Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Exécuté par Yussay (administrateur) sur SOUL (Hewlett-Packard 500-333nf) (17-05-2023 23:46:07)
Exécuté depuis C:\Users\Yussay\Downloads\FRST64.exe
Profils chargés: Yussay
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.2965 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe <2>
(C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.389.1575.0.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Discord Inc. -> Discord Inc.) C:\Users\Yussay\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Integrated Device Technology Inc. -> Hewlett-Packard) [Fichier non signé] C:\Program Files\IDT\WDM\Beats64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\FeelgoodCortinaFLB\FeelgoodCortinaFLB.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_7a6856c74863ee34\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.389.1575.0.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Integrated Device Technology Inc. -> Hewlett-Packard) [Fichier non signé]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.) [Fichier non signé]
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [Discord] => C:\Users\Yussay\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-05-11] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [btweb] => C:\Users\Yussay\AppData\Roaming\BitTorrent Web\btweb.exe [6467592 2023-02-13] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [SteamServerBrowser] => C:\Users\Yussay\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe [345616 2022-12-11] (Lyrha Software Technologies Inc. -> )
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [MicrosoftEdgeAutoLaunch_89C3E480C3BF196FF062836C685AABC0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152256 2023-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [Opera Stable] => C:\Users\Yussay\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [Opera GX Stable] => C:\Users\Yussay\AppData\Local\Programs\Opera GX\launcher.exe (Pas de fichier)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Yussay\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [Opera Browser Assistant] => C:\Users\Yussay\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3970456 2023-05-16] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4113653084-1888890124-2763957774-1001\...\MountPoints2: {e06d46e7-d09c-11ec-8116-54bef76842bb} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2021-03-05]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0DE96A0F-EB49-4AEA-A8A4-F782329E0D4B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15204BEF-4E8C-4DC8-8916-313641521258} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1F0D0D34-EB6C-42D4-A8EC-86FDC91A91DC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32BD52CB-E5FD-4E73-B3E9-D532E9293984} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37892E30-EFF5-49D5-B5A0-9F75384EAC6A} - System32\Tasks\Opera scheduled assistant Autoupdate 1573174156 => C:\Users\Yussay\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Yussay\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {40CB6838-9EF1-4DDE-A219-E0F0947CCBDE} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)
Task: {467FE6E6-249F-434B-BD81-89C3295569F2} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1676386833 => C:\Users\Yussay\AppData\Local\Programs\Opera GX\launcher.exe--scheduledautoupdate --component-name=assistant --component-path="C:\Users\Yussay\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {596C7609-3346-4058-9AC6-09436FB5FDA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E48D6D1-FC75-434B-B263-2A2C5BFEFCAB} - System32\Tasks\Opera scheduled Autoupdate 1491612781 => C:\Users\Yussay\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software)
Task: {6114F465-FAEE-4FEA-AC46-07FE753EC8D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-03] (Google Inc -> Google Inc.)
Task: {616EE3CC-D5E2-47A8-9368-29FE94E2AB42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61C73C88-9ED6-4C3D-BCC7-EC6CCFAE750C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70FA4F16-84D6-4CC8-9B07-9D89B43C394D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-03] (Google Inc -> Google Inc.)
Task: {894BBC9C-674B-497C-B87F-94F8FDA05881} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)
Task: {8A75F7A6-C031-4155-AD3F-D9D049FB6D2E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A8AFA1B-7A8F-48B3-87A9-CB5F3AD08DD0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A27CC1F1-6860-4FA4-9B79-990F866846F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A5A09FFA-B0F0-49AC-8686-18B004624D58} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1C769C1-3021-49BA-ABBF-EB7A7515D1C7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B492343E-539A-4FFA-B587-A9340AA71214} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B59E826D-7826-424F-B72B-437D9584857D} - System32\Tasks\Opera GX scheduled Autoupdate 1675643501 => C:\Users\Yussay\AppData\Local\Programs\Opera GX\launcher.exe--scheduledautoupdate $(Arg0)
Task: {ECF0EC8A-F3F4-4F75-A2A8-FB02B67EE6CB} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-25] (Corel Corporation -> Corel Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84d0c757-9bbf-4b17-9a45-1fe3c87a3b3b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{98d825b6-5081-4c0f-96bf-6909c3806845}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d3515fd8-9a3d-4f4c-bace-aa0f957a2e0a}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f7c4a3dc-edf7-443e-859c-3647f80e36d6}: [DhcpNameServer] 109.0.66.10 109.0.66.20

Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-4113653084-1888890124-2763957774-1001 -> hxxp://www.google.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\Yussay\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-16]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Yussay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-05-16]
Edge Extension: (Edge relevant text changes) - C:\Users\Yussay\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-16]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Default [2023-05-17]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-04-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Profile: C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-16]
CHR Profile: C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-05-16]
CHR HomePage: Profile 2 -> hxxps://www.bing.com?pc=COS2&ptag=D092422-N0630A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975
CHR StartupUrls: Profile 2 -> "hxxps://www.bing.com?pc=COS2&ptag=D092422-N0630A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975"
CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D092422-N0640A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975
CHR DefaultSearchKeyword: Profile 2 -> Bing®
CHR DefaultSuggestURL: Profile 2 -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-13]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-05-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-05-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-10]
CHR Profile: C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-05-16]
CHR HomePage: Profile 3 -> hxxps://www.bing.com?pc=COS2&ptag=D092422-N0630A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975
CHR StartupUrls: Profile 3 -> "hxxps://www.bing.com?pc=COS2&ptag=D092422-N0630A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975"
CHR DefaultSearchURL: Profile 3 -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D092422-N0640A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975
CHR DefaultSearchKeyword: Profile 3 -> Bing®
CHR DefaultSuggestURL: Profile 3 -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-07-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-25]
CHR Extension: (Web Safety) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-09-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-27]
CHR Profile: C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-05-16]
CHR HomePage: Profile 4 -> hxxps://www.bing.com?pc=COS2&ptag=D092422-N0630A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975
CHR StartupUrls: Profile 4 -> "hxxps://www.bing.com?pc=COS2&ptag=D092422-N0630A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975"
CHR DefaultSearchURL: Profile 4 -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D092422-N0640A366DD6953C8B49FCA5F&form=CONBDF&conlogo=CT3331975
CHR DefaultSearchKeyword: Profile 4 -> Bing®
CHR DefaultSuggestURL: Profile 4 -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-09-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-25]
CHR Extension: (Web Safety) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-09-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-25]
CHR Profile: C:\Users\Yussay\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-16]

Opera:
=======
OPR Profile: C:\Users\Yussay\AppData\Roaming\Opera Software\Opera Stable [2023-05-17]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Yussay\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-09]
OPR Extension: (Opera Wallet) - C:\Users\Yussay\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-09]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Yussay\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-02-06]
StartMenuInternet: (HKU\S-1-5-21-4113653084-1888890124-2763957774-1001) Opera GXStable - "C:\Users\Yussay\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

"FeelgoodCortinaFLB" => service a été déverrouillé. <==== ATTENTION

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2021-04-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FeelgoodCortinaFLB; C:\Program Files (x86)\FeelgoodCortinaFLB\FeelgoodCortinaFLB.exe [3283968 2023-05-12] () [Fichier non signé] [Fichier en cours d'utilisation]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9084512 2023-05-16] (Malwarebytes Inc. -> Malwarebytes)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AltruisticsService; C:\Program Files (x86)\Altrst\Altruistic.exe -s [X]
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
S3 AvastSecureBrowserElevationService; "C:\Program Files (x86)\AVAST Software\Browser\Application\112.0.21002.138\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_7a6856c74863ee34\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_7a6856c74863ee34\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198112 2023-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-05-17] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 pbfilter; C:\Users\Yussay\AppData\Roaming\VidMasta\peerblock_vista_64\pbfilter.sys [22600 2022-08-04] (PeerBlock, LLC -> )
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-12] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-28] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-16] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl80570252; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3F456791-CF96-4AA2-AD31-50E06FBFEDEE}\MpKslDrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-05-17 23:46 - 2023-05-17 23:48 - 000026277 _____ C:\Users\Yussay\Downloads\FRST.txt
2023-05-17 23:44 - 2023-05-17 23:44 - 002382848 _____ (Farbar) C:\Users\Yussay\Downloads\FRST64.exe
2023-05-17 09:58 - 2023-05-17 09:58 - 000000219 _____ C:\Users\Yussay\Desktop\Counter-Strike Global Offensive.url
2023-05-17 09:50 - 2023-05-17 17:34 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-17 09:50 - 2023-05-17 09:50 - 000001043 _____ C:\Users\Public\Desktop\Steam.lnk
2023-05-17 09:49 - 2023-05-17 09:49 - 002296488 _____ C:\Users\Yussay\Downloads\SteamSetup.exe
2023-05-17 09:41 - 2023-05-17 09:41 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-05-17 09:35 - 2023-05-17 09:35 - 000000000 ____D C:\WINDOWS\LastGood
2023-05-17 09:30 - 2023-04-26 18:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-05-17 09:30 - 2023-04-26 18:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-05-17 09:30 - 2023-04-26 18:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-05-17 09:30 - 2023-04-26 18:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-05-17 09:30 - 2023-04-26 18:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-05-17 09:30 - 2023-04-26 18:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-05-17 09:30 - 2023-04-26 18:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-05-17 09:30 - 2023-04-26 18:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-05-17 09:30 - 2023-04-26 18:46 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-05-17 09:30 - 2023-04-26 18:46 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-05-17 09:30 - 2023-04-26 18:43 - 058251248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2023-05-17 09:30 - 2023-04-26 18:43 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-05-17 09:30 - 2023-04-26 18:43 - 001194480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-05-17 09:30 - 2023-04-26 18:43 - 000851968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-05-17 09:30 - 2023-04-26 18:43 - 000671256 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-05-17 09:30 - 2023-04-26 18:43 - 000506352 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-05-17 09:30 - 2023-04-26 18:42 - 002166296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-05-17 09:30 - 2023-04-26 18:42 - 001621016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-05-17 09:30 - 2023-04-26 18:42 - 000979456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-05-17 09:30 - 2023-04-26 18:42 - 000758768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-05-17 09:30 - 2023-04-26 18:42 - 000741400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-05-17 09:30 - 2023-04-26 18:41 - 013769216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-05-17 09:30 - 2023-04-26 18:41 - 011650048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-05-17 09:30 - 2023-04-26 18:41 - 006083568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-05-17 09:30 - 2023-04-26 18:41 - 005911024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-05-17 09:30 - 2023-04-26 18:41 - 005835288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-05-17 09:30 - 2023-04-26 18:41 - 003430448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-05-17 09:30 - 2023-04-26 18:41 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-05-17 09:30 - 2023-04-26 18:40 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-05-17 09:30 - 2023-04-26 18:39 - 006798792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-05-17 09:30 - 2023-04-26 01:34 - 000104369 _____ C:\WINDOWS\system32\nvinfo.pb
2023-05-16 23:08 - 2023-05-16 23:08 - 000000008 _____ C:\ProgramData\ntuser.pol
2023-05-16 20:58 - 2023-05-17 23:47 - 000000000 ____D C:\FRST
2023-05-16 16:23 - 2023-05-16 16:23 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-05-16 16:23 - 2023-05-16 16:23 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-05-16 16:19 - 2023-05-16 16:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-05-16 16:18 - 2023-05-16 16:18 - 002635568 _____ (Malwarebytes) C:\Users\Yussay\Downloads\MBSetup.exe
2023-05-15 14:24 - 2023-05-15 14:24 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-05-15 13:26 - 2023-05-16 03:32 - 000000000 ____D C:\WINDOWS\Minidump
2023-05-15 13:21 - 2023-05-15 14:14 - 000003286 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-4113653084-1888890124-2763957774-1001_4
2023-05-15 12:37 - 2023-05-15 12:37 - 000000000 ____D C:\@RestoreQuarantine
2023-05-15 12:26 - 2023-05-15 12:39 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo
2023-05-15 12:25 - 2023-05-15 12:29 - 000000000 ____D C:\Users\Yussay\AppData\Local\UnHackMe
2023-05-15 12:25 - 2023-05-15 12:25 - 000000000 ____D C:\Program Files (x86)\Greatis
2023-05-15 12:23 - 2023-05-15 12:24 - 036645810 _____ C:\Users\Yussay\Downloads\reanimator.zip
2023-05-15 01:46 - 2023-05-15 01:46 - 000000000 _____ C:\Users\Yussay\Documents\AAAAAAAA.txt
2023-05-14 21:42 - 2023-05-16 03:51 - 000000000 ____D C:\Users\Yussay\AppData\Local\Malwarebytes
2023-05-14 18:55 - 2023-05-14 18:55 - 000000000 ____D C:\Users\Yussay\AppData\Local\Gh
2023-05-14 18:54 - 2023-05-14 18:54 - 000016438 _____ C:\Users\Yussay\AppData\Local\partner.bmp
2023-05-14 18:52 - 2023-05-14 18:52 - 000000000 _____ C:\WINDOWS\WeapoBalance.INI
2023-05-14 18:51 - 2023-05-14 18:52 - 000000000 ____D C:\Program Files (x86)\FeelgoodCortinaFLB
2023-05-10 19:11 - 2023-05-10 19:12 - 012702298 _____ C:\Users\Yussay\Downloads\DBM.rar
2023-05-10 09:46 - 2023-05-10 09:46 - 000000000 ___HD C:\$WinREAgent
2023-05-05 02:33 - 2023-05-05 02:33 - 000001166 _____ C:\Users\Public\Desktop\Play Need for Speed Underground 2 Remastered.lnk
2023-05-05 02:33 - 2023-05-05 02:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed Underground 2 Remastered

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-05-17 23:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-17 23:36 - 2021-05-03 08:08 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4BE55EEF-D4F0-4312-98AE-B6C2349841C2}
2023-05-17 23:35 - 2020-11-28 00:56 - 000000000 ____D C:\Users\Yussay\AppData\Local\Discord
2023-05-17 23:35 - 2017-03-27 20:47 - 000000000 ____D C:\Users\Yussay\AppData\Roaming\discord
2023-05-17 23:34 - 2017-07-03 00:02 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-17 23:33 - 2021-05-03 07:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-17 18:42 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-17 18:42 - 2019-10-10 16:52 - 000000000 ____D C:\Users\Yussay\AppData\Local\D3DSCache
2023-05-17 16:54 - 2017-03-27 02:17 - 000000000 ____D C:\Users\Yussay\AppData\Local\CrashDumps
2023-05-17 12:25 - 2017-03-26 21:09 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-17 09:58 - 2017-04-09 00:21 - 000000000 ____D C:\Users\Yussay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-17 09:50 - 2017-04-08 02:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-05-17 09:47 - 2021-10-15 09:41 - 000004408 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1573174156
2023-05-17 09:44 - 2019-10-11 19:39 - 000000000 ____D C:\Users\Yussay\AppData\Local\NVIDIA
2023-05-17 09:40 - 2021-05-03 08:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-17 09:40 - 2020-09-03 03:23 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-17 09:39 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-17 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-17 09:19 - 2017-07-17 19:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-05-17 09:18 - 2021-05-03 08:08 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:18 - 2021-05-03 08:08 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:18 - 2019-11-27 18:03 - 000001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2023-05-17 09:17 - 2021-05-03 08:08 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:17 - 2021-05-03 08:08 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:17 - 2021-05-03 08:08 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:17 - 2021-05-03 08:08 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:17 - 2021-05-03 08:08 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:17 - 2021-05-03 08:08 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:17 - 2021-05-03 08:08 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-17 09:17 - 2017-07-17 19:47 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-05-17 09:17 - 2017-07-17 19:47 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-05-17 02:08 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-16 23:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-05-16 23:02 - 2017-03-26 21:48 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-05-16 22:36 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-05-16 17:51 - 2022-12-05 14:36 - 000000000 ____D C:\Users\Yussay\Downloads\WINDOWS_World of Warcraft 335a (1)
2023-05-16 16:22 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-05-16 16:19 - 2019-11-29 21:09 - 000000000 ____D C:\Program Files\Malwarebytes
2023-05-16 14:54 - 2023-03-09 14:37 - 000000000 ____D C:\ProgramData\Piriform
2023-05-16 13:46 - 2017-03-28 06:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-16 13:42 - 2019-10-08 14:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-16 13:32 - 2020-03-22 02:34 - 000000000 ____D C:\Users\Yussay\AppData\Local\TeamSpeak 3 Client
2023-05-16 13:32 - 2017-03-27 15:16 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-05-16 03:43 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2023-05-16 01:33 - 2023-03-09 15:23 - 000000000 ____D C:\Users\Yussay\AppData\Roaming\ReasonLabs
2023-05-16 00:30 - 2023-02-12 01:23 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2023-05-16 00:05 - 2021-05-03 07:48 - 000000000 ____D C:\Users\Yussay
2023-05-15 14:14 - 2023-02-14 17:00 - 000003750 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1676386833
2023-05-15 14:14 - 2023-02-06 02:31 - 000003514 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1675643501
2023-05-15 14:14 - 2021-12-16 18:26 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4113653084-1888890124-2763957774-1001
2023-05-15 14:14 - 2021-05-03 08:08 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-15 14:14 - 2021-05-03 08:08 - 000003592 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1491612781
2023-05-15 14:14 - 2021-05-03 08:08 - 000003526 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-15 14:14 - 2021-05-03 08:08 - 000003394 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-15 14:14 - 2021-05-03 08:08 - 000003302 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-15 14:14 - 2021-05-03 08:08 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4113653084-1888890124-2763957774-1001
2023-05-15 14:14 - 2021-05-03 08:08 - 000002682 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2023-05-15 14:14 - 2021-05-03 08:08 - 000002680 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2023-05-15 14:14 - 2021-05-03 08:08 - 000002680 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2023-05-15 12:45 - 2021-05-03 07:43 - 000267400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-15 12:37 - 2019-10-12 16:24 - 000000000 ____D C:\ProgramData\Tencent
2023-05-15 12:36 - 2020-04-06 15:57 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2023-05-15 03:05 - 2017-03-27 01:15 - 000000000 ____D C:\Users\Yussay\AppData\Roaming\TeamViewer
2023-05-15 01:50 - 2017-03-27 00:48 - 000000000 ____D C:\Users\Yussay\AppData\Roaming\Microsoft\MMC
2023-05-14 22:12 - 2022-11-28 13:09 - 000000000 ____D C:\Program Files (x86)\AdvancePCPro
2023-05-14 18:57 - 2022-11-28 13:09 - 000000000 ____D C:\ProgramData\AdvancePCPro
2023-05-14 18:46 - 2022-04-22 01:28 - 000000000 ____D C:\Users\Yussay\AppData\Local\Battle.net
2023-05-14 18:42 - 2022-04-22 01:26 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-05-13 21:18 - 2020-06-15 01:35 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-13 21:18 - 2020-06-15 01:35 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-13 21:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-13 12:54 - 2022-07-28 23:09 - 000002431 _____ C:\Users\Yussay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-12 16:35 - 2023-03-09 14:45 - 000000000 ____D C:\Users\Yussay\AppData\Local\Kamo
2023-05-12 16:33 - 2021-05-03 07:58 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-12 16:33 - 2019-12-07 16:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2023-05-12 16:33 - 2019-12-07 16:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2023-05-12 16:19 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-05-12 16:19 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\fr
2023-05-12 16:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-12 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-12 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-12 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-12 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-12 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-12 03:14 - 2022-04-22 00:54 - 000000000 ____D C:\Users\Yussay\Desktop\Screenshots
2023-05-10 10:35 - 2021-05-03 07:47 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-10 09:34 - 2017-06-30 21:04 - 000001419 _____ C:\Users\Yussay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-05-10 09:31 - 2017-03-28 06:02 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-09 03:30 - 2022-11-16 15:20 - 000000000 ____D C:\Users\Yussay\AppData\Local\NFS Underground 2
2023-05-05 02:31 - 2022-11-16 15:15 - 000000000 ____D C:\Program Files (x86)\DODI-Repacks
2023-05-04 17:40 - 2022-09-24 15:31 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-05-04 12:41 - 2020-08-23 00:09 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-04-26 18:39 - 2021-05-01 18:12 - 007935568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-04-26 01:34 - 2021-05-01 18:14 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2023-04-17 04:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-17 04:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-17 04:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-17 04:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-17 04:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-17 04:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-17 04:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

==================== Fichiers à la racine de certains dossiers ========

2019-12-12 01:33 - 2019-12-12 01:33 - 000220512 _____ () C:\Users\Yussay\AppData\Roaming\Begehobosu
2019-12-27 16:33 - 2019-12-27 16:33 - 000321299 _____ () C:\Users\Yussay\AppData\Roaming\Doledineka
2019-12-16 09:41 - 2019-12-16 09:41 - 000202165 _____ () C:\Users\Yussay\AppData\Roaming\Lodohigogof
2019-12-08 01:33 - 2019-12-08 01:33 - 000298700 _____ () C:\Users\Yussay\AppData\Roaming\Lupofakelih
2019-10-07 22:53 - 2019-10-07 22:53 - 000192076 _____ () C:\Users\Yussay\AppData\Roaming\Nenobobef
2017-04-09 01:53 - 2019-12-29 01:33 - 000000436 _____ () C:\Users\Yussay\AppData\Roaming\WB.CFG
2020-04-16 01:41 - 2020-04-16 01:41 - 000000000 _____ () C:\Users\Yussay\AppData\Local\BITE50D.tmp
2020-04-16 01:41 - 2020-04-16 01:41 - 000000000 _____ () C:\Users\Yussay\AppData\Local\BITE52D.tmp
2020-04-16 01:41 - 2020-04-16 01:41 - 000000000 _____ () C:\Users\Yussay\AppData\Local\BITE54D.tmp
2023-05-14 18:54 - 2023-05-14 18:54 - 000016438 _____ () C:\Users\Yussay\AppData\Local\partner.bmp
2020-03-29 12:09 - 2022-12-28 20:00 - 000007635 _____ () C:\Users\Yussay\AppData\Local\Resmon.ResmonCfg
2021-03-04 20:13 - 2021-03-04 20:13 - 000000000 _____ () C:\Users\Yussay\AppData\Local\{0E14F7F4-DE21-4A51-BE03-52950DB66206}
2021-01-03 19:29 - 2021-01-03 19:29 - 000000000 _____ () C:\Users\Yussay\AppData\Local\{51189DDF-60EB-4568-9DD1-F2C79C48B1A0}
2021-03-05 04:01 - 2021-03-05 04:01 - 000000000 _____ () C:\Users\Yussay\AppData\Local\{818CC13C-DDF5-4EB5-8488-4F8D7506BCF0}
2021-02-27 21:04 - 2021-02-27 21:04 - 000000000 _____ () C:\Users\Yussay\AppData\Local\{DA90146B-EED7-4EB5-92E5-A7498F990F9F}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================