Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022 Exécuté par thoma (administrateur) sur MSI (Micro-Star International Co., Ltd. GF75 Thin 10UEK) (08-09-2022 12:50:36) Exécuté depuis C:\Users\thoma\Desktop Profils chargés: thoma Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.856 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (A-Volute SAS -> A-Volute) C:\Users\thoma\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.27\msedgewebview2.exe <12> (DriverStore\FileRepository\cui_dch.inf_amd64_c3e9728f5ed0ccde\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_c3e9728f5ed0ccde\igfxEM.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_c3e9728f5ed0ccde\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_b16f8c7f597d113d\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_aa98f7d289749142\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_aa98f7d289749142\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_5.68.30003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe (services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe (services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_417542b70c8bb20a\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe <2> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe (svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe (svchost.exe ->) (A-Volute) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.10.0_x64__w2gh52qy24etm\Nahimic3.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.22621.1.0_x64__8wekyb3d8bbwe\SecHealthUI.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\1.0.2207.20002-0\SecurityHealthHost.exe (svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.625.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe (svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe (svchost.exe ->) (Micro-Star INT'L CO., LTD.) [Fichier non signé] C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe (svchost.exe ->) (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj\RtkUWP.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [I16A] => C:\Windows\twain_32\Brimi16a\Common\TwDsUiLaunch.exe [94952 2019-03-20] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-07-25] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.) [Fichier non signé] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-1642668554-3998576367-291681537-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2629520 2022-08-31] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1642668554-3998576367-291681537-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1642668554-3998576367-291681537-1001\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MpCmdRun.exe [591160 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation) HKU\S-1-5-21-1642668554-3998576367-291681537-1001\...\Run: [WmiPrvSE] => C:\Windows\System32\wbem\WmiPrvSE.exe [507904 2021-06-05] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1642668554-3998576367-291681537-1001\...\Run: [MicrosoftEdgeAutoLaunch_860E70264142A63D0A8994BD4B62850C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1642668554-3998576367-291681537-1001\...\MountPoints2: {3d2f2f50-de53-11eb-978b-e884a536460a} - "D:\setup.EXE" /AUTORUN HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\EPSON XP-212 213 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLHE.DLL [179712 2013-10-22] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {030E19CD-100A-442C-87A9-2F8BA9780022} - System32\Tasks\GoogleUpdateTaskMachineCore{5B3170B5-296C-474B-AAEA-7E9A01F487AC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-05-12] (Google LLC -> Google LLC) Task: {08460346-1A39-4FC8-872C-8AFB5D19C7F5} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [834760 2022-04-11] (A-Volute SAS -> Nahimic) Task: {0D6D89AE-52C9-4D0D-B800-3C51A6F7D7E3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {163C5EA2-202E-48C8-82AB-C41BD597D26B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {1C340EC8-7054-4601-9499-09748AD9F503} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {20671C8A-B44F-42C3-A383-97A0FCCE69EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2208952F-331E-4DED-8C9F-8998A06BAC1F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {2809F883-10DD-4BFB-A5DF-AB153708C94C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {31BD63DC-51A7-44FF-8AF8-C4DE0F48AE74} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {3208C659-BFF5-4123-A782-A4291BDF8318} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1095880 2022-04-11] (A-Volute SAS -> Nahimic) Task: {34096994-8469-4F0E-B0EF-EEBA03B86E4F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {3B2EBFE8-38FC-42D2-A02C-255ECA0D23E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3D951828-1F52-4F8D-A25E-1F96DBD57B12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6601184 2022-09-07] (Microsoft Corporation -> Microsoft Corporation) Task: {4097B425-F9CE-4869-933C-8F38B9965F89} - System32\Tasks\OneDC_Updater => C:\Users\thoma\Documents\temp\OneDC_Updater\OneDC_Updater.exe [5311400 2021-04-16] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION Task: {460D624B-C47C-4A77-85D3-55C3B359ACBF} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [541608 2021-04-15] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) Task: {5AF2B709-748F-4681-89F4-541C0961DDFE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {605B605E-FCC8-4806-BA8D-EAC880F015DE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {81286C6F-E4AD-4D82-9A83-4EE164CC766D} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1685328 2021-04-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {84BB834B-ED96-4D71-B1E1-1A63690F7115} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-07] (Microsoft Corporation -> Microsoft Corporation) Task: {87C8261D-AC81-4AFE-B3DB-4EFAFE4FC8E6} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [78648 2021-04-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {910EB291-56A4-4A0F-B480-F804B6BB861F} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [834760 2022-04-11] (A-Volute SAS -> Nahimic) Task: {96F11FF2-D049-446F-B369-CDF7C0E6C2F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9CA1F0C0-6F0C-45F4-BE56-E84FA132EEC3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {9E3C28F3-0C52-430D-B036-DDA213C75963} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [78648 2021-04-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {9E672381-216B-4B1A-ABFD-41D8A6AC5AB3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-07] (Microsoft Corporation -> Microsoft Corporation) Task: {9E7F6ACE-B205-428B-AD7C-561D6AC428C0} - System32\Tasks\Microsoft Windows Defender Update => C:\Program Files (x86)\Swf Free 2.0.1.18\hidrock.exe 6 (Pas de fichier) Task: {9F8130C3-7DD1-49B9-B31C-909DD4216907} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-07] (Microsoft Corporation -> Microsoft Corporation) Task: {AFB28B66-3D87-4FE5-AE43-6AE36DFEE446} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6601184 2022-09-07] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier) Task: {D403DC50-DA0B-4C72-8A3F-19A4D1BA3527} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {D62BD913-7E01-4349-9C75-AC06D704563E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {DA0E1463-7AD1-40DF-AF83-4A7465E2F135} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {DB3FCC46-C664-45ED-956E-82420B75D1A6} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1642668554-3998576367-291681537-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4154248 2022-08-31] (Microsoft Corporation -> Microsoft Corporation) Task: {DD7CFC74-5F5D-4E80-AD44-122DEED01208} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1095880 2022-04-11] (A-Volute SAS -> Nahimic) Task: {EAD56394-A8A4-4CB7-8B08-26C3BC3171F5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113560 2022-09-07] (Microsoft Corporation -> Microsoft Corporation) Task: {ED6F6E9C-4D2B-4BEE-A94B-7A8D37CB31D9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-07-22] (Nvidia Corporation -> NVIDIA Corporation) Task: {EFE5695F-5D7E-4C25-8299-1E4F4A7F3535} - System32\Tasks\GoogleUpdateTaskMachineUA{44A16DE6-DF0C-47A5-8D1E-942C9AC6977E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-05-12] (Google LLC -> Google LLC) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{4a9fde9e-67f2-47e9-98e6-f5b301e0bc68}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{d8252bcd-348a-4ab0-a578-55ab49e591b4}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\thoma\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-08] Edge HomePage: Default -> hxxp://www.msn.com/?pc=NMTE FireFox: ======== FF DefaultProfile: vnticts1.default FF ProfilePath: C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\vnticts1.default [2021-07-30] FF Homepage: Mozilla\Firefox\Profiles\vnticts1.default -> hxxps://www.google.com/ FF ProfilePath: C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\94t87r0c.default-release [2022-09-08] FF NewTab: Mozilla\Firefox\Profiles\94t87r0c.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-30 05:14:10&bName= FF Notifications: Mozilla\Firefox\Profiles\94t87r0c.default-release -> hxxps://agetintopc.com; hxxps://www.floabank.fr FF Extension: (Qwant VIPrivacy) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\94t87r0c.default-release\Extensions\qwantcomforfirefox@jetpack.xpi [2022-09-02] FF Extension: (Smart Blocker) - C:\Users\thoma\AppData\Roaming\Mozilla\Firefox\Profiles\94t87r0c.default-release\Extensions\{38d68dcb-1982-4b81-a6d6-c4e61a3547d4}.xpi [2021-08-21] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [Pas de fichier] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-05-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-06-05] (BattlEye Innovations e.K. -> ) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-07-25] (Brother Industries, Ltd.) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12126112 2022-09-07] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-07-26] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-07-28] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\FileSyncHelper.exe [3380624 2022-08-31] (Microsoft Corporation -> Microsoft Corporation) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-24] (HP Inc. -> HP Inc.) R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-07] (Malwarebytes Inc. -> Malwarebytes) R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [168056 2019-05-07] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> ) R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [81832 2021-04-20] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32752 2021-02-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-03-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1921224 2022-04-11] (A-Volute SAS -> Nahimic) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.166.0807.0002\OneDriveUpdaterService.exe [3800976 2022-08-31] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_417542b70c8bb20a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmiig.inf_amd64_417542b70c8bb20a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin2\brynhildr.sys [2188544 2022-08-04] (Activision Publishing Inc -> Activision Blizzard, Inc.) R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.) R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl82f993dc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0FB20EFF-4C0F-46D1-A449-B379751CB30A}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation) R3 msihid; C:\WINDOWS\System32\drivers\msihid.sys [43936 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows (R) Win 7 DDK provider) R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [234568 2022-06-07] (Nvidia Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_17b0987cc485ce8a\rt68cx21x64.sys [458152 2021-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek) S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [45752 2020-11-02] (SteelSeries ApS -> SteelSeries ApS) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS) S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [57440 2020-11-02] (SteelSeries ApS -> SteelSeries ApS) R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [37280 2022-06-05] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-09-08] (Bitdefender SRL -> Bitdefender) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-08-29] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-08-29] (Microsoft Windows -> Microsoft Corporation) R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> ) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-09-08 12:41 - 2022-09-08 12:41 - 003506376 _____ (Nicolas Coolman) C:\Users\thoma\Desktop\ZHPSuite.exe 2022-09-08 10:24 - 2022-09-08 10:24 - 000000000 ____D C:\PUB 2022-09-08 10:23 - 2022-09-08 10:32 - 000000054 _____ C:\WINDOWS\Lic.xxx 2022-09-08 10:23 - 2022-09-08 10:23 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys 2022-09-08 10:22 - 2022-09-08 10:22 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll 2022-09-08 10:22 - 2022-09-08 10:22 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll 2022-09-08 10:22 - 2022-09-08 10:22 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe 2022-09-08 10:22 - 2022-09-08 10:22 - 000001050 _____ C:\Users\thoma\Desktop\MWAVSCAN.lnk 2022-09-08 10:22 - 2022-09-08 10:22 - 000000000 ____D C:\ProgramData\MicroWorld 2022-09-08 10:20 - 2022-09-08 10:21 - 297588672 _____ (MicroWorld Technologies Inc.) C:\Users\thoma\Desktop\mwav.exe 2022-09-08 05:00 - 2022-09-08 05:00 - 000929992 _____ C:\Users\thoma\Desktop\MyInfoDrive2.exe 2022-09-07 16:00 - 2022-09-07 16:00 - 000046458 _____ C:\Users\thoma\Desktop\MBAM.txt 2022-09-07 15:53 - 2022-09-07 15:53 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-09-07 15:37 - 2022-09-07 15:53 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-09-07 15:37 - 2022-09-07 15:37 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-09-07 15:37 - 2022-09-07 15:37 - 000002028 _____ C:\Users\thoma\Desktop\Malwarebytes.lnk 2022-09-07 15:37 - 2022-09-07 15:37 - 000000000 ____D C:\Users\thoma\AppData\Local\mbam 2022-09-07 15:37 - 2022-09-07 15:36 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-09-07 15:37 - 2022-09-07 15:36 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-09-07 15:36 - 2022-09-07 15:36 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-09-07 15:36 - 2022-09-07 15:36 - 000000000 ____D C:\Program Files\Malwarebytes 2022-09-07 15:31 - 2022-09-07 15:31 - 002638472 _____ (Malwarebytes) C:\Users\thoma\Desktop\MBSetup.exe 2022-09-07 15:19 - 2022-09-07 15:20 - 000000000 ____D C:\AdwCleaner 2022-09-07 15:18 - 2022-09-07 15:18 - 008551608 _____ (Malwarebytes) C:\Users\thoma\Desktop\adwcleaner_8.3.2.exe 2022-09-07 15:09 - 2022-09-07 15:09 - 000030645 _____ C:\Users\thoma\Desktop\ZHPCleaner (R).txt 2022-09-07 14:54 - 2022-09-07 14:54 - 000030834 _____ C:\Users\thoma\Desktop\ZHPCleaner (S).txt 2022-09-07 14:13 - 2022-09-07 14:13 - 003304136 _____ (Nicolas Coolman) C:\Users\thoma\Desktop\ZHPCleaner(1).exe 2022-09-07 14:13 - 2022-09-07 14:13 - 000000912 _____ C:\Users\thoma\Desktop\ZHPCleaner.lnk 2022-09-07 11:40 - 2022-09-07 11:48 - 000000342 _____ C:\Users\thoma\Desktop\DiskInfo.ini 2022-09-07 11:40 - 2022-09-07 11:40 - 000000000 ____D C:\Users\thoma\Desktop\Smart 2022-09-07 11:38 - 2022-09-07 11:38 - 000000000 ____D C:\Users\thoma\Desktop\License 2022-09-07 11:38 - 2022-09-07 11:38 - 000000000 ____D C:\Users\thoma\Desktop\CdiResource 2022-09-07 11:37 - 2022-09-07 11:37 - 006217423 _____ C:\Users\thoma\Desktop\crystaldiskinfo-portable-8-17-6.zip 2022-09-07 10:12 - 2022-09-08 12:37 - 000000000 ____D C:\Users\thoma\Desktop\protections 2022-09-07 09:45 - 2022-09-07 09:56 - 000039672 _____ C:\Users\thoma\Desktop\Shortcut.txt 2022-09-07 09:44 - 2022-09-07 09:56 - 000060283 _____ C:\Users\thoma\Desktop\Addition.txt 2022-09-07 09:42 - 2022-09-08 12:50 - 000034282 _____ C:\Users\thoma\Desktop\FRST.txt 2022-09-07 09:41 - 2022-09-08 12:50 - 000000000 ____D C:\FRST 2022-09-07 09:41 - 2022-09-07 09:41 - 002371072 _____ (Farbar) C:\Users\thoma\Desktop\FRST64.exe 2022-09-07 09:37 - 2022-09-08 12:46 - 000372013 _____ C:\Users\thoma\Desktop\ZHPDiag.txt 2022-09-07 09:29 - 2022-09-08 12:46 - 000000000 ____D C:\Users\thoma\AppData\Roaming\ZHP 2022-09-07 09:29 - 2022-09-08 12:42 - 000000872 _____ C:\Users\thoma\Desktop\ZHPSuite.lnk 2022-09-07 09:29 - 2022-09-07 14:13 - 000000000 ____D C:\Users\thoma\AppData\Local\ZHP 2022-09-07 09:28 - 2022-09-07 09:28 - 003505864 _____ (Nicolas Coolman) C:\Users\thoma\Downloads\ZHPSuite(1).exe 2022-09-06 16:14 - 2022-09-06 16:14 - 002887024 _____ C:\Users\thoma\Downloads\documentsinformationsfonctionnementcollge.zip 2022-09-06 16:08 - 2022-09-07 05:16 - 000007602 _____ C:\Users\thoma\AppData\Local\Resmon.ResmonCfg 2022-09-05 06:29 - 2022-09-05 06:29 - 003303624 _____ (Nicolas Coolman) C:\Users\thoma\Downloads\ZHPCleaner.exe 2022-09-04 21:19 - 2022-09-04 21:19 - 000000000 ____D C:\Users\thoma\Documents\Diablo III 2022-09-04 20:09 - 2022-09-07 15:49 - 000000000 ____D C:\ProgramData\Dllhost 2022-09-04 20:09 - 2022-09-07 15:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\WindowsDefenderServices 2022-09-04 20:09 - 2022-09-07 15:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\SettingSysHost 2022-09-04 20:09 - 2022-09-07 15:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\MicrosoftUpdateServices 2022-09-04 20:09 - 2022-09-07 15:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\AntiMalwareSericeExecutable 2022-09-04 20:09 - 2022-09-07 15:33 - 000000000 ____D C:\ProgramData\SystemFiles 2022-09-04 20:09 - 2022-09-04 20:09 - 000001575 ____H C:\Users\thoma\AppData\Roamingsys_rh.bin 2022-09-04 20:09 - 2022-09-04 20:09 - 000001575 ____H C:\ProgramData\sys_rh.bin 2022-09-04 19:55 - 2022-09-04 19:55 - 000000000 ____D C:\Users\thoma\AppData\Local\Yandex 2022-09-02 01:33 - 2022-09-02 01:33 - 000000000 ____D C:\Users\thoma\Documents\Call Of Duty Black Ops Cold War 2022-09-02 01:33 - 2022-09-02 01:33 - 000000000 ____D C:\Users\thoma\AppData\Local\Activision 2022-09-02 01:33 - 2022-09-02 01:33 - 000000000 ____D C:\ProgramData\Activision 2022-09-02 01:23 - 2022-09-02 01:26 - 111661296 _____ (Smart Code Ltd) C:\Users\thoma\Downloads\Stremio+4.4.159.exe 2022-09-01 16:09 - 2022-09-01 16:12 - 000000000 ____D C:\Users\thoma\Desktop\musiques 2022-09-01 16:08 - 2022-09-01 16:09 - 000000000 ____D C:\Users\thoma\Desktop\photos 2022-08-31 08:00 - 2022-09-07 15:12 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-08-28 07:34 - 2022-09-07 11:38 - 002962920 _____ (Crystal Dew World) C:\Users\thoma\Desktop\DiskInfoA64.exe 2022-08-28 07:34 - 2022-09-07 11:38 - 002825760 _____ (Crystal Dew World) C:\Users\thoma\Desktop\DiskInfo64.exe 2022-08-28 07:34 - 2022-09-07 11:38 - 002616352 _____ (Crystal Dew World) C:\Users\thoma\Desktop\DiskInfo32.exe 2022-08-26 11:34 - 2022-08-26 11:34 - 000000000 ____D C:\Users\thoma\AppData\Roaming\SolidDocuments 2022-08-16 12:42 - 2022-08-16 12:42 - 000014990 _____ C:\Users\thoma\Downloads\microsoft_word_-_demande_de_transcription_acte_de_reconnaissance.doc.pdf 2022-08-14 16:41 - 2022-08-14 16:41 - 000922112 _____ (Spotify Ltd) C:\Users\thoma\Downloads\SpotifySetup.exe 2022-08-13 16:19 - 2022-07-28 06:53 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-08-13 16:19 - 2022-07-28 06:53 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-08-13 16:19 - 2022-07-28 06:53 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-08-13 16:19 - 2022-07-28 06:53 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-08-13 16:19 - 2022-07-28 06:53 - 001471984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-08-13 16:19 - 2022-07-28 06:53 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-08-13 16:19 - 2022-07-28 06:53 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-08-13 16:19 - 2022-07-28 06:53 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-08-13 16:19 - 2022-07-28 06:53 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-08-13 16:19 - 2022-07-28 06:53 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-08-13 16:19 - 2022-07-28 06:50 - 000865776 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-08-13 16:19 - 2022-07-28 06:50 - 000771568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-08-13 16:19 - 2022-07-28 06:50 - 000687624 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-08-13 16:19 - 2022-07-28 06:49 - 002127872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-08-13 16:19 - 2022-07-28 06:49 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-08-13 16:19 - 2022-07-28 06:49 - 001182720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-08-13 16:19 - 2022-07-28 06:49 - 000714760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-08-13 16:19 - 2022-07-28 06:48 - 010269680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-08-13 16:19 - 2022-07-28 06:48 - 008803848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-08-13 16:19 - 2022-07-28 06:48 - 005362696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-08-13 16:19 - 2022-07-28 06:48 - 003066888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-08-13 16:19 - 2022-07-28 06:48 - 001607680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-08-13 16:19 - 2022-07-28 06:48 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-08-13 16:19 - 2022-07-28 06:48 - 000845312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-08-13 16:19 - 2022-07-28 06:48 - 000456200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-08-13 16:19 - 2022-07-28 06:47 - 005735944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-08-13 16:19 - 2022-07-28 06:47 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-08-13 16:19 - 2022-07-22 06:25 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb 2022-08-13 16:15 - 2022-08-13 16:18 - 822556856 _____ (NVIDIA Corporation) C:\Users\thoma\Downloads\516.94-desktop-win10-win11-64bit-international-dch-whql.exe 2022-08-09 19:42 - 2022-08-09 19:42 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-08-09 19:42 - 2022-08-09 19:42 - 000327680 _____ C:\WINDOWS\system32\pnpdiag.dll 2022-08-09 19:42 - 2022-08-09 19:42 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-08-09 19:42 - 2022-08-09 19:42 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-08-09 19:42 - 2022-08-09 19:42 - 000015026 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-09 19:40 - 2022-08-09 19:40 - 000000000 ___HD C:\$WinREAgent 2022-08-07 08:40 - 2022-08-07 08:40 - 000112693 _____ C:\Users\thoma\Downloads\Declaration_des_revenus_2021.pdf 2022-08-07 08:39 - 2022-08-07 08:39 - 000128365 _____ C:\Users\thoma\Downloads\Avis_d_impot_2022_sur_les_revenus_2021.pdf 2022-08-06 06:13 - 2022-07-14 07:55 - 000043184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2022-08-04 22:31 - 2022-08-04 22:31 - 000000000 ____D C:\Users\thoma\AppData\Local\BattlEye 2022-08-04 20:36 - 2022-08-18 14:33 - 000000000 ____D C:\Users\thoma\Documents\Call of Duty Modern Warfare 2022-08-04 20:34 - 2022-08-04 20:34 - 000000000 ____D C:\ProgramData\Battle.net_components 2022-07-28 02:23 - 2022-07-29 23:44 - 000000000 ____D C:\Users\thoma\BrawlhallaReplays 2022-07-28 02:05 - 2022-07-28 02:05 - 000000000 ____D C:\Users\thoma\AppData\Roaming\BrawlhallaAir 2022-07-28 02:04 - 2022-07-28 02:04 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS 2022-07-28 02:02 - 2022-07-28 02:02 - 000000222 _____ C:\Users\thoma\Desktop\Brawlhalla.url 2022-07-26 23:59 - 2022-07-26 23:59 - 000000000 ____D C:\Users\thoma\Documents\League of Legends 2022-07-26 23:42 - 2022-09-05 06:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2022-07-26 23:42 - 2022-07-26 23:42 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games 2022-07-26 23:32 - 2022-09-04 20:35 - 000000000 ____D C:\ProgramData\Riot Games 2022-07-26 23:32 - 2022-07-26 23:59 - 000000000 ____D C:\Users\thoma\AppData\Local\Riot Games 2022-07-26 23:31 - 2022-07-26 23:31 - 069873744 _____ (Riot Games, Inc.) C:\Users\thoma\Downloads\Install League of Legends euw.exe 2022-07-26 20:34 - 2022-07-26 20:34 - 000000000 ____D C:\Users\thoma\AppData\Local\cache 2022-07-16 07:26 - 2022-07-16 09:54 - 000003849 _____ C:\Users\thoma\Desktop\pascal perri.txt 2022-07-13 03:50 - 2022-07-13 03:50 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-13 03:50 - 2022-07-13 03:50 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-11 09:09 - 2022-07-11 09:09 - 000748912 _____ C:\Users\thoma\Documents\billet avion erwan 15 juillet.pdf 2022-07-08 11:32 - 2022-07-08 11:38 - 000468467 _____ C:\Users\thoma\Documents\rib CREDIT AGRICOLE.pdf 2022-06-29 07:35 - 2022-06-29 07:35 - 000000000 ____D C:\Users\thoma\AppData\Local\DBG 2022-06-28 10:37 - 2022-06-28 10:37 - 001580916 _____ C:\Users\thoma\Downloads\BRWC0B5D7AAA061_000865.pdf 2022-06-28 10:37 - 2022-06-28 10:37 - 000917440 _____ C:\Users\thoma\Downloads\BRWC0B5D7AAA061_000860.pdf 2022-06-27 04:59 - 2022-06-27 05:10 - 001364063 _____ C:\Users\thoma\Downloads\BRWC0B5D7AAA061_000849.pdf 2022-06-27 04:59 - 2022-06-27 05:00 - 000637360 _____ C:\Users\thoma\Downloads\BRWC0B5D7AAA061_000834.pdf 2022-06-27 04:59 - 2022-06-27 04:59 - 002334096 _____ C:\Users\thoma\Downloads\BRWC0B5D7AAA061_000836.pdf 2022-06-27 04:59 - 2022-06-27 04:59 - 000646987 _____ C:\Users\thoma\Downloads\BRWC0B5D7AAA061_000855.pdf 2022-06-21 15:45 - 2022-06-21 15:45 - 000551822 _____ C:\Users\thoma\Documents\Document_2022-06-21_154504.pdf 2022-06-21 15:44 - 2022-06-21 15:44 - 000000000 ____D C:\Users\thoma\AppData\Local\IsolatedStorage 2022-06-21 14:22 - 2022-06-21 14:22 - 000064143 _____ C:\Users\thoma\Downloads\WhatsApp Image 2022-06-18 at 09.25.27.jpeg 2022-06-21 14:17 - 2022-06-21 14:17 - 000357546 _____ C:\Users\thoma\Downloads\Scan_20220621_105818.pdf 2022-06-17 15:15 - 2022-06-17 15:16 - 000000000 ____D C:\Users\thoma\AppData\LocalLow\BitTorrent 2022-06-17 13:18 - 2022-06-17 13:18 - 000008608 _____ C:\Users\thoma\Downloads\MP3-daily-2022-June-16-Hard.Rock-[rarbg.to].torrent 2022-06-17 13:18 - 2022-06-17 13:18 - 000003304 _____ C:\Users\thoma\Downloads\MP3-daily-2022-June-16-Black.Metal-[rarbg.to].torrent 2022-06-17 13:17 - 2022-06-17 13:17 - 000014971 _____ C:\Users\thoma\Downloads\MP3-daily-2022-June-16-Metal-[rarbg.to].torrent 2022-06-17 13:17 - 2022-06-17 13:17 - 000003474 _____ C:\Users\thoma\Downloads\MP3-daily-2022-June-16-Death.Metal-[rarbg.to].torrent 2022-06-17 13:16 - 2022-06-17 13:16 - 000008851 _____ C:\Users\thoma\Downloads\MP3-daily-2022-June-16-Heavy.Metal-[rarbg.to].torrent ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-09-08 12:44 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-09-08 12:41 - 2021-07-08 08:38 - 000000000 ____D C:\Program Files (x86)\Steam 2022-09-08 12:40 - 2021-07-19 19:06 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-09-08 12:34 - 2021-07-06 15:12 - 000000000 ____D C:\Users\thoma\AppData\LocalLow\Mozilla 2022-09-08 12:25 - 2020-12-23 21:49 - 000000000 ____D C:\ProgramData\NVIDIA 2022-09-08 12:11 - 2022-05-12 09:18 - 000000000 ____D C:\Program Files (x86)\Google 2022-09-08 11:47 - 2021-07-06 18:16 - 000000000 ____D C:\Users\thoma\Desktop\raccourcis 2022-09-08 10:39 - 2021-09-04 09:37 - 000000000 ____D C:\Program Files (x86)\MaskVPN 2022-09-08 10:24 - 2019-12-07 11:14 - 000000545 _____ C:\WINDOWS\win.ini 2022-09-08 10:23 - 2022-01-24 13:39 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E1667A0A-36A7-4959-B094-E7963F19AD88} 2022-09-08 10:23 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-09-08 07:10 - 2021-07-06 14:25 - 000000000 __SHD C:\Users\thoma\IntelGraphicsProfiles 2022-09-08 04:08 - 2022-01-24 13:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-09-08 04:08 - 2021-07-14 14:20 - 000000000 ____D C:\ProgramData\OmApSvcBroker 2022-09-07 21:40 - 2022-02-14 11:41 - 000000000 ____D C:\Users\thoma\AppData\Local\Battle.net 2022-09-07 20:59 - 2021-07-08 09:37 - 000001899 _____ C:\Users\thoma\Desktop\Nouveau document texte.txt 2022-09-07 15:49 - 2022-01-24 13:39 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32 2022-09-07 15:49 - 2022-01-24 13:39 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64 2022-09-07 15:49 - 2022-01-24 13:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-09-07 15:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-09-07 15:49 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-09-07 15:49 - 2020-12-23 21:34 - 000000000 ____D C:\Intel 2022-09-07 15:49 - 2020-12-05 20:22 - 000012288 ___SH C:\DumpStack.log.tmp 2022-09-07 15:37 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-09-07 14:10 - 2021-07-06 15:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-09-07 12:20 - 2021-09-07 10:40 - 000084939 _____ C:\Users\thoma\Desktop\credit agricole.xlsx 2022-09-07 11:56 - 2021-07-06 17:43 - 000000000 ___RD C:\Users\thoma\Desktop\Nouveau dossier 2022-09-07 11:52 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps 2022-09-07 11:38 - 2022-01-29 21:00 - 000000853 _____ C:\Users\thoma\Desktop\ReadMe.txt 2022-09-07 09:37 - 2021-09-20 09:52 - 000000000 ____D C:\Users\thoma\AppData\Local\Ubisoft Game Launcher 2022-09-07 08:28 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF 2022-09-07 08:27 - 2021-07-17 12:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-09-07 08:20 - 2022-01-24 13:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-09-07 08:20 - 2021-07-06 15:12 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-09-06 22:02 - 2021-07-06 14:26 - 000000000 ____D C:\Users\thoma\AppData\Local\CrashDumps 2022-09-06 20:14 - 2021-07-06 14:25 - 000000000 ____D C:\Users\thoma\AppData\Local\D3DSCache 2022-09-06 17:04 - 2022-01-24 13:38 - 001800200 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-09-06 17:04 - 2021-06-05 20:14 - 000807760 _____ C:\WINDOWS\system32\perfh00C.dat 2022-09-06 17:04 - 2021-06-05 20:14 - 000156382 _____ C:\WINDOWS\system32\perfc00C.dat 2022-09-06 09:59 - 2021-07-08 08:27 - 000000000 ____D C:\Users\thoma\AppData\Roaming\WhatsApp 2022-09-06 07:38 - 2021-07-06 14:25 - 000000000 ____D C:\Users\thoma\AppData\Local\Packages 2022-09-05 19:21 - 2022-02-14 11:40 - 000000000 ____D C:\Program Files (x86)\Battle.net 2022-09-05 06:03 - 2021-08-09 11:44 - 000000000 ____D C:\Program Files (x86)\Brother 2022-09-05 05:55 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-09-05 05:21 - 2020-11-19 09:32 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-09-04 21:19 - 2022-02-14 11:41 - 000000000 ____D C:\Users\thoma\AppData\Roaming\Battle.net 2022-09-03 05:11 - 2021-07-06 14:53 - 001338931 _____ C:\Users\thoma\Desktop\euromillions.xlsx 2022-09-02 08:48 - 2021-07-06 14:41 - 002835920 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2022-09-02 08:48 - 2021-07-06 14:41 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2022-09-02 08:48 - 2021-07-06 14:41 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2022-09-02 08:47 - 2021-11-23 19:46 - 000153040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2022-09-02 08:47 - 2021-07-06 14:41 - 000443856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2022-09-02 08:47 - 2021-07-06 14:41 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2022-09-02 08:47 - 2021-07-06 14:41 - 000067024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe 2022-09-01 03:55 - 2022-01-25 05:33 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-08-31 23:12 - 2022-01-25 05:34 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-08-31 23:12 - 2022-01-25 05:34 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-31 23:12 - 2022-01-24 13:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1642668554-3998576367-291681537-1001 2022-08-30 23:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2022-08-30 15:32 - 2021-07-18 15:43 - 000000000 ____D C:\Users\thoma\Desktop\thomas 2022-08-30 05:06 - 2022-05-12 09:18 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{44A16DE6-DF0C-47A5-8D1E-942C9AC6977E} 2022-08-30 05:06 - 2022-05-12 09:18 - 000003542 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5B3170B5-296C-474B-AAEA-7E9A01F487AC} 2022-08-29 23:03 - 2020-11-19 09:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-08-29 07:44 - 2021-09-18 20:51 - 000000000 ____D C:\Users\thoma\AppData\Roaming\discord 2022-08-29 07:33 - 2021-09-18 20:51 - 000000000 ____D C:\Users\thoma\AppData\Local\Discord 2022-08-28 02:28 - 2022-01-24 13:20 - 000000000 ____D C:\Users\thoma 2022-08-25 23:28 - 2021-07-06 14:26 - 000000000 ____D C:\Users\thoma\AppData\Local\PlaceholderTileLogoFolder 2022-08-25 03:56 - 2021-12-09 05:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2022-08-25 03:55 - 2022-01-25 14:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2022-08-24 17:12 - 2021-07-06 14:26 - 000000000 ____D C:\Users\thoma\AppData\Local\NVIDIA Corporation 2022-08-24 01:04 - 2022-01-24 13:39 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2022-08-23 08:48 - 2022-01-24 13:39 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-23 08:48 - 2022-01-24 13:39 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-08-22 17:25 - 2022-02-01 15:25 - 000000000 ____D C:\Users\thoma\Desktop\loyer mimizan 2022-08-18 04:35 - 2020-12-23 22:00 - 000000000 ____D C:\ProgramData\SteelSeries 2022-08-18 04:35 - 2020-12-23 22:00 - 000000000 ____D C:\Program Files\SteelSeries 2022-08-16 12:38 - 2021-07-13 08:47 - 000000000 ____D C:\Users\thoma\AppData\Local\WhatsApp 2022-08-13 16:23 - 2021-07-07 12:32 - 000000000 ____D C:\Users\thoma\AppData\Local\NVIDIA 2022-08-13 16:22 - 2022-01-24 13:39 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2022-01-24 13:39 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-08-13 16:22 - 2020-12-23 21:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2022-08-13 16:22 - 2020-12-23 21:48 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-08-13 16:22 - 2020-12-23 21:48 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2022-08-12 05:52 - 2022-02-06 05:11 - 000000000 ____D C:\Users\thoma\Desktop\erwan 2022-08-09 20:11 - 2022-01-24 13:36 - 000479672 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning 2022-08-09 20:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-09 19:47 - 2021-07-06 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-09 19:44 - 2021-07-06 15:39 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-09 19:44 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-09 19:42 - 2022-01-24 13:36 - 003103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-09 19:40 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-09 19:06 - 2021-10-15 19:51 - 000000000 ____D C:\Users\thoma\AppData\Roaming\audacity 2022-08-09 19:04 - 2021-11-04 08:04 - 000000000 ____D C:\Users\thoma\Documents\Audacity ==================== Fichiers à la racine de certains dossiers ======== 2017-01-14 13:37 - 2017-01-14 13:37 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll 2021-07-30 19:40 - 2021-07-30 19:40 - 000007859 _____ () C:\Users\thoma\AppData\Roaming\pcouffin.cat 2021-07-30 19:40 - 2021-07-30 19:40 - 000001167 _____ () C:\Users\thoma\AppData\Roaming\pcouffin.inf 2021-07-30 19:40 - 2021-07-30 19:40 - 000000055 _____ () C:\Users\thoma\AppData\Roaming\pcouffin.log 2021-07-30 19:40 - 2021-07-30 19:40 - 000082816 _____ (VSO Software) C:\Users\thoma\AppData\Roaming\pcouffin.sys 2021-07-20 19:31 - 2021-07-20 19:31 - 000000000 _____ () C:\Users\thoma\AppData\Local\oobelibMkey.log 2022-09-06 16:08 - 2022-09-07 05:16 - 000007602 _____ () C:\Users\thoma\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 2021-08-09 11:46 - 2017-12-26 13:13 - 000318464 _____ ( ) C:\WINDOWS\system32\BrFaxTxAppRunA64.dll 2021-08-09 11:46 - 2018-05-02 15:25 - 000091648 _____ () C:\WINDOWS\system32\BrNetSti.dll 2021-08-09 11:46 - 2017-06-20 14:32 - 000065024 _____ () C:\WINDOWS\system32\Brnsplg.dll 2021-08-09 11:46 - 2005-04-22 13:36 - 000143360 _____ C:\WINDOWS\system32\BrSNMP64.dll 2021-08-09 11:46 - 2017-06-20 14:30 - 000072192 _____ () C:\WINDOWS\system32\BrWiaNCp.dll 2021-07-17 08:44 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL 2021-07-17 08:44 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BLHE.DLL 2021-07-17 08:44 - 2013-10-22 04:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLHE.DLL 2021-07-06 14:41 - 2022-09-02 08:48 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2021-08-09 11:46 - 2017-06-12 15:26 - 000252928 _____ () C:\WINDOWS\system32\NSSRH64.dll 2021-09-03 19:59 - 2006-08-25 23:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll 2012-09-23 20:43 - 2011-01-12 12:53 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2016-12-16 14:04 - 2016-12-16 14:04 - 000073728 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll 2016-12-16 14:04 - 2016-12-16 14:04 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll 2018-03-22 13:13 - 2018-03-22 13:13 - 000005120 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll 2021-09-03 19:59 - 2006-08-26 00:07 - 001024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll 2021-09-03 19:59 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll 2021-09-03 19:59 - 2006-08-26 00:28 - 001017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll 2012-09-23 20:43 - 2011-01-12 13:19 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71chs.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71cht.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71deu.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71enu.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71esp.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71fra.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71ita.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71jpn.dll 2012-09-23 20:43 - 2011-01-12 13:25 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71kor.dll 2012-09-23 20:43 - 2011-01-12 13:36 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll 2011-04-15 17:26 - 2011-04-15 17:26 - 001598464 _____ (Micro-Star International Co., Ltd.) C:\WINDOWS\SysWOW64\MSIWmiAcpi.dll 2021-09-03 19:59 - 2005-01-20 19:25 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll 2021-09-03 19:59 - 2002-01-05 05:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll 2012-09-23 20:43 - 2007-02-01 22:13 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2021-09-03 19:59 - 2007-01-30 22:04 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2012-09-23 20:43 - 2007-02-01 19:11 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2021-09-03 19:59 - 1993-07-23 19:31 - 000210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll 2016-12-16 14:04 - 2016-12-16 14:04 - 000216064 _____ (brother) C:\WINDOWS\SysWOW64\NSSearch.dll 2017-01-14 13:37 - 2017-01-14 13:37 - 000278528 _____ (Real Networks, Inc) C:\WINDOWS\SysWOW64\pncrt.dll 2021-09-03 19:59 - 1996-01-12 03:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb40032.dll 2022-09-07 09:41 - 2022-09-07 09:41 - 002371072 _____ (Farbar) C:\Users\thoma\Desktop\FRST64.exe 2022-09-08 05:00 - 2022-09-08 05:00 - 000929992 _____ C:\Users\thoma\Desktop\MyInfoDrive2.exe 2022-09-07 14:13 - 2022-09-07 14:13 - 003304136 _____ (Nicolas Coolman) C:\Users\thoma\Desktop\ZHPCleaner(1).exe 2022-09-08 12:41 - 2022-09-08 12:41 - 003506376 _____ (Nicolas Coolman) C:\Users\thoma\Desktop\ZHPSuite.exe 2022-02-28 09:02 - 2022-02-28 09:02 - 009577963 _____ (100Percentile Education Private Ltd............... ) C:\Users\thoma\Downloads\Aspire.exe 2022-09-05 06:29 - 2022-09-05 06:29 - 003303624 _____ (Nicolas Coolman) C:\Users\thoma\Downloads\ZHPCleaner.exe 2022-09-07 09:28 - 2022-09-07 09:28 - 003505864 _____ (Nicolas Coolman) C:\Users\thoma\Downloads\ZHPSuite(1).exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} timeout 2 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {e2a06daa-6178-11eb-9788-2cf05db772f6} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {e2a06dad-6178-11eb-9788-2cf05db772f6} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {e2a06daa-6178-11eb-9788-2cf05db772f6} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {e2a06dad-6178-11eb-9788-2cf05db772f6} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{e2a06dae-6178-11eb-9788-2cf05db772f6} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{e2a06dae-6178-11eb-9788-2cf05db772f6} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {e2a06daa-6178-11eb-9788-2cf05db772f6} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {e2a06dad-6178-11eb-9788-2cf05db772f6} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {e2a06dae-6178-11eb-9788-2cf05db772f6} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================