Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05.03.2024
Exécuté par Michael portable (administrateur) sur LAPTOP-J20Q1AEC (Acer Aspire A715-71G) (07-03-2024 17:09:48)
Exécuté depuis C:\Users\Michael portable\Desktop\FRST64.exe
Profils chargés: Michael portable
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) Langue: Français (France)
Navigateur par défaut non détecté(e)!
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\Michael portable\AppData\Roaming\ZHP\ZHPSuite.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_6eae42cbc3ee7e36\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3022640 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Discord] => C:\Users\Michael portable\AppData\Local\Discord\Update.exe [1525024 2023-09-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Steam] => D:\Steam\steam.exe [4388712 2024-02-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-02-29] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [MicrosoftEdgeAutoLaunch_E23EDDDAB769BFCD5C57CE8613294F03] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70921216 2024-02-23] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2730600 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.96\Installer\chrmstp.exe [2024-03-07] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {FE55443C-B203-42B9-8EA1-36ED0DF3A4D9} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {4232493A-22AD-4DCB-AA77-C405CC56344B} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-05-24] (Acer Incorporated -> )
Task: {F7293AA1-5C61-4DE2-9599-0316B82B0DA4} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {6B052AE7-48C9-4851-8C41-7827AB318731} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {EACFBFE5-9A44-413C-9656-306CC986C19F} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {3A990FA8-9B8D-488D-B313-C2141AEBEDE2} - System32\Tasks\AcerCloud => C:\ProgramData\acer\Acer Portal\launchPortal.exe [25816 2017-06-07] (Acer Incorporated -> )
Task: {1ED6C09D-6E2E-494C-84DD-BC41DD341CD7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {77EC4474-E1D9-4BFC-8364-51EBFDD8C5F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {1BE5C689-BCF2-46A1-98D9-E2A7B873924C} - System32\Tasks\App Explorer => C:\Users\Michael portable\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7132056 2018-11-16] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {F84CA5B7-2F6B-4C54-9352-A6A92A263FA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {4D1837AE-A9A7-4E05-BB39-1C84BC07493E} - System32\Tasks\DashlaneUpgradeCheck => C:\Windows\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {9B7496CE-8E30-4CA1-9683-B5AFBEB6934F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-09] (Google Inc -> Google Inc.)
Task: {E78BB13C-49B7-4019-8B35-00F3D5A8CF59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-09] (Google Inc -> Google Inc.)
Task: {963CB3A6-AF1F-4D4C-BBAA-78888A31FD81} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E58BCB3C-00DE-433B-A971-87A0247AEB6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE193106-4A87-4E50-93C4-2CE216EE026D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC58BE9A-CB4F-4960-BAA8-7A845C559BE7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {51F45166-C338-4713-A28C-69A7DBFBF545} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [362192 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {22E81204-B3CB-4876-ABC0-7671336F00BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A6BBFCF-D527-448F-B2A1-AE5B846179C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52E17AD4-77C8-44BF-A656-56A6AC2DF0A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F99B0918-95AF-47F4-A408-EA4C381D0777} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D0AC6C5-9876-4160-9EE5-E47E5BB5F89D} - System32\Tasks\MonitorAcerPortal => C:\ProgramData\acer\Acer Portal\monitorPortal.exe [32472 2017-06-07] (Acer Incorporated -> )
Task: {94B520CB-2AF6-4031-A284-FA549A310812} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {38892324-CF96-4D0A-97E8-A9A3AF5BD19E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd -> Overwolf LTD)
Task: {29F007BA-7773-4D5C-BE49-A93B5C29BB3C} - System32\Tasks\PicstreamAgent => C:\Program -> Files (x86)\Acer\AOP Framework\uwplauncher.exe AcerIncorporated.6245439DEEE9E_48frkmn4z8aw4!abPhoto
Task: {F02416EF-5579-4400-8756-CEEE4F357BFD} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {8685D05A-C5EC-492D-B522-641C7AD7811C} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {AFC83945-2AB4-4D51-A7C8-ABB130BD7972} - System32\Tasks\Reveil => "C:\Users\Michael portable\Downloads\taimadou-gakuen-35-shiken-shoutai-ost-05-katana.mp3" (Pas de fichier)
Task: {C75C6A22-5E84-4836-A5AC-5173AD9EE123} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3A7651B8-A9C7-4C33-8EE0-10D0F346D744} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5BAF9DD1-069E-4D02-AAF7-BAAC7EEC01D2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CFEB7D94-4D23-4D80-9BF5-C16581F9C9FE} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2019-09-25] (Acer Incorporated -> Acer Incorporated)
Task: {3E7A1602-1D8F-4BAB-A571-205CD9960A9C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-05-23] (Acer Incorporated -> TODO:)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2da80c44-aa24-46c3-a98a-c6e941ad31fd}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\07F6D6D656F54656F54756272756: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\14E64627F696461405: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\356425F533936303F5537484A5: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\6427565626F687D2533423337383: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\6627565626F687F56454C405B4D4: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\F42716E67656D235868343D25374: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\F42716E67656D287358343: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-05]
Edge Extension: (Google Docs hors connexion) - C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
FireFox:
========
FF DefaultProfile: 0h12u5cv.default
FF ProfilePath: C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default [2022-01-29]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\abb-acer@amazon.com.xpi [2019-02-24] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Français Language Pack) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-02-24]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\partnerdefaults@mozilla.com [2018-05-06] []
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\sp@avast.com.xpi [2019-04-05]
FF Extension: (Avast Online Security) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\wrc@avast.com.xpi [2018-07-12]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default [2024-03-07]
CHR DownloadDir: C:\Users\Michael portable\Downloads\Mods
CHR Extension: (uBlock Origin) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-26]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-29]
CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-27]
CHR HKU\S-1-5-21-3647026253-681534332-4003124083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-17] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12096104 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-10-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_6eae42cbc3ee7e36\Display.NvContainer\NVDisplay.Container.exe [1275440 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd -> Overwolf LTD)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [189768 2022-11-09] (Qualcomm Atheros, Inc. -> )
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9647712 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36792 2022-06-06] (Acer Incorporated -> Acer Incorporated)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2022-01-29] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [40832 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl7b8e0364; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{49345FCF-5760-4389-AB9D-16E404292BC5}\MpKslDrv.sys [300312 2024-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21861160 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-03-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-04] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; pas de ImagePath
S3 HWiNFO_190; \??\C:\Users\MICHAE~1\AppData\Local\Temp\HWiNFO64A_190.SYS [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-07 17:09 - 2024-03-07 17:10 - 000025116 _____ C:\Users\Michael portable\Desktop\FRST.txt
2024-03-07 17:09 - 2024-03-07 17:09 - 000270617 _____ C:\Users\Michael portable\Desktop\ZHPDiag.txt
2024-03-07 16:56 - 2024-03-07 16:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Oem
2024-03-07 16:56 - 2024-03-07 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2024-03-07 16:50 - 2024-03-07 16:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-03-07 16:46 - 2024-03-07 16:46 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3647026253-681534332-4003124083-1001
2024-03-07 16:46 - 2024-03-07 16:46 - 000002438 _____ C:\Users\Michael portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-07 16:46 - 2024-03-07 16:46 - 000000000 ____D C:\Users\Michael portable\AppData\Local\OneDrive
2024-03-06 20:11 - 2024-03-06 20:11 - 005915672 _____ (Crystal Dew World ) C:\Users\Michael portable\Downloads\CrystalDiskInfo9_2_3.exe
2024-03-06 15:18 - 2024-03-07 17:10 - 000000000 ____D C:\FRST
2024-03-06 15:17 - 2024-03-06 15:17 - 002390016 _____ (Farbar) C:\Users\Michael portable\Desktop\FRST64.exe
2024-03-06 15:04 - 2024-03-07 17:09 - 000000135 _____ C:\Users\Michael
2024-03-06 15:01 - 2024-03-07 17:09 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\ZHP
2024-03-06 15:01 - 2024-03-06 15:01 - 000000880 _____ C:\Users\Michael portable\Desktop\ZHPSuite.lnk
2024-03-06 15:01 - 2024-03-06 15:01 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ZHP
2024-03-05 16:05 - 2024-03-05 16:05 - 000586576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-05 16:05 - 2024-03-05 16:05 - 000000000 ____D C:\WINDOWS\Panther
2024-03-05 02:52 - 2024-03-05 02:52 - 000033637 _____ C:\WINDOWS\system32\battery-report.html
2024-03-04 22:12 - 2024-03-04 22:12 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ItTakesTwo
2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Link2EA
2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Electronic Arts
2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\EADesktop
2024-03-04 21:37 - 2024-03-04 22:11 - 000000000 ____D C:\ProgramData\EA Desktop
2024-03-04 21:37 - 2024-03-04 21:37 - 000002142 _____ C:\Users\Public\Desktop\EA.lnk
2024-03-04 21:37 - 2024-03-04 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2024-03-04 19:00 - 2024-03-04 19:00 - 000000203 _____ C:\Users\Michael portable\Desktop\It Takes Two Friend's Pass.url
2024-02-28 18:29 - 2024-03-01 00:04 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\riot-client-ux
2024-02-17 15:24 - 2024-02-17 15:24 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\LibreOffice
2024-02-17 15:22 - 2024-02-17 15:22 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 24.2.lnk
2024-02-17 15:22 - 2024-02-17 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2
2024-02-17 15:21 - 2024-02-17 15:22 - 000000000 ____D C:\Program Files\LibreOffice
2024-02-15 15:27 - 2024-02-15 15:27 - 000000000 ___HD C:\$WinREAgent
2024-01-31 20:49 - 2024-01-31 20:49 - 003666959 _____ C:\Users\Michael portable\Downloads\redus - Icter neonatal franceza transformat copy.pptx
2024-01-29 19:17 - 2024-01-29 19:17 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Valve Corporation
2024-01-29 12:53 - 2024-01-29 12:53 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-29 12:52 - 2024-01-29 12:52 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-28 23:36 - 2024-01-28 23:36 - 000000000 ____D C:\Users\Michael portable\AppData\Local\TEKKEN 8
2024-01-28 17:43 - 2024-01-28 17:43 - 000000203 _____ C:\Users\Michael portable\Desktop\TEKKEN 8.url
2024-01-28 13:10 - 2024-01-28 13:10 - 000000000 ____D C:\Program Files\dotnet
2024-01-26 22:37 - 2024-01-26 22:37 - 000000000 ____D C:\Users\Michael portable\AppData\Local\TEKKEN 8 Demo
2024-01-18 21:14 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-01-18 21:14 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-01-18 21:14 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-18 21:14 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-01-18 21:13 - 2024-01-18 21:13 - 001487496 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-01-18 21:13 - 2024-01-18 21:13 - 001226888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-01-18 21:09 - 2024-01-18 21:09 - 001040408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-01-18 21:09 - 2024-01-18 21:09 - 000670360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-01-18 21:09 - 2024-01-18 21:09 - 000506008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-01-18 21:08 - 2024-01-18 21:08 - 001542192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-01-18 21:08 - 2024-01-18 21:08 - 001199128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-01-18 21:08 - 2024-01-18 21:08 - 000841864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-01-18 21:07 - 2024-01-18 21:07 - 002174104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-01-18 21:07 - 2024-01-18 21:07 - 001625648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-01-18 21:07 - 2024-01-18 21:07 - 001023512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-01-18 21:07 - 2024-01-18 21:07 - 000786968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 016032904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 012928136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 006780976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 005772936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 003721352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 000459928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-01-18 21:05 - 2024-01-18 21:05 - 005907480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-01-18 21:05 - 2024-01-18 21:05 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-01-18 21:03 - 2024-01-18 21:03 - 006030576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-01-18 12:32 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-21 17:55 - 2023-12-21 17:55 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-19 03:11 - 2023-12-19 03:11 - 001315800 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2023-12-16 21:20 - 2023-12-16 21:20 - 071456520 _____ (Riot Games, Inc.) C:\Users\Michael portable\Downloads\Install League of Legends PBE pbe.exe
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-07 17:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-07 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-07 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-07 17:05 - 2018-07-20 19:23 - 000000000 ____D C:\Users\Michael portable\AppData\Local\D3DSCache
2024-03-07 16:56 - 2017-12-25 14:03 - 000000000 ____D C:\Program Files (x86)\Acer
2024-03-07 16:55 - 2020-11-05 00:13 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-07 16:55 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-03-07 16:55 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-03-07 16:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-07 16:53 - 2020-11-05 00:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2024-03-07 16:52 - 2021-12-26 17:28 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-07 16:52 - 2018-05-09 09:15 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-07 16:50 - 2022-01-29 19:50 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-07 16:50 - 2020-11-05 00:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-07 16:50 - 2020-11-05 00:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-07 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-07 16:50 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-03-07 16:50 - 2018-05-12 13:17 - 000000000 ____D C:\ProgramData\AVAST Software
2024-03-07 16:50 - 2018-05-06 01:02 - 000000000 __SHD C:\Users\Michael portable\IntelGraphicsProfiles
2024-03-07 16:50 - 2017-12-25 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-07 16:50 - 2017-12-25 13:48 - 000000000 ___HD C:\Intel
2024-03-07 16:49 - 2018-08-28 14:33 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\discord
2024-03-07 16:46 - 2023-09-29 14:24 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Discord
2024-03-07 16:46 - 2020-11-05 00:11 - 000003400 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3647026253-681534332-4003124083-1001
2024-03-07 16:45 - 2018-07-12 17:25 - 000000000 ____D C:\Users\Michael portable\AppData\Local\AVAST Software
2024-03-07 16:45 - 2018-05-12 13:32 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\AVAST Software
2024-03-07 16:41 - 2023-10-06 11:22 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2024-03-07 16:41 - 2023-10-06 11:22 - 000002300 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2024-03-07 16:41 - 2021-09-15 16:48 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-03-07 16:41 - 2020-11-05 00:11 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-07 16:41 - 2020-11-05 00:11 - 000002292 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ASC
2024-03-07 16:38 - 2019-03-04 20:33 - 000000000 ____D C:\Users\Michael portable\Downloads\Mods
2024-03-07 16:12 - 2023-05-20 19:55 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Malwarebytes
2024-03-07 16:06 - 2020-11-05 00:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-07 01:17 - 2018-05-09 09:16 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-07 01:17 - 2018-05-09 09:16 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-06 21:12 - 2021-09-15 16:48 - 000002343 _____ C:\Users\Michael portable\Desktop\CurseForge.lnk
2024-03-06 21:12 - 2021-09-15 16:46 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Overwolf
2024-03-06 16:57 - 2021-09-30 20:48 - 000000000 ____D C:\Steam
2024-03-06 15:06 - 2020-11-05 00:11 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 15:06 - 2020-11-05 00:11 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-06 02:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-06 01:26 - 2020-11-05 00:05 - 000000000 ____D C:\Users\Michael portable
2024-03-06 01:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-03-05 23:47 - 2018-05-14 12:57 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\MMC
2024-03-05 18:08 - 2018-05-16 16:10 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\TS3Client
2024-03-05 16:02 - 2022-11-19 09:37 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-03-05 15:22 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-05 02:07 - 2021-07-15 17:32 - 000007666 _____ C:\Users\Michael portable\AppData\Local\Resmon.ResmonCfg
2024-03-04 23:19 - 2018-07-20 19:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-04 23:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-04 22:57 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-03-04 22:56 - 2018-05-12 13:18 - 000918944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-03-04 21:37 - 2023-02-11 17:00 - 000000000 ____D C:\Program Files\Electronic Arts
2024-03-04 21:37 - 2017-12-25 13:41 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-04 19:00 - 2020-08-18 18:08 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-03 15:00 - 2020-06-15 01:35 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-03 15:00 - 2020-06-15 01:35 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-02 21:09 - 2018-05-10 21:52 - 000000000 ____D C:\Users\Michael portable\AppData\Local\CrashDumps
2024-03-02 20:47 - 2023-09-16 00:50 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-03-01 15:02 - 2021-09-15 16:48 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-01 00:04 - 2018-06-16 15:07 - 000000000 ____D C:\ProgramData\Riot Games
2024-02-29 14:55 - 2023-09-16 00:13 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-02-27 02:28 - 2022-10-24 16:18 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-27 02:28 - 2022-10-24 16:18 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-26 17:07 - 2018-11-02 19:03 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Excel
2024-02-26 17:07 - 2018-05-06 01:02 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Packages
2024-02-26 17:04 - 2017-12-25 14:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-22 19:33 - 2018-06-07 22:14 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\.minecraft
2024-02-22 18:36 - 2021-09-12 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-02-22 18:36 - 2018-06-16 15:04 - 000000000 ____D C:\Riot Games
2024-02-22 17:33 - 2018-08-28 14:33 - 000002286 _____ C:\Users\Michael portable\Desktop\Discord.lnk
2024-02-18 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-18 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-17 15:56 - 2018-05-06 01:04 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Word
2024-02-15 16:04 - 2020-11-05 00:04 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-15 15:43 - 2018-05-06 10:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-15 15:38 - 2018-05-06 10:59 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-13 19:59 - 2023-09-16 16:39 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Jumpstart.lnk
2024-02-13 19:59 - 2021-01-06 14:09 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2024-02-13 19:59 - 2019-09-16 11:15 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-02-13 19:59 - 2019-09-16 11:15 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-02-13 19:59 - 2017-12-25 14:04 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk
2024-02-08 19:27 - 2019-04-15 13:44 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ElevatedDiagnostics
==================== Fichiers à la racine de certains dossiers ========
2018-07-12 17:37 - 2023-06-13 15:13 - 000000129 _____ () C:\Users\Michael portable\AppData\Roaming\D2Info0
2018-07-12 17:37 - 2023-05-27 18:17 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_1
2019-01-06 00:55 - 2023-05-27 17:31 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_2
2019-07-03 21:41 - 2023-06-13 15:17 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_3
2019-07-04 21:20 - 2019-07-04 21:20 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_4
2019-03-08 16:16 - 2023-10-09 12:36 - 000000128 _____ () C:\Users\Michael portable\AppData\Roaming\winscp.rnd
2021-01-15 18:41 - 2021-01-15 18:41 - 000000128 _____ () C:\Users\Michael portable\AppData\Local\PUTTY.RND
2021-07-15 17:32 - 2024-03-05 02:07 - 000007666 _____ () C:\Users\Michael portable\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
1996-12-17 00:00 - 1996-12-17 00:00 - 000123904 _____ (Microsoft) C:\WINDOWS\SysWOW64\ACCWIZ.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000007440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\APPXEC32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000006976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMC.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000151584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CNFNOT32.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000057342 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMMTB32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000094320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONTAB32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONVDSN.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000022016 _____ C:\WINDOWS\SysWOW64\DOCOBJ.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000004656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS16GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS32GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000518928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EMSUIX32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000304976 _____ (Microsoft Corperation) C:\WINDOWS\SysWOW64\ETEXCH32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 001123600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000028432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20FRA.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ C:\WINDOWS\SysWOW64\HLINKPRX.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HLP95EN.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IMGWALK.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000497600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPI.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000025392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISP32.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000041152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISRVR.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000097040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MDISP32.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCANS32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000242144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MINET32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000007904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ML3XEC16.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000297808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMFMIG32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000094208 _____ C:\WINDOWS\SysWOW64\MSENCODE.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSEXCL35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000502640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFS32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000120320 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMUSIC.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000016304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINF16H.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 001038848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000041232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000024336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOTHUNK.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000509712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPST32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000251664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000368400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000402704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSTEXT35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXBSE35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000026224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC16GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC32GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000022016 _____ C:\WINDOWS\SysWOW64\ODBCSTF.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCTL32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PICSTORE.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PUBDLG.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000093456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\REFEDIT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCP32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000032256 _____ (Microsoft) C:\WINDOWS\SysWOW64\SELFREG.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ C:\WINDOWS\SysWOW64\VAFR232.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBSFR.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000020080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSSPI.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 001059088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSUI32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000048640 _____ C:\WINDOWS\SysWOW64\WRKGADM.EXE
2024-03-06 15:17 - 2024-03-06 15:17 - 002390016 _____ (Farbar) C:\Users\Michael portable\Desktop\FRST64.exe
2018-06-16 14:58 - 2018-06-16 15:02 - 078846496 _____ (Riot Games, Inc) C:\Users\Michael portable\Downloads\League of Legends installer EUW.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{cc13f02d-e9b2-11e7-8d53-9829a64a5eeb}
{cc13f02e-e9b2-11e7-8d53-9829a64a5eeb}
{cc13f02f-e9b2-11e7-8d53-9829a64a5eeb}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {cc13f02d-e9b2-11e7-8d53-9829a64a5eeb}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {cc13f02e-e9b2-11e7-8d53-9829a64a5eeb}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {cc13f02f-e9b2-11e7-8d53-9829a64a5eeb}
description EFI Network
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec}
nx OptOut
bootmenupolicy Standard
usefirmwarepcisettings No
Chargeur de démarrage Windows
-----------------------------
identificateur {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ed08bc54-1ef1-11eb-8ad8-aea017ee99ec}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ed08bc54-1ef1-11eb-8ad8-aea017ee99ec}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {ed08bc54-1ef1-11eb-8ad8-aea017ee99ec}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Michael portable (administrateur) sur LAPTOP-J20Q1AEC (Acer Aspire A715-71G) (07-03-2024 17:09:48)
Exécuté depuis C:\Users\Michael portable\Desktop\FRST64.exe
Profils chargés: Michael portable
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) Langue: Français (France)
Navigateur par défaut non détecté(e)!
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\Michael portable\AppData\Roaming\ZHP\ZHPSuite.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_6eae42cbc3ee7e36\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3022640 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Discord] => C:\Users\Michael portable\AppData\Local\Discord\Update.exe [1525024 2023-09-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Steam] => D:\Steam\steam.exe [4388712 2024-02-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-02-29] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [MicrosoftEdgeAutoLaunch_E23EDDDAB769BFCD5C57CE8613294F03] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70921216 2024-02-23] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2730600 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.96\Installer\chrmstp.exe [2024-03-07] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {FE55443C-B203-42B9-8EA1-36ED0DF3A4D9} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {4232493A-22AD-4DCB-AA77-C405CC56344B} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-05-24] (Acer Incorporated -> )
Task: {F7293AA1-5C61-4DE2-9599-0316B82B0DA4} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {6B052AE7-48C9-4851-8C41-7827AB318731} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {EACFBFE5-9A44-413C-9656-306CC986C19F} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {3A990FA8-9B8D-488D-B313-C2141AEBEDE2} - System32\Tasks\AcerCloud => C:\ProgramData\acer\Acer Portal\launchPortal.exe [25816 2017-06-07] (Acer Incorporated -> )
Task: {1ED6C09D-6E2E-494C-84DD-BC41DD341CD7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {77EC4474-E1D9-4BFC-8364-51EBFDD8C5F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {1BE5C689-BCF2-46A1-98D9-E2A7B873924C} - System32\Tasks\App Explorer => C:\Users\Michael portable\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7132056 2018-11-16] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {F84CA5B7-2F6B-4C54-9352-A6A92A263FA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {4D1837AE-A9A7-4E05-BB39-1C84BC07493E} - System32\Tasks\DashlaneUpgradeCheck => C:\Windows\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {9B7496CE-8E30-4CA1-9683-B5AFBEB6934F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-09] (Google Inc -> Google Inc.)
Task: {E78BB13C-49B7-4019-8B35-00F3D5A8CF59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-09] (Google Inc -> Google Inc.)
Task: {963CB3A6-AF1F-4D4C-BBAA-78888A31FD81} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E58BCB3C-00DE-433B-A971-87A0247AEB6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE193106-4A87-4E50-93C4-2CE216EE026D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC58BE9A-CB4F-4960-BAA8-7A845C559BE7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {51F45166-C338-4713-A28C-69A7DBFBF545} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [362192 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {22E81204-B3CB-4876-ABC0-7671336F00BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A6BBFCF-D527-448F-B2A1-AE5B846179C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52E17AD4-77C8-44BF-A656-56A6AC2DF0A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F99B0918-95AF-47F4-A408-EA4C381D0777} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D0AC6C5-9876-4160-9EE5-E47E5BB5F89D} - System32\Tasks\MonitorAcerPortal => C:\ProgramData\acer\Acer Portal\monitorPortal.exe [32472 2017-06-07] (Acer Incorporated -> )
Task: {94B520CB-2AF6-4031-A284-FA549A310812} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {38892324-CF96-4D0A-97E8-A9A3AF5BD19E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd -> Overwolf LTD)
Task: {29F007BA-7773-4D5C-BE49-A93B5C29BB3C} - System32\Tasks\PicstreamAgent => C:\Program -> Files (x86)\Acer\AOP Framework\uwplauncher.exe AcerIncorporated.6245439DEEE9E_48frkmn4z8aw4!abPhoto
Task: {F02416EF-5579-4400-8756-CEEE4F357BFD} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {8685D05A-C5EC-492D-B522-641C7AD7811C} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {AFC83945-2AB4-4D51-A7C8-ABB130BD7972} - System32\Tasks\Reveil => "C:\Users\Michael portable\Downloads\taimadou-gakuen-35-shiken-shoutai-ost-05-katana.mp3" (Pas de fichier)
Task: {C75C6A22-5E84-4836-A5AC-5173AD9EE123} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3A7651B8-A9C7-4C33-8EE0-10D0F346D744} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5BAF9DD1-069E-4D02-AAF7-BAAC7EEC01D2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CFEB7D94-4D23-4D80-9BF5-C16581F9C9FE} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2019-09-25] (Acer Incorporated -> Acer Incorporated)
Task: {3E7A1602-1D8F-4BAB-A571-205CD9960A9C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-05-23] (Acer Incorporated -> TODO:
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2da80c44-aa24-46c3-a98a-c6e941ad31fd}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\07F6D6D656F54656F54756272756: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\14E64627F696461405: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\356425F533936303F5537484A5: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\6427565626F687D2533423337383: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\6627565626F687F56454C405B4D4: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\F42716E67656D235868343D25374: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\F42716E67656D287358343: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-05]
Edge Extension: (Google Docs hors connexion) - C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27]
FireFox:
========
FF DefaultProfile: 0h12u5cv.default
FF ProfilePath: C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default [2022-01-29]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\abb-acer@amazon.com.xpi [2019-02-24] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Français Language Pack) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-02-24]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\partnerdefaults@mozilla.com [2018-05-06] []
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\sp@avast.com.xpi [2019-04-05]
FF Extension: (Avast Online Security) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\wrc@avast.com.xpi [2018-07-12]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default [2024-03-07]
CHR DownloadDir: C:\Users\Michael portable\Downloads\Mods
CHR Extension: (uBlock Origin) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-26]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-29]
CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-27]
CHR HKU\S-1-5-21-3647026253-681534332-4003124083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-17] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12096104 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-10-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_6eae42cbc3ee7e36\Display.NvContainer\NVDisplay.Container.exe [1275440 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd -> Overwolf LTD)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [189768 2022-11-09] (Qualcomm Atheros, Inc. -> )
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9647712 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36792 2022-06-06] (Acer Incorporated -> Acer Incorporated)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2022-01-29] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [40832 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl7b8e0364; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{49345FCF-5760-4389-AB9D-16E404292BC5}\MpKslDrv.sys [300312 2024-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-19] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21861160 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-03-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-04] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; pas de ImagePath
S3 HWiNFO_190; \??\C:\Users\MICHAE~1\AppData\Local\Temp\HWiNFO64A_190.SYS [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-07 17:09 - 2024-03-07 17:10 - 000025116 _____ C:\Users\Michael portable\Desktop\FRST.txt
2024-03-07 17:09 - 2024-03-07 17:09 - 000270617 _____ C:\Users\Michael portable\Desktop\ZHPDiag.txt
2024-03-07 16:56 - 2024-03-07 16:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Oem
2024-03-07 16:56 - 2024-03-07 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2024-03-07 16:50 - 2024-03-07 16:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-03-07 16:46 - 2024-03-07 16:46 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3647026253-681534332-4003124083-1001
2024-03-07 16:46 - 2024-03-07 16:46 - 000002438 _____ C:\Users\Michael portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-07 16:46 - 2024-03-07 16:46 - 000000000 ____D C:\Users\Michael portable\AppData\Local\OneDrive
2024-03-06 20:11 - 2024-03-06 20:11 - 005915672 _____ (Crystal Dew World ) C:\Users\Michael portable\Downloads\CrystalDiskInfo9_2_3.exe
2024-03-06 15:18 - 2024-03-07 17:10 - 000000000 ____D C:\FRST
2024-03-06 15:17 - 2024-03-06 15:17 - 002390016 _____ (Farbar) C:\Users\Michael portable\Desktop\FRST64.exe
2024-03-06 15:04 - 2024-03-07 17:09 - 000000135 _____ C:\Users\Michael
2024-03-06 15:01 - 2024-03-07 17:09 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\ZHP
2024-03-06 15:01 - 2024-03-06 15:01 - 000000880 _____ C:\Users\Michael portable\Desktop\ZHPSuite.lnk
2024-03-06 15:01 - 2024-03-06 15:01 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ZHP
2024-03-05 16:05 - 2024-03-05 16:05 - 000586576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-05 16:05 - 2024-03-05 16:05 - 000000000 ____D C:\WINDOWS\Panther
2024-03-05 02:52 - 2024-03-05 02:52 - 000033637 _____ C:\WINDOWS\system32\battery-report.html
2024-03-04 22:12 - 2024-03-04 22:12 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ItTakesTwo
2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Link2EA
2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Electronic Arts
2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\EADesktop
2024-03-04 21:37 - 2024-03-04 22:11 - 000000000 ____D C:\ProgramData\EA Desktop
2024-03-04 21:37 - 2024-03-04 21:37 - 000002142 _____ C:\Users\Public\Desktop\EA.lnk
2024-03-04 21:37 - 2024-03-04 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2024-03-04 19:00 - 2024-03-04 19:00 - 000000203 _____ C:\Users\Michael portable\Desktop\It Takes Two Friend's Pass.url
2024-02-28 18:29 - 2024-03-01 00:04 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\riot-client-ux
2024-02-17 15:24 - 2024-02-17 15:24 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\LibreOffice
2024-02-17 15:22 - 2024-02-17 15:22 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 24.2.lnk
2024-02-17 15:22 - 2024-02-17 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2
2024-02-17 15:21 - 2024-02-17 15:22 - 000000000 ____D C:\Program Files\LibreOffice
2024-02-15 15:27 - 2024-02-15 15:27 - 000000000 ___HD C:\$WinREAgent
2024-01-31 20:49 - 2024-01-31 20:49 - 003666959 _____ C:\Users\Michael portable\Downloads\redus - Icter neonatal franceza transformat copy.pptx
2024-01-29 19:17 - 2024-01-29 19:17 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Valve Corporation
2024-01-29 12:53 - 2024-01-29 12:53 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-29 12:52 - 2024-01-29 12:52 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-28 23:36 - 2024-01-28 23:36 - 000000000 ____D C:\Users\Michael portable\AppData\Local\TEKKEN 8
2024-01-28 17:43 - 2024-01-28 17:43 - 000000203 _____ C:\Users\Michael portable\Desktop\TEKKEN 8.url
2024-01-28 13:10 - 2024-01-28 13:10 - 000000000 ____D C:\Program Files\dotnet
2024-01-26 22:37 - 2024-01-26 22:37 - 000000000 ____D C:\Users\Michael portable\AppData\Local\TEKKEN 8 Demo
2024-01-18 21:14 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-01-18 21:14 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-01-18 21:14 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-01-18 21:14 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-18 21:14 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-01-18 21:13 - 2024-01-18 21:13 - 001487496 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-01-18 21:13 - 2024-01-18 21:13 - 001226888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-01-18 21:09 - 2024-01-18 21:09 - 001040408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-01-18 21:09 - 2024-01-18 21:09 - 000670360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-01-18 21:09 - 2024-01-18 21:09 - 000506008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-01-18 21:08 - 2024-01-18 21:08 - 001542192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-01-18 21:08 - 2024-01-18 21:08 - 001199128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-01-18 21:08 - 2024-01-18 21:08 - 000841864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-01-18 21:07 - 2024-01-18 21:07 - 002174104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-01-18 21:07 - 2024-01-18 21:07 - 001625648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-01-18 21:07 - 2024-01-18 21:07 - 001023512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-01-18 21:07 - 2024-01-18 21:07 - 000786968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 016032904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 012928136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 006780976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 005772936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 003721352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-01-18 21:06 - 2024-01-18 21:06 - 000459928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-01-18 21:05 - 2024-01-18 21:05 - 005907480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-01-18 21:05 - 2024-01-18 21:05 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-01-18 21:03 - 2024-01-18 21:03 - 006030576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-01-18 12:32 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-21 17:55 - 2023-12-21 17:55 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-19 03:11 - 2023-12-19 03:11 - 001315800 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2023-12-16 21:20 - 2023-12-16 21:20 - 071456520 _____ (Riot Games, Inc.) C:\Users\Michael portable\Downloads\Install League of Legends PBE pbe.exe
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-03-07 17:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-07 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-07 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-07 17:05 - 2018-07-20 19:23 - 000000000 ____D C:\Users\Michael portable\AppData\Local\D3DSCache
2024-03-07 16:56 - 2017-12-25 14:03 - 000000000 ____D C:\Program Files (x86)\Acer
2024-03-07 16:55 - 2020-11-05 00:13 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-07 16:55 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-03-07 16:55 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-03-07 16:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-07 16:53 - 2020-11-05 00:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2024-03-07 16:52 - 2021-12-26 17:28 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-07 16:52 - 2018-05-09 09:15 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-07 16:50 - 2022-01-29 19:50 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-07 16:50 - 2020-11-05 00:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-07 16:50 - 2020-11-05 00:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-07 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-07 16:50 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-03-07 16:50 - 2018-05-12 13:17 - 000000000 ____D C:\ProgramData\AVAST Software
2024-03-07 16:50 - 2018-05-06 01:02 - 000000000 __SHD C:\Users\Michael portable\IntelGraphicsProfiles
2024-03-07 16:50 - 2017-12-25 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-07 16:50 - 2017-12-25 13:48 - 000000000 ___HD C:\Intel
2024-03-07 16:49 - 2018-08-28 14:33 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\discord
2024-03-07 16:46 - 2023-09-29 14:24 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Discord
2024-03-07 16:46 - 2020-11-05 00:11 - 000003400 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3647026253-681534332-4003124083-1001
2024-03-07 16:45 - 2018-07-12 17:25 - 000000000 ____D C:\Users\Michael portable\AppData\Local\AVAST Software
2024-03-07 16:45 - 2018-05-12 13:32 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\AVAST Software
2024-03-07 16:41 - 2023-10-06 11:22 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2024-03-07 16:41 - 2023-10-06 11:22 - 000002300 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2024-03-07 16:41 - 2021-09-15 16:48 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-03-07 16:41 - 2020-11-05 00:11 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-07 16:41 - 2020-11-05 00:11 - 000002292 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ASC
2024-03-07 16:38 - 2019-03-04 20:33 - 000000000 ____D C:\Users\Michael portable\Downloads\Mods
2024-03-07 16:12 - 2023-05-20 19:55 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Malwarebytes
2024-03-07 16:06 - 2020-11-05 00:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-07 01:17 - 2018-05-09 09:16 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-07 01:17 - 2018-05-09 09:16 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-06 21:12 - 2021-09-15 16:48 - 000002343 _____ C:\Users\Michael portable\Desktop\CurseForge.lnk
2024-03-06 21:12 - 2021-09-15 16:46 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Overwolf
2024-03-06 16:57 - 2021-09-30 20:48 - 000000000 ____D C:\Steam
2024-03-06 15:06 - 2020-11-05 00:11 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 15:06 - 2020-11-05 00:11 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-06 02:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-06 01:26 - 2020-11-05 00:05 - 000000000 ____D C:\Users\Michael portable
2024-03-06 01:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-03-05 23:47 - 2018-05-14 12:57 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\MMC
2024-03-05 18:08 - 2018-05-16 16:10 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\TS3Client
2024-03-05 16:02 - 2022-11-19 09:37 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-03-05 15:22 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-05 02:07 - 2021-07-15 17:32 - 000007666 _____ C:\Users\Michael portable\AppData\Local\Resmon.ResmonCfg
2024-03-04 23:19 - 2018-07-20 19:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-04 23:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-04 22:57 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-03-04 22:56 - 2018-05-12 13:18 - 000918944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-03-04 21:37 - 2023-02-11 17:00 - 000000000 ____D C:\Program Files\Electronic Arts
2024-03-04 21:37 - 2017-12-25 13:41 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-04 19:00 - 2020-08-18 18:08 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-03 15:00 - 2020-06-15 01:35 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-03 15:00 - 2020-06-15 01:35 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-02 21:09 - 2018-05-10 21:52 - 000000000 ____D C:\Users\Michael portable\AppData\Local\CrashDumps
2024-03-02 20:47 - 2023-09-16 00:50 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-03-01 15:02 - 2021-09-15 16:48 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-01 00:04 - 2018-06-16 15:07 - 000000000 ____D C:\ProgramData\Riot Games
2024-02-29 14:55 - 2023-09-16 00:13 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-02-27 02:28 - 2022-10-24 16:18 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-27 02:28 - 2022-10-24 16:18 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-26 17:07 - 2018-11-02 19:03 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Excel
2024-02-26 17:07 - 2018-05-06 01:02 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Packages
2024-02-26 17:04 - 2017-12-25 14:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-22 19:33 - 2018-06-07 22:14 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\.minecraft
2024-02-22 18:36 - 2021-09-12 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-02-22 18:36 - 2018-06-16 15:04 - 000000000 ____D C:\Riot Games
2024-02-22 17:33 - 2018-08-28 14:33 - 000002286 _____ C:\Users\Michael portable\Desktop\Discord.lnk
2024-02-18 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-18 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-17 15:56 - 2018-05-06 01:04 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Word
2024-02-15 16:04 - 2020-11-05 00:04 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-15 15:43 - 2018-05-06 10:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-15 15:38 - 2018-05-06 10:59 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-13 19:59 - 2023-09-16 16:39 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Jumpstart.lnk
2024-02-13 19:59 - 2021-01-06 14:09 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2024-02-13 19:59 - 2019-09-16 11:15 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-02-13 19:59 - 2019-09-16 11:15 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-02-13 19:59 - 2017-12-25 14:04 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk
2024-02-08 19:27 - 2019-04-15 13:44 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ElevatedDiagnostics
==================== Fichiers à la racine de certains dossiers ========
2018-07-12 17:37 - 2023-06-13 15:13 - 000000129 _____ () C:\Users\Michael portable\AppData\Roaming\D2Info0
2018-07-12 17:37 - 2023-05-27 18:17 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_1
2019-01-06 00:55 - 2023-05-27 17:31 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_2
2019-07-03 21:41 - 2023-06-13 15:17 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_3
2019-07-04 21:20 - 2019-07-04 21:20 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_4
2019-03-08 16:16 - 2023-10-09 12:36 - 000000128 _____ () C:\Users\Michael portable\AppData\Roaming\winscp.rnd
2021-01-15 18:41 - 2021-01-15 18:41 - 000000128 _____ () C:\Users\Michael portable\AppData\Local\PUTTY.RND
2021-07-15 17:32 - 2024-03-05 02:07 - 000007666 _____ () C:\Users\Michael portable\AppData\Local\Resmon.ResmonCfg
==================== SigCheckExt =========================
1996-12-17 00:00 - 1996-12-17 00:00 - 000123904 _____ (Microsoft) C:\WINDOWS\SysWOW64\ACCWIZ.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000007440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\APPXEC32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000006976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMC.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000151584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CNFNOT32.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000057342 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMMTB32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000094320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONTAB32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONVDSN.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000022016 _____ C:\WINDOWS\SysWOW64\DOCOBJ.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000004656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS16GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS32GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000518928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EMSUIX32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000304976 _____ (Microsoft Corperation) C:\WINDOWS\SysWOW64\ETEXCH32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 001123600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000028432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20FRA.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ C:\WINDOWS\SysWOW64\HLINKPRX.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HLP95EN.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IMGWALK.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000497600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPI.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000025392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISP32.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000041152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISRVR.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000097040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MDISP32.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCANS32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000242144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MINET32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000007904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ML3XEC16.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 000297808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMFMIG32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000094208 _____ C:\WINDOWS\SysWOW64\MSENCODE.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSEXCL35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000502640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFS32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000120320 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMUSIC.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000016304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINF16H.EXE
1996-12-17 00:00 - 1996-12-17 00:00 - 001038848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000041232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000024336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOTHUNK.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000509712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPST32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000251664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000368400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000402704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSTEXT35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXBSE35.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000026224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC16GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC32GT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000022016 _____ C:\WINDOWS\SysWOW64\ODBCSTF.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCTL32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PICSTORE.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PUBDLG.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000093456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\REFEDIT.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCP32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000032256 _____ (Microsoft) C:\WINDOWS\SysWOW64\SELFREG.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ C:\WINDOWS\SysWOW64\VAFR232.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBSFR.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000020080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSSPI.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 001059088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSUI32.DLL
1996-12-17 00:00 - 1996-12-17 00:00 - 000048640 _____ C:\WINDOWS\SysWOW64\WRKGADM.EXE
2024-03-06 15:17 - 2024-03-06 15:17 - 002390016 _____ (Farbar) C:\Users\Michael portable\Desktop\FRST64.exe
2018-06-16 14:58 - 2018-06-16 15:02 - 078846496 _____ (Riot Games, Inc) C:\Users\Michael portable\Downloads\League of Legends installer EUW.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{cc13f02d-e9b2-11e7-8d53-9829a64a5eeb}
{cc13f02e-e9b2-11e7-8d53-9829a64a5eeb}
{cc13f02f-e9b2-11e7-8d53-9829a64a5eeb}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {cc13f02d-e9b2-11e7-8d53-9829a64a5eeb}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {cc13f02e-e9b2-11e7-8d53-9829a64a5eeb}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {cc13f02f-e9b2-11e7-8d53-9829a64a5eeb}
description EFI Network
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec}
nx OptOut
bootmenupolicy Standard
usefirmwarepcisettings No
Chargeur de démarrage Windows
-----------------------------
identificateur {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ed08bc54-1ef1-11eb-8ad8-aea017ee99ec}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ed08bc54-1ef1-11eb-8ad8-aea017ee99ec}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {ed08bc54-1ef1-11eb-8ad8-aea017ee99ec}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================