Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Exécuté par AMPY (administrateur) sur DESKTOP-7868H5L (Micro-Star International Co., Ltd. GE62 6QF) (26-08-2022 14:18:15)
Exécuté depuis C:\Users\AMPY\Desktop
Profils chargés: AMPY
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\89.0.4447.83\opera_crashreporter.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\AMPY\ZHPSuite.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <27>
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7b7c820d186f8dec\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7b7c820d186f8dec\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.534.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\UniConverter 14 for Windows\WSVCUUpdateHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [utweb] => "C:\Users\AMPY\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31190360 2021-10-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [MicrosoftEdgeAutoLaunch_6342EF00F3E0BD643B35E0FF1CAB9706] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MG7700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCP.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7700 series: C:\WINDOWS\system32\CNMLMCP.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-24] (Google LLC -> Google LLC)
IFEO\EOSnotify.exe: [Debugger] /
IFEO\InstallAgent.exe: [Debugger] /
IFEO\MusNotification.exe: [Debugger] /
IFEO\MusNotificationUx.exe: [Debugger] /
IFEO\remsh.exe: [Debugger] /
IFEO\SihClient.exe: [Debugger] /
IFEO\UpdateAssistant.exe: [Debugger] /
IFEO\upfc.exe: [Debugger] /
IFEO\UsoClient.exe: [Debugger] /
IFEO\WaaSMedic.exe: [Debugger] /
IFEO\WaasMedicAgent.exe: [Debugger] /
IFEO\Windows10Upgrade.exe: [Debugger] /
IFEO\Windows10UpgraderApp.exe: [Debugger] /
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-10-16]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {009F7043-8AFA-4607-8B29-BE6AB555F19F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-10] (Google Inc -> Google Inc.)
Task: {03B564DA-75A5-4A34-A47B-BDB2D8DA6DA0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {108711F7-6488-41AE-AF87-E64C12BA1006} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {15590CFC-65F7-434F-84CC-F74523F9AC1D} - System32\Tasks\microsoft office 15 sync maintenance for desktop-7868h5l-ampy desktop-7868h5l => D:\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {15E5D227-3EF9-49C1-B997-EB9B2F1C0290} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1AAF017E-974C-405B-838A-92CFE3DF76C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {250F9A82-D5F9-4FF0-BEAC-20FF146FB357} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {296AC6ED-833B-4537-9877-8A9F65A2C577} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2AA92E1F-DF63-4225-80A6-41B8E6B2F316} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-23] (Microsoft Windows -> Microsoft Corporation)
Task: {3721E39A-D2CB-437F-B618-63CF67260D95} - System32\Tasks\ccleaner update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {3DB828F7-C1DF-47F0-9D57-A1E2BADE8A3F} - System32\Tasks\adobe acrobat update task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {541364BB-142F-4CCB-98B8-2F158F572B9A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C29C691-DD80-4A88-B423-CE7464EF024D} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-23] (Microsoft Windows -> Microsoft Corporation)
Task: {66DAE113-7EF3-4ACD-9ED6-18F4F9C0013E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {685B8C7E-967E-49BB-8AF5-B3DFA1274F0B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CE241FE-6BA8-4ED8-B986-3A7ABE5CE1F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73B7EB53-3126-4C5D-A714-7FCA9ACE919A} - System32\Tasks\Nahimic2svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Pas de fichier)
Task: {762A1402-895C-40EC-BE4D-4DFFBA20EE72} - System32\Tasks\adobe flash player updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {783D2D44-0655-4530-8851-E0582C88EAAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-10] (Google Inc -> Google Inc.)
Task: {7A1A38E6-BDC2-4B7B-937F-398CC637733A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7E07A8AB-0E88-49E7-BBD9-53DB8AB00AC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {91E73CEC-BF6F-4142-8319-119C0D49C1F1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {99BD25EF-9674-448F-86D1-957B884A809F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCDED98-7F0F-4021-8600-96EB989B6785} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2A68947-6EA9-48F8-88DA-96FBAA7F8CDB} - System32\Tasks\intel ptt ek recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {A923934D-468B-405B-981B-7D00DBADFCCD} - System32\Tasks\opera scheduled autoupdate 1519249442 => C:\Program Files\Opera\launcher.exe [2527216 2022-08-03] (Opera Norway AS -> Opera Software)
Task: {D370A03C-B38C-4ED6-835B-F855DAC08722} - System32\Tasks\Nahimic2svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Pas de fichier)
Task: {DE8B3C7B-C312-421B-B108-111CDB971081} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2021-10-06] (Garmin International, Inc. -> )
Task: {E25DB098-BF18-4B6D-889D-37B378DE264C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E6394B88-5A4E-4A2D-81D1-3F95862E56AF} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Pas de fichier)
Task: {E842FD8D-6CEF-46CF-9ADB-569D94783782} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB853945-2C12-4BB9-B003-C5C3D1B6E6EC} - System32\Tasks\CCleanerSkipUAC - AMPY => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ED93F8A7-D4A7-4481-8044-ED117376A194} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2120058573-845275958-319147610-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {F260E2BD-8D4D-4E91-871C-D47E993C622B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7339470-21B5-4B50-9B74-6506D4C20CCB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download
Task: {FB990B5A-2932-46C9-AB90-3F2135E011DD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC12D5C2-3B81-45BB-8C63-2297FE4BDC5B} - System32\Tasks\Opera scheduled assistant Autoupdate 1582795392 => C:\Program Files\Opera\launcher.exe [2527216 2022-08-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{43e1808e-c5c0-4bc2-bfe1-7821970c3c29}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7b9bcc1c-42ad-4f9b-a956-0a1ccd2a1c53}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{7b9bcc1c-42ad-4f9b-a956-0a1ccd2a1c53}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c863fdce-1667-4c74-a2b9-db5f9ee1ba90}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\AMPY\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-26]
FireFox:
========
FF DefaultProfile: 2wy8m6pi.default
FF ProfilePath: C:\Users\AMPY\AppData\Roaming\Mozilla\Firefox\Profiles\2wy8m6pi.default [2020-06-05]
FF ProfilePath: C:\Users\AMPY\AppData\Roaming\Mozilla\Firefox\Profiles\846cao1v.default-release [2022-08-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default [2022-08-26]
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-10]
CHR Extension: (Docs) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-10]
CHR Extension: (Google Drive) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-10]
CHR Extension: (YouTube) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-10]
CHR Extension: (uBlock Origin) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-02]
CHR Extension: (Adobe Acrobat) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-02]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-06-02]
CHR Extension: (Sheets) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-10]
CHR Extension: (Stylish – Thèmes personnalisés pour sites Web) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2019-04-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-02]
CHR Extension: (Avast Online Security) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-02]
CHR Extension: (Ace Script) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-04-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-05]
CHR Extension: (Cite This For Me: Web Citer) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle [2018-01-11]
CHR Extension: (Gmail) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Opera:
=======
OPR Profile: C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable [2022-08-26]
OPR Notifications: Opera Stable -> hxxps://www.cnetfrance.fr; hxxps://www.courrierinternational.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (BetterTTV) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\deofbbdfofnmppcjbhjibgodpcdchjii [2019-07-13] [UpdateUrl:hxxps://nightdev.com/betterttv/opera/update.xml] <==== ATTENTION
OPR Extension: (Rich Hints Agent) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-31]
OPR Extension: (Opera Crypto Wallet) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-17]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-26]
OPR Extension: (Bookmarks Import & Export) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhcddilnfoiiplehpjihipcocdplljn [2018-09-26]
Brave:
=======
BRA Profile: C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-08-26]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-05-08]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-05-08]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-05-08]
BRA Extension: (PDF Viewer) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-01-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-05-08]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-17] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-16] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483376 2018-06-15] (Rivet Networks LLC -> Rivet Networks)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-08-26] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-06-15] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl6a3ed059; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C143DAB7-9F2D-40D8-8D51-2BEC316A43FA}\MpKslDrv.sys [141576 2022-08-26] (Microsoft Windows -> Microsoft Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48320 2018-08-20] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48056 2018-09-13] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-08-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-08-25] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-26 14:16 - 2022-08-26 14:16 - 000471591 _____ C:\Users\AMPY\Desktop\ZHPDiag.html
2022-08-26 14:08 - 2022-08-26 14:08 - 003505864 _____ (Nicolas Coolman) C:\Users\AMPY\ZHPSuite.exe
2022-08-26 12:53 - 2022-08-26 12:53 - 000001834 _____ C:\Users\AMPY\Desktop\MBAM.txt
2022-08-26 11:33 - 2022-08-26 11:33 - 000000000 ____D C:\Users\AMPY\AppData\Local\mbam
2022-08-26 11:32 - 2022-08-26 11:32 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-08-26 11:32 - 2022-08-26 11:32 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-08-26 11:32 - 2022-08-26 11:32 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-08-26 11:32 - 2022-08-26 11:32 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-08-26 11:31 - 2022-08-26 11:30 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-08-26 11:30 - 2022-08-26 11:30 - 002556344 _____ (Malwarebytes) C:\Users\AMPY\Downloads\MBSetup.exe
2022-08-26 11:20 - 2022-08-26 11:20 - 000002153 _____ C:\Users\AMPY\Desktop\AdwCleaner[C00].txt
2022-08-26 11:18 - 2022-08-26 11:25 - 000000198 _____ C:\Users\AMPY\Desktop\aide 1.txt
2022-08-26 11:18 - 2022-08-26 11:19 - 000000000 ____D C:\AdwCleaner
2022-08-26 11:18 - 2022-08-26 11:18 - 008551608 _____ (Malwarebytes) C:\Users\AMPY\Downloads\adwcleaner_8.3.2.exe
2022-08-26 11:16 - 2022-08-26 11:16 - 000000000 _____ C:\Users\AMPY\Desktop\Nouveau document texte.txt
2022-08-26 11:03 - 2022-08-26 11:03 - 000020068 _____ C:\Users\AMPY\Desktop\ZHPCleaner (R).txt
2022-08-26 10:55 - 2022-08-26 10:55 - 000021821 _____ C:\Users\AMPY\Desktop\ZHPCleaner (S).txt
2022-08-26 10:43 - 2022-08-26 10:43 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner (1).exe
2022-08-26 10:43 - 2022-08-26 10:43 - 000000910 _____ C:\Users\AMPY\Desktop\ZHPCleaner.lnk
2022-08-25 22:39 - 2022-01-28 17:20 - 000000000 ____D C:\Users\AMPY\Downloads\Wub
2022-08-25 22:39 - 2022-01-28 17:20 - 000000000 ____D C:\Users\AMPY\Desktop\Wub
2022-08-25 22:38 - 2022-08-25 22:38 - 001036162 _____ C:\Users\AMPY\Downloads\Wub.zip
2022-08-23 22:37 - 2022-08-26 14:16 - 000384608 _____ C:\Users\AMPY\Desktop\ZHPDiag_2.txt
2022-08-23 22:28 - 2022-08-26 14:16 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\ZHP
2022-08-23 22:28 - 2022-08-26 14:08 - 000000723 _____ C:\Users\AMPY\Desktop\ZHPSuite.lnk
2022-08-23 22:28 - 2022-08-26 10:43 - 000000000 ____D C:\Users\AMPY\AppData\Local\ZHP
2022-08-23 22:27 - 2022-08-23 22:27 - 003562696 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPSuite.exe
2022-08-23 22:00 - 2022-08-23 22:00 - 000069160 _____ C:\Users\AMPY\Desktop\Addition.txt
2022-08-23 21:59 - 2022-08-26 14:19 - 000031476 _____ C:\Users\AMPY\Desktop\FRST.txt
2022-08-23 21:54 - 2022-08-23 21:54 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-23 21:54 - 2022-08-23 21:54 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-23 21:54 - 2022-08-23 21:54 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-08-23 21:54 - 2022-08-23 21:54 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-08-23 21:54 - 2022-08-23 21:54 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-08-23 21:54 - 2022-08-23 21:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-08-23 21:54 - 2022-08-23 21:54 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-08-23 21:53 - 2022-08-23 21:53 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-08-23 21:53 - 2022-08-23 21:53 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-08-23 21:52 - 2022-08-23 21:52 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-08-23 21:52 - 2022-08-23 21:52 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-08-23 21:52 - 2022-08-23 21:52 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-08-23 21:52 - 2022-08-23 21:52 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-08-23 21:52 - 2022-08-23 21:52 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-08-23 21:52 - 2022-08-23 21:52 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-08-23 21:52 - 2022-08-23 21:52 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-23 21:51 - 2022-08-23 21:51 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-08-23 21:50 - 2022-08-23 21:50 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-08-23 21:50 - 2022-08-23 21:50 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-08-23 21:48 - 2022-08-23 21:48 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-23 21:47 - 2022-08-23 21:47 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-08-23 21:47 - 2022-08-23 21:47 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-08-23 21:46 - 2022-08-23 21:46 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-08-23 21:45 - 2022-08-23 21:45 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-08-23 21:45 - 2022-08-23 21:45 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-23 21:44 - 2022-08-26 14:18 - 000000000 ____D C:\FRST
2022-08-23 21:44 - 2022-08-23 21:44 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-23 21:44 - 2022-08-23 21:44 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-23 21:44 - 2022-08-23 21:44 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-23 21:43 - 2022-08-23 21:43 - 002371072 _____ (Farbar) C:\Users\AMPY\Desktop\FRST64.exe
2022-08-17 23:58 - 2022-08-17 23:58 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner.exe
2022-08-17 23:48 - 2022-08-17 23:48 - 049899376 _____ (Piriform Software Ltd) C:\Users\AMPY\Downloads\ccsetup602.exe
2022-08-17 23:22 - 2022-08-17 23:22 - 003103946 _____ C:\Users\AMPY\Downloads\rock-en-seine-dimanche-28-aout-2022-tickets-79472815.pdf
2022-08-17 23:13 - 2022-08-17 23:13 - 000000000 ___HD C:\$WinREAgent
2022-08-09 23:20 - 2022-08-09 23:20 - 000097801 _____ C:\Users\AMPY\Downloads\coordonnees-bancaires-fortuneo (3).pdf
2022-08-09 23:16 - 2022-08-09 23:16 - 000097801 _____ C:\Users\AMPY\Downloads\coordonnees-bancaires-fortuneo (2).pdf
2022-08-09 23:09 - 2022-08-25 22:48 - 000020888 _____ C:\Users\AMPY\Desktop\Crowdlending.xlsx
2022-08-03 19:24 - 2022-08-23 23:03 - 000005278 _____ C:\WINDOWS\system32\Tasks\microsoft office 15 sync maintenance for desktop-7868h5l-ampy desktop-7868h5l
2022-08-02 10:00 - 2022-08-02 10:01 - 000000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-08-02 09:45 - 2022-08-02 09:45 - 049512448 _____ C:\Users\AMPY\Desktop\DSC04878.jpeg
2022-07-31 21:26 - 2022-07-31 21:26 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2022-07-31 21:25 - 2022-07-31 21:25 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\Wondershare
2022-07-31 21:23 - 2022-07-31 21:25 - 000000000 ____D C:\Users\AMPY\AppData\Local\Wondershare
2022-07-31 21:23 - 2022-07-31 21:23 - 000000000 ____D C:\ProgramData\GraphicsType14
2022-07-31 21:22 - 2022-08-26 10:38 - 000000000 ____D C:\ProgramData\Wondershare
2022-07-31 21:22 - 2022-08-26 10:38 - 000000000 ____D C:\Program Files\Wondershare
2022-07-31 21:19 - 2022-07-31 21:23 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-07-31 21:19 - 2022-07-31 21:19 - 001647688 ____N C:\Users\AMPY\Downloads\uniconverter14_setup_full14224.exe
2022-07-28 22:04 - 2022-07-28 22:04 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582795392
2022-07-28 22:04 - 2022-07-28 22:04 - 000000000 ____D C:\Users\AMPY\Documents\Sony
2022-07-28 21:58 - 2022-07-28 21:58 - 099557606 _____ C:\Users\AMPY\Downloads\RAW_Viewer_4_0_win (2).zip
2022-07-28 21:58 - 2022-02-16 21:00 - 100238896 _____ (Sony Corporation) C:\Users\AMPY\Downloads\RAW_Viewer_4_0.exe
2022-07-28 21:58 - 2022-02-16 21:00 - 000001591 _____ C:\Users\AMPY\Downloads\ReleaseNote.txt
2022-07-28 21:54 - 2022-07-28 21:57 - 099557464 _____ C:\Users\AMPY\Downloads\RAW_Viewer_4_0_win.zip
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-26 14:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-26 14:08 - 2022-04-13 22:33 - 000000000 ____D C:\Users\AMPY
2022-08-26 12:52 - 2022-04-13 22:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-26 12:25 - 2018-01-10 23:39 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-26 11:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-26 11:31 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-26 11:30 - 2020-06-02 21:55 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-08-26 11:30 - 2020-06-02 21:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-08-26 11:30 - 2020-06-02 21:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-08-26 11:26 - 2022-04-13 22:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-26 11:26 - 2021-10-24 19:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-26 11:25 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-08-26 11:18 - 2020-06-02 16:50 - 000000000 ____D C:\Program Files (x86)\360
2022-08-26 11:16 - 2022-04-13 22:39 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-26 11:16 - 2019-12-07 16:49 - 000792878 _____ C:\WINDOWS\system32\perfh00C.dat
2022-08-26 11:16 - 2019-12-07 16:49 - 000150008 _____ C:\WINDOWS\system32\perfc00C.dat
2022-08-26 11:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-26 11:10 - 2022-04-13 22:26 - 000468568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-26 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-26 11:09 - 2018-02-21 23:43 - 000000000 ____D C:\Program Files\Opera
2022-08-26 11:09 - 2018-01-11 00:12 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-08-26 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-26 11:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-08-26 10:56 - 2022-04-13 22:54 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-26 10:56 - 2019-10-03 19:12 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-08-26 10:40 - 2018-04-12 20:57 - 000000000 ____D C:\Users\AMPY\AppData\Local\CrashDumps
2022-08-26 10:22 - 2018-01-11 20:50 - 000000000 ____D C:\ProgramData\Nahimic22.5.24
2022-08-26 10:20 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-08-26 09:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-25 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-08-25 22:37 - 2018-01-10 23:29 - 000000000 ___RD C:\Users\AMPY\OneDrive
2022-08-25 22:35 - 2018-02-18 03:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-08-25 22:34 - 2020-06-02 21:44 - 000000000 __SHD C:\$360Section
2022-08-25 22:34 - 2020-06-02 16:51 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\360DesktopLite
2022-08-25 22:31 - 2019-04-11 22:37 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\Discord
2022-08-25 22:31 - 2019-04-11 22:35 - 000000000 ____D C:\Users\AMPY\AppData\Local\Discord
2022-08-23 23:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-23 23:13 - 2018-01-11 01:55 - 000000000 ____D C:\Users\AMPY\AppData\Local\Packages
2022-08-23 23:09 - 2018-11-11 13:14 - 000000000 ____D C:\Users\AMPY\AppData\Local\Blizzard Entertainment
2022-08-23 23:09 - 2018-11-11 13:09 - 000000000 ____D C:\Users\AMPY\AppData\Local\Blizzard
2022-08-23 23:08 - 2019-02-04 00:26 - 000000000 ____D C:\Users\AMPY\AppData\Local\Ubisoft Game Launcher
2022-08-23 23:08 - 2019-02-04 00:26 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2022-08-23 23:04 - 2019-04-09 18:27 - 000000000 ____D C:\ProgramData\Origin
2022-08-23 23:00 - 2019-01-15 20:46 - 000000000 ____D C:\Users\AMPY\AppData\Local\IIIQF
2022-08-23 22:59 - 2018-03-19 22:15 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games
2022-08-23 21:47 - 2020-06-25 09:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-23 21:47 - 2020-06-25 09:07 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-23 21:44 - 2022-04-13 22:29 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-23 21:32 - 2018-04-27 21:30 - 000000000 ____D C:\Program Files\CCleaner
2022-08-23 21:31 - 2022-04-13 22:54 - 000003048 _____ C:\WINDOWS\system32\Tasks\ccleaner update
2022-08-17 23:53 - 2018-02-21 23:57 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-17 23:47 - 2020-06-07 19:57 - 000000000 ____D C:\Program Files (x86)\Citrix
2022-08-17 23:47 - 2020-03-17 12:11 - 000000000 ____D C:\ProgramData\Citrix
2022-08-17 23:36 - 2022-03-06 21:33 - 000000000 ___DC C:\WINDOWS\Panther
2022-08-17 23:09 - 2018-01-11 01:30 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-08-17 23:06 - 2022-04-13 22:54 - 000003380 _____ C:\WINDOWS\system32\Tasks\opera scheduled autoupdate 1519249442
2022-08-17 23:06 - 2018-02-21 23:44 - 000001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-08-17 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-17 21:41 - 2018-01-12 01:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-17 21:35 - 2022-04-13 22:54 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-17 21:35 - 2022-04-13 22:54 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-17 21:35 - 2018-01-12 01:00 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-03 19:38 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-08-03 19:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-08-03 19:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-08-02 10:02 - 2018-02-08 15:22 - 000000000 ____D C:\Users\AMPY\AppData\Local\PlaceholderTileLogoFolder
2022-08-02 09:35 - 2022-03-28 23:32 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\CyberGhost
2022-07-28 22:56 - 2018-09-23 22:25 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2020-02-06 00:01 - 2020-02-06 00:01 - 020374248 _____ (monalbumphoto ) C:\ProgramData\monalbumphoto_setup.exe
2022-08-26 14:08 - 2022-08-26 14:08 - 003505864 _____ (Nicolas Coolman) C:\Users\AMPY\ZHPSuite.exe
2019-01-04 14:08 - 2019-01-04 14:08 - 000000410 _____ () C:\Users\AMPY\AppData\Local\oobelibMkey.log
==================== SigCheckExt =========================
2022-08-26 14:08 - 2022-08-26 14:08 - 003505864 _____ (Nicolas Coolman) C:\Users\AMPY\ZHPSuite.exe
2022-08-23 21:43 - 2022-08-23 21:43 - 002371072 _____ (Farbar) C:\Users\AMPY\Desktop\FRST64.exe
2022-08-26 10:43 - 2022-08-26 10:43 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner (1).exe
2022-08-17 23:58 - 2022-08-17 23:58 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner.exe
2022-08-23 22:27 - 2022-08-23 22:27 - 003562696 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {3c26f6d1-bb70-11ec-be8d-85612919d896}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3c26f6d3-bb70-11ec-be8d-85612919d896}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
flightsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {3c26f6d1-bb70-11ec-be8d-85612919d896}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {3c26f6d3-bb70-11ec-be8d-85612919d896}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{3c26f6d4-bb70-11ec-be8d-85612919d896}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{3c26f6d4-bb70-11ec-be8d-85612919d896}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {3c26f6d1-bb70-11ec-be8d-85612919d896}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3c26f6d3-bb70-11ec-be8d-85612919d896}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {3c26f6d4-bb70-11ec-be8d-85612919d896}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par AMPY (administrateur) sur DESKTOP-7868H5L (Micro-Star International Co., Ltd. GE62 6QF) (26-08-2022 14:18:15)
Exécuté depuis C:\Users\AMPY\Desktop
Profils chargés: AMPY
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\89.0.4447.83\opera_crashreporter.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\AMPY\ZHPSuite.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <27>
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7b7c820d186f8dec\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7b7c820d186f8dec\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.534.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\UniConverter 14 for Windows\WSVCUUpdateHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38274576 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [utweb] => "C:\Users\AMPY\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31190360 2021-10-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Run: [MicrosoftEdgeAutoLaunch_6342EF00F3E0BD643B35E0FF1CAB9706] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827128 2022-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2120058573-845275958-319147610-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MG7700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCP.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7700 series: C:\WINDOWS\system32\CNMLMCP.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-24] (Google LLC -> Google LLC)
IFEO\EOSnotify.exe: [Debugger] /
IFEO\InstallAgent.exe: [Debugger] /
IFEO\MusNotification.exe: [Debugger] /
IFEO\MusNotificationUx.exe: [Debugger] /
IFEO\remsh.exe: [Debugger] /
IFEO\SihClient.exe: [Debugger] /
IFEO\UpdateAssistant.exe: [Debugger] /
IFEO\upfc.exe: [Debugger] /
IFEO\UsoClient.exe: [Debugger] /
IFEO\WaaSMedic.exe: [Debugger] /
IFEO\WaasMedicAgent.exe: [Debugger] /
IFEO\Windows10Upgrade.exe: [Debugger] /
IFEO\Windows10UpgraderApp.exe: [Debugger] /
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-10-16]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {009F7043-8AFA-4607-8B29-BE6AB555F19F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-10] (Google Inc -> Google Inc.)
Task: {03B564DA-75A5-4A34-A47B-BDB2D8DA6DA0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {108711F7-6488-41AE-AF87-E64C12BA1006} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {15590CFC-65F7-434F-84CC-F74523F9AC1D} - System32\Tasks\microsoft office 15 sync maintenance for desktop-7868h5l-ampy desktop-7868h5l => D:\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {15E5D227-3EF9-49C1-B997-EB9B2F1C0290} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1AAF017E-974C-405B-838A-92CFE3DF76C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {250F9A82-D5F9-4FF0-BEAC-20FF146FB357} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {296AC6ED-833B-4537-9877-8A9F65A2C577} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2AA92E1F-DF63-4225-80A6-41B8E6B2F316} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-23] (Microsoft Windows -> Microsoft Corporation)
Task: {3721E39A-D2CB-437F-B618-63CF67260D95} - System32\Tasks\ccleaner update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {3DB828F7-C1DF-47F0-9D57-A1E2BADE8A3F} - System32\Tasks\adobe acrobat update task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {541364BB-142F-4CCB-98B8-2F158F572B9A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C29C691-DD80-4A88-B423-CE7464EF024D} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-23] (Microsoft Windows -> Microsoft Corporation)
Task: {66DAE113-7EF3-4ACD-9ED6-18F4F9C0013E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {685B8C7E-967E-49BB-8AF5-B3DFA1274F0B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CE241FE-6BA8-4ED8-B986-3A7ABE5CE1F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73B7EB53-3126-4C5D-A714-7FCA9ACE919A} - System32\Tasks\Nahimic2svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Pas de fichier)
Task: {762A1402-895C-40EC-BE4D-4DFFBA20EE72} - System32\Tasks\adobe flash player updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {783D2D44-0655-4530-8851-E0582C88EAAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-10] (Google Inc -> Google Inc.)
Task: {7A1A38E6-BDC2-4B7B-937F-398CC637733A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7E07A8AB-0E88-49E7-BBD9-53DB8AB00AC5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {91E73CEC-BF6F-4142-8319-119C0D49C1F1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {99BD25EF-9674-448F-86D1-957B884A809F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CCDED98-7F0F-4021-8600-96EB989B6785} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2A68947-6EA9-48F8-88DA-96FBAA7F8CDB} - System32\Tasks\intel ptt ek recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {A923934D-468B-405B-981B-7D00DBADFCCD} - System32\Tasks\opera scheduled autoupdate 1519249442 => C:\Program Files\Opera\launcher.exe [2527216 2022-08-03] (Opera Norway AS -> Opera Software)
Task: {D370A03C-B38C-4ED6-835B-F855DAC08722} - System32\Tasks\Nahimic2svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Pas de fichier)
Task: {DE8B3C7B-C312-421B-B108-111CDB971081} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2021-10-06] (Garmin International, Inc. -> )
Task: {E25DB098-BF18-4B6D-889D-37B378DE264C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E6394B88-5A4E-4A2D-81D1-3F95862E56AF} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Pas de fichier)
Task: {E842FD8D-6CEF-46CF-9ADB-569D94783782} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB853945-2C12-4BB9-B003-C5C3D1B6E6EC} - System32\Tasks\CCleanerSkipUAC - AMPY => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ED93F8A7-D4A7-4481-8044-ED117376A194} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2120058573-845275958-319147610-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {F260E2BD-8D4D-4E91-871C-D47E993C622B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7339470-21B5-4B50-9B74-6506D4C20CCB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download
Task: {FB990B5A-2932-46C9-AB90-3F2135E011DD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC12D5C2-3B81-45BB-8C63-2297FE4BDC5B} - System32\Tasks\Opera scheduled assistant Autoupdate 1582795392 => C:\Program Files\Opera\launcher.exe [2527216 2022-08-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{43e1808e-c5c0-4bc2-bfe1-7821970c3c29}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7b9bcc1c-42ad-4f9b-a956-0a1ccd2a1c53}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{7b9bcc1c-42ad-4f9b-a956-0a1ccd2a1c53}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c863fdce-1667-4c74-a2b9-db5f9ee1ba90}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\AMPY\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-26]
FireFox:
========
FF DefaultProfile: 2wy8m6pi.default
FF ProfilePath: C:\Users\AMPY\AppData\Roaming\Mozilla\Firefox\Profiles\2wy8m6pi.default [2020-06-05]
FF ProfilePath: C:\Users\AMPY\AppData\Roaming\Mozilla\Firefox\Profiles\846cao1v.default-release [2022-08-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default [2022-08-26]
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-10]
CHR Extension: (Docs) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-10]
CHR Extension: (Google Drive) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-10]
CHR Extension: (YouTube) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-10]
CHR Extension: (uBlock Origin) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-02]
CHR Extension: (Adobe Acrobat) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-02]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-06-02]
CHR Extension: (Sheets) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-10]
CHR Extension: (Stylish – Thèmes personnalisés pour sites Web) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2019-04-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-02]
CHR Extension: (Avast Online Security) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-02]
CHR Extension: (Ace Script) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-04-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-05]
CHR Extension: (Cite This For Me: Web Citer) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle [2018-01-11]
CHR Extension: (Gmail) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\AMPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Opera:
=======
OPR Profile: C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable [2022-08-26]
OPR Notifications: Opera Stable -> hxxps://www.cnetfrance.fr; hxxps://www.courrierinternational.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (BetterTTV) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\deofbbdfofnmppcjbhjibgodpcdchjii [2019-07-13] [UpdateUrl:hxxps://nightdev.com/betterttv/opera/update.xml] <==== ATTENTION
OPR Extension: (Rich Hints Agent) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-31]
OPR Extension: (Opera Crypto Wallet) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-17]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-26]
OPR Extension: (Bookmarks Import & Export) - C:\Users\AMPY\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhcddilnfoiiplehpjihipcocdplljn [2018-09-26]
Brave:
=======
BRA Profile: C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-08-26]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-05-08]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-05-08]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-05-08]
BRA Extension: (PDF Viewer) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-01-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\AMPY\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-05-08]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-17] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-16] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483376 2018-06-15] (Rivet Networks LLC -> Rivet Networks)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-08-26] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-08-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-06-15] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl6a3ed059; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C143DAB7-9F2D-40D8-8D51-2BEC316A43FA}\MpKslDrv.sys [141576 2022-08-26] (Microsoft Windows -> Microsoft Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48320 2018-08-20] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48056 2018-09-13] (SteelSeries ApS -> SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-08-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-08-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-08-25] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-26 14:16 - 2022-08-26 14:16 - 000471591 _____ C:\Users\AMPY\Desktop\ZHPDiag.html
2022-08-26 14:08 - 2022-08-26 14:08 - 003505864 _____ (Nicolas Coolman) C:\Users\AMPY\ZHPSuite.exe
2022-08-26 12:53 - 2022-08-26 12:53 - 000001834 _____ C:\Users\AMPY\Desktop\MBAM.txt
2022-08-26 11:33 - 2022-08-26 11:33 - 000000000 ____D C:\Users\AMPY\AppData\Local\mbam
2022-08-26 11:32 - 2022-08-26 11:32 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-08-26 11:32 - 2022-08-26 11:32 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-08-26 11:32 - 2022-08-26 11:32 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-08-26 11:32 - 2022-08-26 11:32 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-08-26 11:31 - 2022-08-26 11:30 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-08-26 11:30 - 2022-08-26 11:30 - 002556344 _____ (Malwarebytes) C:\Users\AMPY\Downloads\MBSetup.exe
2022-08-26 11:20 - 2022-08-26 11:20 - 000002153 _____ C:\Users\AMPY\Desktop\AdwCleaner[C00].txt
2022-08-26 11:18 - 2022-08-26 11:25 - 000000198 _____ C:\Users\AMPY\Desktop\aide 1.txt
2022-08-26 11:18 - 2022-08-26 11:19 - 000000000 ____D C:\AdwCleaner
2022-08-26 11:18 - 2022-08-26 11:18 - 008551608 _____ (Malwarebytes) C:\Users\AMPY\Downloads\adwcleaner_8.3.2.exe
2022-08-26 11:16 - 2022-08-26 11:16 - 000000000 _____ C:\Users\AMPY\Desktop\Nouveau document texte.txt
2022-08-26 11:03 - 2022-08-26 11:03 - 000020068 _____ C:\Users\AMPY\Desktop\ZHPCleaner (R).txt
2022-08-26 10:55 - 2022-08-26 10:55 - 000021821 _____ C:\Users\AMPY\Desktop\ZHPCleaner (S).txt
2022-08-26 10:43 - 2022-08-26 10:43 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner (1).exe
2022-08-26 10:43 - 2022-08-26 10:43 - 000000910 _____ C:\Users\AMPY\Desktop\ZHPCleaner.lnk
2022-08-25 22:39 - 2022-01-28 17:20 - 000000000 ____D C:\Users\AMPY\Downloads\Wub
2022-08-25 22:39 - 2022-01-28 17:20 - 000000000 ____D C:\Users\AMPY\Desktop\Wub
2022-08-25 22:38 - 2022-08-25 22:38 - 001036162 _____ C:\Users\AMPY\Downloads\Wub.zip
2022-08-23 22:37 - 2022-08-26 14:16 - 000384608 _____ C:\Users\AMPY\Desktop\ZHPDiag_2.txt
2022-08-23 22:28 - 2022-08-26 14:16 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\ZHP
2022-08-23 22:28 - 2022-08-26 14:08 - 000000723 _____ C:\Users\AMPY\Desktop\ZHPSuite.lnk
2022-08-23 22:28 - 2022-08-26 10:43 - 000000000 ____D C:\Users\AMPY\AppData\Local\ZHP
2022-08-23 22:27 - 2022-08-23 22:27 - 003562696 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPSuite.exe
2022-08-23 22:00 - 2022-08-23 22:00 - 000069160 _____ C:\Users\AMPY\Desktop\Addition.txt
2022-08-23 21:59 - 2022-08-26 14:19 - 000031476 _____ C:\Users\AMPY\Desktop\FRST.txt
2022-08-23 21:54 - 2022-08-23 21:54 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-23 21:54 - 2022-08-23 21:54 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-23 21:54 - 2022-08-23 21:54 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-08-23 21:54 - 2022-08-23 21:54 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-08-23 21:54 - 2022-08-23 21:54 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-08-23 21:54 - 2022-08-23 21:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-08-23 21:54 - 2022-08-23 21:54 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-08-23 21:53 - 2022-08-23 21:53 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-08-23 21:53 - 2022-08-23 21:53 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-08-23 21:52 - 2022-08-23 21:52 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-08-23 21:52 - 2022-08-23 21:52 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-08-23 21:52 - 2022-08-23 21:52 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-08-23 21:52 - 2022-08-23 21:52 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-08-23 21:52 - 2022-08-23 21:52 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-08-23 21:52 - 2022-08-23 21:52 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-08-23 21:52 - 2022-08-23 21:52 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-23 21:51 - 2022-08-23 21:51 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-08-23 21:50 - 2022-08-23 21:50 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-08-23 21:50 - 2022-08-23 21:50 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-08-23 21:48 - 2022-08-23 21:48 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-23 21:47 - 2022-08-23 21:47 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-08-23 21:47 - 2022-08-23 21:47 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-08-23 21:46 - 2022-08-23 21:46 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-08-23 21:45 - 2022-08-23 21:45 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-08-23 21:45 - 2022-08-23 21:45 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-23 21:44 - 2022-08-26 14:18 - 000000000 ____D C:\FRST
2022-08-23 21:44 - 2022-08-23 21:44 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-23 21:44 - 2022-08-23 21:44 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-23 21:44 - 2022-08-23 21:44 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-23 21:43 - 2022-08-23 21:43 - 002371072 _____ (Farbar) C:\Users\AMPY\Desktop\FRST64.exe
2022-08-17 23:58 - 2022-08-17 23:58 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner.exe
2022-08-17 23:48 - 2022-08-17 23:48 - 049899376 _____ (Piriform Software Ltd) C:\Users\AMPY\Downloads\ccsetup602.exe
2022-08-17 23:22 - 2022-08-17 23:22 - 003103946 _____ C:\Users\AMPY\Downloads\rock-en-seine-dimanche-28-aout-2022-tickets-79472815.pdf
2022-08-17 23:13 - 2022-08-17 23:13 - 000000000 ___HD C:\$WinREAgent
2022-08-09 23:20 - 2022-08-09 23:20 - 000097801 _____ C:\Users\AMPY\Downloads\coordonnees-bancaires-fortuneo (3).pdf
2022-08-09 23:16 - 2022-08-09 23:16 - 000097801 _____ C:\Users\AMPY\Downloads\coordonnees-bancaires-fortuneo (2).pdf
2022-08-09 23:09 - 2022-08-25 22:48 - 000020888 _____ C:\Users\AMPY\Desktop\Crowdlending.xlsx
2022-08-03 19:24 - 2022-08-23 23:03 - 000005278 _____ C:\WINDOWS\system32\Tasks\microsoft office 15 sync maintenance for desktop-7868h5l-ampy desktop-7868h5l
2022-08-02 10:00 - 2022-08-02 10:01 - 000000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-08-02 09:45 - 2022-08-02 09:45 - 049512448 _____ C:\Users\AMPY\Desktop\DSC04878.jpeg
2022-07-31 21:26 - 2022-07-31 21:26 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2022-07-31 21:25 - 2022-07-31 21:25 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\Wondershare
2022-07-31 21:23 - 2022-07-31 21:25 - 000000000 ____D C:\Users\AMPY\AppData\Local\Wondershare
2022-07-31 21:23 - 2022-07-31 21:23 - 000000000 ____D C:\ProgramData\GraphicsType14
2022-07-31 21:22 - 2022-08-26 10:38 - 000000000 ____D C:\ProgramData\Wondershare
2022-07-31 21:22 - 2022-08-26 10:38 - 000000000 ____D C:\Program Files\Wondershare
2022-07-31 21:19 - 2022-07-31 21:23 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2022-07-31 21:19 - 2022-07-31 21:19 - 001647688 ____N C:\Users\AMPY\Downloads\uniconverter14_setup_full14224.exe
2022-07-28 22:04 - 2022-07-28 22:04 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582795392
2022-07-28 22:04 - 2022-07-28 22:04 - 000000000 ____D C:\Users\AMPY\Documents\Sony
2022-07-28 21:58 - 2022-07-28 21:58 - 099557606 _____ C:\Users\AMPY\Downloads\RAW_Viewer_4_0_win (2).zip
2022-07-28 21:58 - 2022-02-16 21:00 - 100238896 _____ (Sony Corporation) C:\Users\AMPY\Downloads\RAW_Viewer_4_0.exe
2022-07-28 21:58 - 2022-02-16 21:00 - 000001591 _____ C:\Users\AMPY\Downloads\ReleaseNote.txt
2022-07-28 21:54 - 2022-07-28 21:57 - 099557464 _____ C:\Users\AMPY\Downloads\RAW_Viewer_4_0_win.zip
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-08-26 14:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-26 14:08 - 2022-04-13 22:33 - 000000000 ____D C:\Users\AMPY
2022-08-26 12:52 - 2022-04-13 22:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-26 12:25 - 2018-01-10 23:39 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-26 11:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-26 11:31 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-26 11:30 - 2020-06-02 21:55 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-08-26 11:30 - 2020-06-02 21:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-08-26 11:30 - 2020-06-02 21:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-08-26 11:26 - 2022-04-13 22:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-26 11:26 - 2021-10-24 19:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-26 11:25 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-08-26 11:18 - 2020-06-02 16:50 - 000000000 ____D C:\Program Files (x86)\360
2022-08-26 11:16 - 2022-04-13 22:39 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-26 11:16 - 2019-12-07 16:49 - 000792878 _____ C:\WINDOWS\system32\perfh00C.dat
2022-08-26 11:16 - 2019-12-07 16:49 - 000150008 _____ C:\WINDOWS\system32\perfc00C.dat
2022-08-26 11:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-26 11:10 - 2022-04-13 22:26 - 000468568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-26 11:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-26 11:09 - 2018-02-21 23:43 - 000000000 ____D C:\Program Files\Opera
2022-08-26 11:09 - 2018-01-11 00:12 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-26 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-08-26 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-08-26 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-26 11:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-08-26 10:56 - 2022-04-13 22:54 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-26 10:56 - 2019-10-03 19:12 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-08-26 10:40 - 2018-04-12 20:57 - 000000000 ____D C:\Users\AMPY\AppData\Local\CrashDumps
2022-08-26 10:22 - 2018-01-11 20:50 - 000000000 ____D C:\ProgramData\Nahimic22.5.24
2022-08-26 10:20 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-08-26 09:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-25 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-08-25 22:37 - 2018-01-10 23:29 - 000000000 ___RD C:\Users\AMPY\OneDrive
2022-08-25 22:35 - 2018-02-18 03:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-08-25 22:34 - 2020-06-02 21:44 - 000000000 __SHD C:\$360Section
2022-08-25 22:34 - 2020-06-02 16:51 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\360DesktopLite
2022-08-25 22:31 - 2019-04-11 22:37 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\Discord
2022-08-25 22:31 - 2019-04-11 22:35 - 000000000 ____D C:\Users\AMPY\AppData\Local\Discord
2022-08-23 23:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-23 23:13 - 2018-01-11 01:55 - 000000000 ____D C:\Users\AMPY\AppData\Local\Packages
2022-08-23 23:09 - 2018-11-11 13:14 - 000000000 ____D C:\Users\AMPY\AppData\Local\Blizzard Entertainment
2022-08-23 23:09 - 2018-11-11 13:09 - 000000000 ____D C:\Users\AMPY\AppData\Local\Blizzard
2022-08-23 23:08 - 2019-02-04 00:26 - 000000000 ____D C:\Users\AMPY\AppData\Local\Ubisoft Game Launcher
2022-08-23 23:08 - 2019-02-04 00:26 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2022-08-23 23:04 - 2019-04-09 18:27 - 000000000 ____D C:\ProgramData\Origin
2022-08-23 23:00 - 2019-01-15 20:46 - 000000000 ____D C:\Users\AMPY\AppData\Local\IIIQF
2022-08-23 22:59 - 2018-03-19 22:15 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games
2022-08-23 21:47 - 2020-06-25 09:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-23 21:47 - 2020-06-25 09:07 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-23 21:44 - 2022-04-13 22:29 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-23 21:32 - 2018-04-27 21:30 - 000000000 ____D C:\Program Files\CCleaner
2022-08-23 21:31 - 2022-04-13 22:54 - 000003048 _____ C:\WINDOWS\system32\Tasks\ccleaner update
2022-08-17 23:53 - 2018-02-21 23:57 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-17 23:47 - 2020-06-07 19:57 - 000000000 ____D C:\Program Files (x86)\Citrix
2022-08-17 23:47 - 2020-03-17 12:11 - 000000000 ____D C:\ProgramData\Citrix
2022-08-17 23:36 - 2022-03-06 21:33 - 000000000 ___DC C:\WINDOWS\Panther
2022-08-17 23:09 - 2018-01-11 01:30 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-08-17 23:06 - 2022-04-13 22:54 - 000003380 _____ C:\WINDOWS\system32\Tasks\opera scheduled autoupdate 1519249442
2022-08-17 23:06 - 2018-02-21 23:44 - 000001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-08-17 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-17 21:41 - 2018-01-12 01:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-17 21:35 - 2022-04-13 22:54 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-17 21:35 - 2022-04-13 22:54 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-17 21:35 - 2018-01-12 01:00 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-03 19:38 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-08-03 19:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-08-03 19:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-08-02 10:02 - 2018-02-08 15:22 - 000000000 ____D C:\Users\AMPY\AppData\Local\PlaceholderTileLogoFolder
2022-08-02 09:35 - 2022-03-28 23:32 - 000000000 ____D C:\Users\AMPY\AppData\Roaming\CyberGhost
2022-07-28 22:56 - 2018-09-23 22:25 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2020-02-06 00:01 - 2020-02-06 00:01 - 020374248 _____ (monalbumphoto ) C:\ProgramData\monalbumphoto_setup.exe
2022-08-26 14:08 - 2022-08-26 14:08 - 003505864 _____ (Nicolas Coolman) C:\Users\AMPY\ZHPSuite.exe
2019-01-04 14:08 - 2019-01-04 14:08 - 000000410 _____ () C:\Users\AMPY\AppData\Local\oobelibMkey.log
==================== SigCheckExt =========================
2022-08-26 14:08 - 2022-08-26 14:08 - 003505864 _____ (Nicolas Coolman) C:\Users\AMPY\ZHPSuite.exe
2022-08-23 21:43 - 2022-08-23 21:43 - 002371072 _____ (Farbar) C:\Users\AMPY\Desktop\FRST64.exe
2022-08-26 10:43 - 2022-08-26 10:43 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner (1).exe
2022-08-17 23:58 - 2022-08-17 23:58 - 003303624 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPCleaner.exe
2022-08-23 22:27 - 2022-08-23 22:27 - 003562696 _____ (Nicolas Coolman) C:\Users\AMPY\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
flightsigning Yes
default {current}
resumeobject {3c26f6d1-bb70-11ec-be8d-85612919d896}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {3c26f6d3-bb70-11ec-be8d-85612919d896}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
flightsigning Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {3c26f6d1-bb70-11ec-be8d-85612919d896}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {3c26f6d3-bb70-11ec-be8d-85612919d896}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{3c26f6d4-bb70-11ec-be8d-85612919d896}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{3c26f6d4-bb70-11ec-be8d-85612919d896}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {3c26f6d1-bb70-11ec-be8d-85612919d896}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {3c26f6d3-bb70-11ec-be8d-85612919d896}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {3c26f6d4-bb70-11ec-be8d-85612919d896}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================