07-24 20:36 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1025655619-4014309140-2894110501-1012
2022-07-24 08:46 - 2022-07-24 08:46 - 000000000 ____D C:\Users\wind\AppData\Local\PeerDistRepub
2022-07-23 20:51 - 2022-07-23 20:51 - 000000000 ____D C:\Users\wind\AppData\Local\Comms
2022-07-23 20:47 - 2022-07-23 20:47 - 000000000 ____D C:\Users\wind\AppData\LocalLow\Adobe
2022-07-23 20:47 - 2022-07-23 20:47 - 000000000 ____D C:\Users\wind\AppData\Local\SolidDocuments
2022-07-23 20:47 - 2022-07-23 20:47 - 000000000 ____D C:\Users\wind\AppData\Local\Adobe
2022-07-23 20:47 - 2022-07-23 20:47 - 000000000 ____D C:\Users\wind\.ms-ad
2022-07-23 20:37 - 2022-07-24 20:22 - 000000000 ____D C:\Users\wind\AppData\Local\PlaceholderTileLogoFolder
2022-07-23 20:37 - 2022-07-23 20:37 - 000000000 ____D C:\Users\wind\AppData\Local\D3DSCache
2022-07-23 20:36 - 2022-07-24 20:36 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1025655619-4014309140-2894110501-1012
2022-07-23 20:36 - 2022-07-23 20:36 - 000000000 ___RD C:\Users\wind\OneDrive
2022-07-23 20:36 - 2022-07-23 20:36 - 000000000 ____D C:\Users\wind\AppData\Local\bluesoleil
2022-07-23 20:35 - 2022-07-28 00:21 - 000000000 ____D C:\Users\wind
2022-07-23 20:35 - 2022-07-24 20:36 - 000002402 _____ C:\Users\wind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-23 20:35 - 2022-07-23 22:35 - 000000000 ____D C:\Users\wind\AppData\Local\Packages
2022-07-23 20:35 - 2022-07-23 20:47 - 000000000 ____D C:\Users\wind\AppData\Roaming\Adobe
2022-07-23 20:35 - 2022-07-23 20:38 - 000000000 ____D C:\Users\wind\AppData\Local\NVIDIA
2022-07-23 20:35 - 2022-07-23 20:37 - 000000000 ____D C:\Users\wind\AppData\Local\NVIDIA Corporation
2022-07-23 20:35 - 2022-07-23 20:36 - 000000000 ____D C:\Users\wind\AppData\Local\Steam
2022-07-23 20:35 - 2022-07-23 20:35 - 000000020 ___SH C:\Users\wind\ntuser.ini
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 _SHDL C:\Users\wind\Voisinage réseau
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 _SHDL C:\Users\wind\Voisinage d'impression
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 _SHDL C:\Users\wind\Modèles
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 _SHDL C:\Users\wind\Mes documents
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 _SHDL C:\Users\wind\Menu Démarrer
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 _SHDL C:\Users\wind\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 _SHDL C:\Users\wind\AppData\Local\Historique
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 ___RD C:\Users\wind\3D Objects
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 ____D C:\Users\wind\AppData\Local\VirtualStore
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 ____D C:\Users\wind\AppData\Local\Publishers
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 ____D C:\Users\wind\AppData\Local\Google
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 ____D C:\Users\wind\AppData\Local\ConnectedDevicesPlatform
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 ____D C:\Users\wind\AppData\Local\CEF
2022-07-23 20:35 - 2022-07-23 20:35 - 000000000 ____D C:\Users\wind\ansel
2022-07-22 22:48 - 2022-07-28 22:31 - 000000000 ____D C:\Program Files\RDP Wrapper
2022-07-22 22:48 - 2022-07-22 22:48 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2022-07-22 22:47 - 2022-07-22 22:47 - 000001874 _____ C:\Users\Matteo\AppData\Roaming\a.ps1
2022-07-18 19:45 - 2022-07-18 19:45 - 000693248 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-07-18 19:45 - 2022-07-18 19:45 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-07-18 19:45 - 2022-07-18 19:45 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-07-18 19:45 - 2022-07-18 19:45 - 000270848 _____ C:\Windows\system32\EsclScan.dll
2022-07-18 19:45 - 2022-07-18 19:45 - 000152064 _____ C:\Windows\system32\EsclProtocol.dll
2022-07-18 19:45 - 2022-07-18 19:45 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mode.com
2022-07-18 19:45 - 2022-07-18 19:45 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mode.com
2022-07-18 19:45 - 2022-07-18 19:45 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\tree.com
2022-07-18 19:45 - 2022-07-18 19:45 - 000018944 _____ C:\Windows\SysWOW64\WsdProviderUtil.dll
2022-07-18 19:45 - 2022-07-18 19:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tree.com
2022-07-18 19:45 - 2022-07-18 19:45 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\chcp.com
2022-07-18 19:45 - 2022-07-18 19:45 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chcp.com
2022-07-18 19:45 - 2022-07-18 19:45 - 000011811 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-07-18 19:44 - 2022-07-18 19:44 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-07-18 19:44 - 2022-07-18 19:44 - 000640512 _____ C:\Windows\system32\SettingSyncDownloadHelper.dll
2022-07-18 19:44 - 2022-07-18 19:44 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-07-18 19:44 - 2022-07-18 19:44 - 000061952 _____ C:\Windows\system32\printticketvalidation.dll
2022-07-18 19:44 - 2022-07-18 19:44 - 000057344 _____ C:\Windows\system32\APMonUI.dll
2022-07-18 19:44 - 2022-07-18 19:44 - 000024576 _____ C:\Windows\system32\WsdProviderUtil.dll
2022-07-18 19:14 - 2022-07-18 19:14 - 000000000 ___HD C:\$WinREAgent
2022-07-11 21:05 - 2022-07-12 09:22 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-07-11 21:05 - 2022-07-11 21:05 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2022-07-09 17:36 - 2022-07-09 17:36 - 000019048 _____ C:\Users\Matteo\Downloads\563_striking-dickgrils.webp
2022-07-09 17:04 - 2022-07-09 17:04 - 000062518 _____ C:\Users\Matteo\Downloads\4040ef36e369417447e34121b17b5cc0.webp

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-08-03 15:46 - 2022-04-27 05:51 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-08-03 15:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-03 15:24 - 2022-04-27 00:19 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-03 15:18 - 2022-04-27 14:47 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\discord
2022-08-03 15:17 - 2022-04-27 14:47 - 000000000 ____D C:\Users\Matteo\AppData\Local\Discord
2022-08-03 13:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-03 13:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-08-03 12:25 - 2022-04-27 02:29 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-03 08:23 - 2022-04-27 00:13 - 000840644 _____ C:\Windows\system32\PerfStringBackup.INI
2022-08-03 08:23 - 2019-12-07 16:49 - 000015312 _____ C:\Windows\system32\perfh00C.dat
2022-08-03 08:23 - 2019-12-07 16:49 - 000004620 _____ C:\Windows\system32\perfc00C.dat
2022-08-03 08:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-08-03 08:17 - 2022-04-27 00:29 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-03 08:16 - 2022-05-07 00:08 - 000000000 ____D C:\Program Files (x86)\Outbyte
2022-08-03 08:16 - 2022-04-27 10:23 - 000006508 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2022-08-03 08:16 - 2022-04-27 10:23 - 000000096 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2022-08-03 08:16 - 2022-04-27 05:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-08-03 08:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-08-03 08:16 - 2015-07-28 14:43 - 000001578 _____ C:\Windows\SysWOW64\bscs.ini
2022-08-03 08:15 - 2022-05-07 00:07 - 000000000 ____D C:\ProgramData\Outbyte
2022-08-03 08:15 - 2022-04-27 06:25 - 000000000 ____D C:\Users\Matteo\AppData\Local\Gh
2022-08-03 08:15 - 2022-04-27 05:55 - 000000000 ____D C:\Users\Matteo\AppData\Local\ClientPCSpeedup
2022-08-03 08:15 - 2022-04-27 00:15 - 000000000 ____D C:\Users\Matteo
2022-08-03 08:15 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2022-08-03 08:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-08-03 00:12 - 2022-04-28 02:28 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\CitizenFX
2022-08-02 20:29 - 2019-12-07 11:14 - 000000155 _____ C:\Windows\win.ini
2022-08-02 17:38 - 2022-04-27 00:16 - 000000000 ____D C:\Users\Matteo\AppData\Local\Packages
2022-08-02 17:37 - 2022-04-27 02:30 - 000000000 ____D C:\Users\Matteo\AppData\Local\CrashDumps
2022-08-02 17:33 - 2022-04-27 00:16 - 000000000 ____D C:\ProgramData\Packages
2022-08-02 04:46 - 2022-04-27 10:38 - 000000000 ____D C:\Users\Matteo\AppData\Local\ElevatedDiagnostics
2022-07-31 00:59 - 2022-04-27 10:28 - 000000302 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI
2022-07-30 19:21 - 2022-05-14 05:14 - 000000000 ____D C:\Windows\Minidump
2022-07-30 19:21 - 2022-04-27 06:50 - 000000000 ____D C:\Windows\Panther
2022-07-30 19:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-07-30 17:18 - 2022-04-27 05:51 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-30 17:16 - 2022-04-28 02:03 - 002754000 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-07-30 17:16 - 2022-04-28 02:03 - 000234960 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2022-07-30 17:16 - 2022-04-28 02:03 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2022-07-30 17:15 - 2022-04-28 02:03 - 000402904 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-07-30 17:15 - 2022-04-28 02:03 - 000198096 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-07-30 17:15 - 2022-04-28 02:03 - 000144856 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-07-30 17:15 - 2022-04-28 02:03 - 000067032 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2022-07-29 21:40 - 2022-04-28 02:14 - 000000000 ____D C:\Users\Matteo\AppData\Local\FiveM
2022-07-28 22:53 - 2021-02-19 21:09 - 000088328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpnpflt.sys
2022-07-28 22:42 - 2022-04-27 05:52 - 000000000 ____D C:\Users\Matteo\AppData\Local\BrightTRAMP
2022-07-28 22:30 - 2022-04-27 02:39 - 000000000 ___HD C:\Users\Matteo\AppData\Local\cache
2022-07-28 22:08 - 2022-04-27 00:21 - 000000000 ____D C:\ProgramData\Package Cache
2022-07-28 22:06 - 2022-04-27 06:21 - 000000000 ____D C:\Program Files\Common Files\AV
2022-07-28 22:05 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-07-28 22:04 - 2022-04-27 00:29 - 000006204 _____ C:\Users\Matteo\AppData\Roaming\listpr.txt
2022-07-28 22:04 - 2022-04-27 00:29 - 000000134 _____ C:\Users\Matteo\AppData\Roaming\aapr.txt
2022-07-28 22:04 - 2022-04-27 00:29 - 000000006 _____ C:\Users\Matteo\AppData\Roaming\listd.txt
2022-07-28 21:10 - 2022-04-27 02:40 - 000000000 ____D C:\Users\Matteo\AppData\Local\AMD
2022-07-28 19:49 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-07-28 19:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2022-07-28 13:41 - 2022-04-27 00:16 - 000000000 ____D C:\Users\Matteo\AppData\Local\D3DSCache
2022-07-28 13:28 - 2022-04-27 02:06 - 000004252 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1651018002
2022-07-28 13:28 - 2022-04-27 02:06 - 000001441 _____ C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2022-07-28 12:56 - 2022-04-27 00:16 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Adobe
2022-07-28 01:45 - 2022-04-27 00:29 - 000140800 _____ (M2-Team) C:\Users\Matteo\AppData\Roaming\NSudo.exe
2022-07-28 01:45 - 2022-04-27 00:29 - 000004212 _____ C:\Users\Matteo\AppData\Roaming\winpers.xml
2022-07-28 01:45 - 2022-04-27 00:29 - 000004186 _____ C:\Users\Matteo\AppData\Roaming\pe2ow.xml
2022-07-28 01:40 - 2022-05-09 20:04 - 000000000 ____D C:\Riot Games
2022-07-28 01:40 - 2022-05-08 19:19 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2022-07-28 01:40 - 2022-04-27 02:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2022-07-28 01:40 - 2022-04-27 01:57 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-07-28 01:28 - 2022-04-27 05:04 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\qBittorrent
2022-07-27 23:39 - 2022-04-27 00:18 - 000000000 ____D C:\Users\Matteo\AppData\Local\PlaceholderTileLogoFolder
2022-07-27 23:37 - 2022-04-27 00:18 - 000000000 ___RD C:\Users\Matteo\OneDrive
2022-07-27 23:35 - 2022-05-05 00:17 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Blitz
2022-07-27 23:33 - 2022-05-23 21:34 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Messenger
2022-07-27 23:32 - 2022-05-23 21:34 - 000000000 ____D C:\Users\Matteo\AppData\Local\Messenger
2022-07-27 18:10 - 2022-05-05 00:17 - 000000032 _____ C:\Users\Matteo\AppData\Roaming\.machineId
2022-07-27 18:09 - 2022-05-04 23:41 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Parsec
2022-07-26 17:13 - 2022-04-27 00:19 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1025655619-4014309140-2894110501-1001
2022-07-26 17:13 - 2022-04-27 00:18 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1025655619-4014309140-2894110501-1001
2022-07-26 17:13 - 2022-04-27 00:15 - 000002424 _____ C:\Users\Matteo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-23 20:51 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-07-23 20:38 - 2019-12-07 16:51 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-07-23 20:35 - 2022-04-27 00:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-07-23 20:35 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-07-22 16:40 - 2022-04-27 05:51 - 000267000 _____ C:\Windows\system32\FNTCACHE.DAT
2022-07-22 16:39 - 2022-04-30 14:10 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-07-22 16:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-07-21 08:25 - 2022-04-27 00:23 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-21 05:13 - 2022-04-27 05:51 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-21 05:13 - 2022-04-27 05:51 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-18 19:44 - 2022-04-27 05:54 - 003010560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-07-18 19:14 - 2022-04-27 08:23 - 000000000 ____D C:\Windows\system32\MRT
2022-07-18 19:09 - 2022-04-27 08:23 - 146546848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-07-12 16:55 - 2022-04-27 16:53 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-07-12 16:54 - 2022-04-27 16:53 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-07-12 09:22 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-07-12 07:06 - 2022-04-27 02:56 - 000000000 ____D C:\ProgramData\Riot Games
2022-07-11 21:21 - 2022-04-27 00:30 - 000004292 _____ C:\Windows\system32\Tasks\OneDrive Status Checker
2022-07-11 21:21 - 2022-04-27 00:29 - 000008454 _____ C:\Windows\system32\Tasks\OneDrive Status Checker Start
2022-07-11 21:04 - 2022-05-16 17:36 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Origin
2022-07-11 21:04 - 2022-05-01 00:54 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\.minecraft
2022-07-11 21:04 - 2022-04-27 06:40 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\VLTD App Executable
2022-07-11 21:04 - 2022-04-27 05:56 - 000000000 ____D C:\ProgramData\G Data
2022-07-11 21:04 - 2022-04-27 00:25 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\.az-client
2022-07-11 21:04 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2022-07-11 21:04 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\Configuration
2022-07-11 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-07-11 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2022-07-11 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\MUI
2022-07-11 21:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Com

==================== Fichiers à la racine de certains dossiers ========

2022-05-05 00:17 - 2022-07-27 18:10 - 000000032 _____ () C:\Users\Matteo\AppData\Roaming\.machineId
2022-07-22 22:47 - 2022-07-22 22:47 - 000001874 _____ () C:\Users\Matteo\AppData\Roaming\a.ps1
2022-04-27 00:29 - 2022-07-28 22:04 - 000000134 _____ () C:\Users\Matteo\AppData\Roaming\aapr.txt
2022-07-28 14:52 - 2022-07-29 20:09 - 000000117 _____ () C:\Users\Matteo\AppData\Roaming\D2Info0
2022-07-28 14:52 - 2022-07-28 15:37 - 000000008 _____ () C:\Users\Matteo\AppData\Roaming\DofusAppId0_1
2022-07-28 14:53 - 2022-07-28 17:04 - 000000008 _____ () C:\Users\Matteo\AppData\Roaming\DofusAppId0_2
2022-07-29 20:09 - 2022-07-29 20:59 - 000000008 _____ () C:\Users\Matteo\AppData\Roaming\DofusAppId0_3
2022-04-27 00:29 - 2022-07-28 22:04 - 000000006 _____ () C:\Users\Matteo\AppData\Roaming\listd.txt
2022-04-27 00:29 - 2022-07-28 22:04 - 000006204 _____ () C:\Users\Matteo\AppData\Roaming\listpr.txt
2022-04-27 00:29 - 2022-07-28 01:45 - 000140800 _____ (M2-Team) C:\Users\Matteo\AppData\Roaming\NSudo.exe
2022-04-27 00:29 - 2022-07-28 01:45 - 000004186 _____ () C:\Users\Matteo\AppData\Roaming\pe2ow.xml
2022-04-27 00:29 - 2022-07-28 01:45 - 000004212 _____ () C:\Users\Matteo\AppData\Roaming\winpers.xml
2022-05-03 05:08 - 2022-05-17 05:23 - 000000623 _____ () C:\Users\Matteo\AppData\Local\Params.xml
2022-07-28 19:12 - 2022-07-30 18:37 - 000007606 _____ () C:\Users\Matteo\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2022-07-28 00:34 C:\ProgramData\SystemFiles

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================