Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05.03.2024 Exécuté par Michael portable (administrateur) sur LAPTOP-J20Q1AEC (Acer Aspire A715-71G) (07-03-2024 17:09:48) Exécuté depuis C:\Users\Michael portable\Desktop\FRST64.exe Profils chargés: Michael portable Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) Langue: Français (France) Navigateur par défaut non détecté(e)! Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe (explorer.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\Michael portable\AppData\Roaming\ZHP\ZHPSuite.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_fc9ac11e55f51133\RstMwService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacig.inf_amd64_6eae42cbc3ee7e36\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3022640 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Discord] => C:\Users\Michael portable\AppData\Local\Discord\Update.exe [1525024 2023-09-18] (Discord Inc. -> GitHub) HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Steam] => D:\Steam\steam.exe [4388712 2024-02-29] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-02-29] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [MicrosoftEdgeAutoLaunch_E23EDDDAB769BFCD5C57CE8613294F03] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70921216 2024-02-23] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-3647026253-681534332-4003124083-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2730600 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.96\Installer\chrmstp.exe [2024-03-07] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {FE55443C-B203-42B9-8EA1-36ED0DF3A4D9} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> ) Task: {4232493A-22AD-4DCB-AA77-C405CC56344B} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-05-24] (Acer Incorporated -> ) Task: {F7293AA1-5C61-4DE2-9599-0316B82B0DA4} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> ) Task: {6B052AE7-48C9-4851-8C41-7827AB318731} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> ) Task: {EACFBFE5-9A44-413C-9656-306CC986C19F} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated) Task: {3A990FA8-9B8D-488D-B313-C2141AEBEDE2} - System32\Tasks\AcerCloud => C:\ProgramData\acer\Acer Portal\launchPortal.exe [25816 2017-06-07] (Acer Incorporated -> ) Task: {1ED6C09D-6E2E-494C-84DD-BC41DD341CD7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {77EC4474-E1D9-4BFC-8364-51EBFDD8C5F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {1BE5C689-BCF2-46A1-98D9-E2A7B873924C} - System32\Tasks\App Explorer => C:\Users\Michael portable\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7132056 2018-11-16] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION Task: {F84CA5B7-2F6B-4C54-9352-A6A92A263FA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {4D1837AE-A9A7-4E05-BB39-1C84BC07493E} - System32\Tasks\DashlaneUpgradeCheck => C:\Windows\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {9B7496CE-8E30-4CA1-9683-B5AFBEB6934F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-09] (Google Inc -> Google Inc.) Task: {E78BB13C-49B7-4019-8B35-00F3D5A8CF59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-09] (Google Inc -> Google Inc.) Task: {963CB3A6-AF1F-4D4C-BBAA-78888A31FD81} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {E58BCB3C-00DE-433B-A971-87A0247AEB6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {AE193106-4A87-4E50-93C4-2CE216EE026D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {DC58BE9A-CB4F-4960-BAA8-7A845C559BE7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {51F45166-C338-4713-A28C-69A7DBFBF545} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [362192 2024-02-17] (Microsoft Corporation -> Microsoft Corporation) Task: {22E81204-B3CB-4876-ABC0-7671336F00BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8A6BBFCF-D527-448F-B2A1-AE5B846179C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {52E17AD4-77C8-44BF-A656-56A6AC2DF0A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F99B0918-95AF-47F4-A408-EA4C381D0777} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7D0AC6C5-9876-4160-9EE5-E47E5BB5F89D} - System32\Tasks\MonitorAcerPortal => C:\ProgramData\acer\Acer Portal\monitorPortal.exe [32472 2017-06-07] (Acer Incorporated -> ) Task: {94B520CB-2AF6-4031-A284-FA549A310812} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> ) Task: {38892324-CF96-4D0A-97E8-A9A3AF5BD19E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd -> Overwolf LTD) Task: {29F007BA-7773-4D5C-BE49-A93B5C29BB3C} - System32\Tasks\PicstreamAgent => C:\Program -> Files (x86)\Acer\AOP Framework\uwplauncher.exe AcerIncorporated.6245439DEEE9E_48frkmn4z8aw4!abPhoto Task: {F02416EF-5579-4400-8756-CEEE4F357BFD} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2770736 2019-09-26] (Acer Incorporated -> Acer Incorporated) Task: {8685D05A-C5EC-492D-B522-641C7AD7811C} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [446256 2019-09-26] (Acer Incorporated -> Acer Incorporated) Task: {AFC83945-2AB4-4D51-A7C8-ABB130BD7972} - System32\Tasks\Reveil => "C:\Users\Michael portable\Downloads\taimadou-gakuen-35-shiken-shoutai-ost-05-katana.mp3" (Pas de fichier) Task: {C75C6A22-5E84-4836-A5AC-5173AD9EE123} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {3A7651B8-A9C7-4C33-8EE0-10D0F346D744} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {5BAF9DD1-069E-4D02-AAF7-BAAC7EEC01D2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617864 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {CFEB7D94-4D23-4D80-9BF5-C16581F9C9FE} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2019-09-25] (Acer Incorporated -> Acer Incorporated) Task: {3E7A1602-1D8F-4BAB-A571-205CD9960A9C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-05-23] (Acer Incorporated -> TODO: ) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{2da80c44-aa24-46c3-a98a-c6e941ad31fd}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\07F6D6D656F54656F54756272756: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\14E64627F696461405: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\356425F533936303F5537484A5: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\6427565626F687D2533423337383: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\6627565626F687F56454C405B4D4: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\F42716E67656D235868343D25374: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{2dd40a8b-c74f-4951-b3c6-8d80830826b1}\F42716E67656D287358343: [DhcpNameServer] 192.168.100.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-05] Edge Extension: (Google Docs hors connexion) - C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28] Edge Extension: (Edge relevant text changes) - C:\Users\Michael portable\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27] FireFox: ======== FF DefaultProfile: 0h12u5cv.default FF ProfilePath: C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default [2022-01-29] FF Extension: (Amazon Assistant for Firefox) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\abb-acer@amazon.com.xpi [2019-02-24] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Français Language Pack) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-02-24] FF Extension: (Mozilla Partner Defaults) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\partnerdefaults@mozilla.com [2018-05-06] [] FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\sp@avast.com.xpi [2019-04-05] FF Extension: (Avast Online Security) - C:\Users\Michael portable\AppData\Roaming\Mozilla\Firefox\Profiles\0h12u5cv.default\Extensions\wrc@avast.com.xpi [2018-07-12] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default [2024-03-07] CHR DownloadDir: C:\Users\Michael portable\Downloads\Mods CHR Extension: (uBlock Origin) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-22] CHR Extension: (Google Docs hors connexion) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-26] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-29] CHR Profile: C:\Users\Michael portable\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-27] CHR HKU\S-1-5-21-3647026253-681534332-4003124083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-17] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12096104 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-10-15] (EasyAntiCheat Oy -> Epic Games, Inc) S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-03-05] (Malwarebytes Inc. -> Malwarebytes) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_6eae42cbc3ee7e36\Display.NvContainer\NVDisplay.Container.exe [1275440 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd -> Overwolf LTD) S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2019-09-26] (Acer Incorporated -> Acer Incorporated) S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2019-09-26] (Acer Incorporated -> Acer Incorporated) R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [189768 2022-11-09] (Qualcomm Atheros, Inc. -> ) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9647712 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-03-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36792 2022-06-06] (Acer Incorporated -> Acer Incorporated) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2022-01-29] (AVAST Software s.r.o. -> The OpenVPN Project) S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [40832 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-19] (Acer Incorporated -> Acer Incorporated) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl7b8e0364; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{49345FCF-5760-4389-AB9D-16E404292BC5}\MpKslDrv.sys [300312 2024-03-07] (Microsoft Windows -> Microsoft Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-19] (Acer Incorporated -> Acer Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21861160 2024-02-22] (Riot Games, Inc. -> Riot Games, Inc.) R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-03-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-04] (Microsoft Windows -> Microsoft Corporation) U1 aswbdisk; pas de ImagePath S3 HWiNFO_190; \??\C:\Users\MICHAE~1\AppData\Local\Temp\HWiNFO64A_190.SYS [X] <==== ATTENTION ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-03-07 17:09 - 2024-03-07 17:10 - 000025116 _____ C:\Users\Michael portable\Desktop\FRST.txt 2024-03-07 17:09 - 2024-03-07 17:09 - 000270617 _____ C:\Users\Michael portable\Desktop\ZHPDiag.txt 2024-03-07 16:56 - 2024-03-07 16:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Oem 2024-03-07 16:56 - 2024-03-07 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer 2024-03-07 16:50 - 2024-03-07 16:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2024-03-07 16:46 - 2024-03-07 16:46 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3647026253-681534332-4003124083-1001 2024-03-07 16:46 - 2024-03-07 16:46 - 000002438 _____ C:\Users\Michael portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-03-07 16:46 - 2024-03-07 16:46 - 000000000 ____D C:\Users\Michael portable\AppData\Local\OneDrive 2024-03-06 20:11 - 2024-03-06 20:11 - 005915672 _____ (Crystal Dew World ) C:\Users\Michael portable\Downloads\CrystalDiskInfo9_2_3.exe 2024-03-06 15:18 - 2024-03-07 17:10 - 000000000 ____D C:\FRST 2024-03-06 15:17 - 2024-03-06 15:17 - 002390016 _____ (Farbar) C:\Users\Michael portable\Desktop\FRST64.exe 2024-03-06 15:04 - 2024-03-07 17:09 - 000000135 _____ C:\Users\Michael 2024-03-06 15:01 - 2024-03-07 17:09 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\ZHP 2024-03-06 15:01 - 2024-03-06 15:01 - 000000880 _____ C:\Users\Michael portable\Desktop\ZHPSuite.lnk 2024-03-06 15:01 - 2024-03-06 15:01 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ZHP 2024-03-05 16:05 - 2024-03-05 16:05 - 000586576 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-03-05 16:05 - 2024-03-05 16:05 - 000000000 ____D C:\WINDOWS\Panther 2024-03-05 02:52 - 2024-03-05 02:52 - 000033637 _____ C:\WINDOWS\system32\battery-report.html 2024-03-04 22:12 - 2024-03-04 22:12 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ItTakesTwo 2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Link2EA 2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Electronic Arts 2024-03-04 22:11 - 2024-03-04 22:11 - 000000000 ____D C:\Users\Michael portable\AppData\Local\EADesktop 2024-03-04 21:37 - 2024-03-04 22:11 - 000000000 ____D C:\ProgramData\EA Desktop 2024-03-04 21:37 - 2024-03-04 21:37 - 000002142 _____ C:\Users\Public\Desktop\EA.lnk 2024-03-04 21:37 - 2024-03-04 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA 2024-03-04 19:00 - 2024-03-04 19:00 - 000000203 _____ C:\Users\Michael portable\Desktop\It Takes Two Friend's Pass.url 2024-02-28 18:29 - 2024-03-01 00:04 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\riot-client-ux 2024-02-17 15:24 - 2024-02-17 15:24 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\LibreOffice 2024-02-17 15:22 - 2024-02-17 15:22 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 24.2.lnk 2024-02-17 15:22 - 2024-02-17 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2 2024-02-17 15:21 - 2024-02-17 15:22 - 000000000 ____D C:\Program Files\LibreOffice 2024-02-15 15:27 - 2024-02-15 15:27 - 000000000 ___HD C:\$WinREAgent 2024-01-31 20:49 - 2024-01-31 20:49 - 003666959 _____ C:\Users\Michael portable\Downloads\redus - Icter neonatal franceza transformat copy.pptx 2024-01-29 19:17 - 2024-01-29 19:17 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Valve Corporation 2024-01-29 12:53 - 2024-01-29 12:53 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-01-29 12:52 - 2024-01-29 12:52 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-01-28 23:36 - 2024-01-28 23:36 - 000000000 ____D C:\Users\Michael portable\AppData\Local\TEKKEN 8 2024-01-28 17:43 - 2024-01-28 17:43 - 000000203 _____ C:\Users\Michael portable\Desktop\TEKKEN 8.url 2024-01-28 13:10 - 2024-01-28 13:10 - 000000000 ____D C:\Program Files\dotnet 2024-01-26 22:37 - 2024-01-26 22:37 - 000000000 ____D C:\Users\Michael portable\AppData\Local\TEKKEN 8 Demo 2024-01-18 21:14 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-01-18 21:14 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-01-18 21:14 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-01-18 21:14 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-01-18 21:14 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-01-18 21:14 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-01-18 21:14 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-01-18 21:14 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-01-18 21:13 - 2024-01-18 21:13 - 001487496 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-01-18 21:13 - 2024-01-18 21:13 - 001226888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-01-18 21:09 - 2024-01-18 21:09 - 001040408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-01-18 21:09 - 2024-01-18 21:09 - 000670360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2024-01-18 21:09 - 2024-01-18 21:09 - 000506008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2024-01-18 21:08 - 2024-01-18 21:08 - 001542192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-01-18 21:08 - 2024-01-18 21:08 - 001199128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-01-18 21:08 - 2024-01-18 21:08 - 000841864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-01-18 21:07 - 2024-01-18 21:07 - 002174104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-01-18 21:07 - 2024-01-18 21:07 - 001625648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-01-18 21:07 - 2024-01-18 21:07 - 001023512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-01-18 21:07 - 2024-01-18 21:07 - 000786968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-01-18 21:06 - 2024-01-18 21:06 - 016032904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-01-18 21:06 - 2024-01-18 21:06 - 012928136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-01-18 21:06 - 2024-01-18 21:06 - 006780976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-01-18 21:06 - 2024-01-18 21:06 - 005772936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-01-18 21:06 - 2024-01-18 21:06 - 003721352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-01-18 21:06 - 2024-01-18 21:06 - 000459928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-01-18 21:05 - 2024-01-18 21:05 - 005907480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-01-18 21:05 - 2024-01-18 21:05 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-01-18 21:03 - 2024-01-18 21:03 - 006030576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2024-01-18 12:32 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb 2023-12-21 17:55 - 2023-12-21 17:55 - 000000000 ____D C:\WINDOWS\InboxApps 2023-12-19 03:11 - 2023-12-19 03:11 - 001315800 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2023-12-16 21:20 - 2023-12-16 21:20 - 071456520 _____ (Riot Games, Inc.) C:\Users\Michael portable\Downloads\Install League of Legends PBE pbe.exe ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-03-07 17:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-03-07 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-03-07 17:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-03-07 17:05 - 2018-07-20 19:23 - 000000000 ____D C:\Users\Michael portable\AppData\Local\D3DSCache 2024-03-07 16:56 - 2017-12-25 14:03 - 000000000 ____D C:\Program Files (x86)\Acer 2024-03-07 16:55 - 2020-11-05 00:13 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-03-07 16:55 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat 2024-03-07 16:55 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat 2024-03-07 16:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2024-03-07 16:53 - 2020-11-05 00:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck 2024-03-07 16:52 - 2021-12-26 17:28 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-03-07 16:52 - 2018-05-09 09:15 - 000000000 ____D C:\Program Files (x86)\Google 2024-03-07 16:50 - 2022-01-29 19:50 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2024-03-07 16:50 - 2020-11-05 00:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-03-07 16:50 - 2020-11-05 00:03 - 000008192 ___SH C:\DumpStack.log.tmp 2024-03-07 16:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-03-07 16:50 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2024-03-07 16:50 - 2018-05-12 13:17 - 000000000 ____D C:\ProgramData\AVAST Software 2024-03-07 16:50 - 2018-05-06 01:02 - 000000000 __SHD C:\Users\Michael portable\IntelGraphicsProfiles 2024-03-07 16:50 - 2017-12-25 13:52 - 000000000 ____D C:\ProgramData\NVIDIA 2024-03-07 16:50 - 2017-12-25 13:48 - 000000000 ___HD C:\Intel 2024-03-07 16:49 - 2018-08-28 14:33 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\discord 2024-03-07 16:46 - 2023-09-29 14:24 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Discord 2024-03-07 16:46 - 2020-11-05 00:11 - 000003400 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3647026253-681534332-4003124083-1001 2024-03-07 16:45 - 2018-07-12 17:25 - 000000000 ____D C:\Users\Michael portable\AppData\Local\AVAST Software 2024-03-07 16:45 - 2018-05-12 13:32 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\AVAST Software 2024-03-07 16:41 - 2023-10-06 11:22 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby 2024-03-07 16:41 - 2023-10-06 11:22 - 000002300 _____ C:\WINDOWS\system32\Tasks\RTKCPL 2024-03-07 16:41 - 2021-09-15 16:48 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task 2024-03-07 16:41 - 2020-11-05 00:11 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-03-07 16:41 - 2020-11-05 00:11 - 000002292 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ASC 2024-03-07 16:38 - 2019-03-04 20:33 - 000000000 ____D C:\Users\Michael portable\Downloads\Mods 2024-03-07 16:12 - 2023-05-20 19:55 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Malwarebytes 2024-03-07 16:06 - 2020-11-05 00:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-03-07 01:17 - 2018-05-09 09:16 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-03-07 01:17 - 2018-05-09 09:16 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-03-06 21:12 - 2021-09-15 16:48 - 000002343 _____ C:\Users\Michael portable\Desktop\CurseForge.lnk 2024-03-06 21:12 - 2021-09-15 16:46 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Overwolf 2024-03-06 16:57 - 2021-09-30 20:48 - 000000000 ____D C:\Steam 2024-03-06 15:06 - 2020-11-05 00:11 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-03-06 15:06 - 2020-11-05 00:11 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-03-06 02:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-03-06 01:26 - 2020-11-05 00:05 - 000000000 ____D C:\Users\Michael portable 2024-03-06 01:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-03-05 23:47 - 2018-05-14 12:57 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\MMC 2024-03-05 18:08 - 2018-05-16 16:10 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\TS3Client 2024-03-05 16:02 - 2022-11-19 09:37 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2024-03-05 15:22 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-03-05 02:07 - 2021-07-15 17:32 - 000007666 _____ C:\Users\Michael portable\AppData\Local\Resmon.ResmonCfg 2024-03-04 23:19 - 2018-07-20 19:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-03-04 23:05 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2024-03-04 22:57 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-03-04 22:56 - 2018-05-12 13:18 - 000918944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2024-03-04 21:37 - 2023-02-11 17:00 - 000000000 ____D C:\Program Files\Electronic Arts 2024-03-04 21:37 - 2017-12-25 13:41 - 000000000 ____D C:\ProgramData\Package Cache 2024-03-04 19:00 - 2020-08-18 18:08 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-03-03 15:00 - 2020-06-15 01:35 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-03-03 15:00 - 2020-06-15 01:35 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-03-02 21:09 - 2018-05-10 21:52 - 000000000 ____D C:\Users\Michael portable\AppData\Local\CrashDumps 2024-03-02 20:47 - 2023-09-16 00:50 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2024-03-01 15:02 - 2021-09-15 16:48 - 000000000 ____D C:\Program Files (x86)\Overwolf 2024-03-01 00:04 - 2018-06-16 15:07 - 000000000 ____D C:\ProgramData\Riot Games 2024-02-29 14:55 - 2023-09-16 00:13 - 000000000 ____D C:\Program Files\Riot Vanguard 2024-02-27 02:28 - 2022-10-24 16:18 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-02-27 02:28 - 2022-10-24 16:18 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2024-02-26 17:07 - 2018-11-02 19:03 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Excel 2024-02-26 17:07 - 2018-05-06 01:02 - 000000000 ____D C:\Users\Michael portable\AppData\Local\Packages 2024-02-26 17:04 - 2017-12-25 14:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-02-22 19:33 - 2018-06-07 22:14 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\.minecraft 2024-02-22 18:36 - 2021-09-12 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2024-02-22 18:36 - 2018-06-16 15:04 - 000000000 ____D C:\Riot Games 2024-02-22 17:33 - 2018-08-28 14:33 - 000002286 _____ C:\Users\Michael portable\Desktop\Discord.lnk 2024-02-18 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-02-18 20:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-02-17 15:56 - 2018-05-06 01:04 - 000000000 ____D C:\Users\Michael portable\AppData\Roaming\Microsoft\Word 2024-02-15 16:04 - 2020-11-05 00:04 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-02-15 15:43 - 2018-05-06 10:59 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-02-15 15:38 - 2018-05-06 10:59 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-02-13 19:59 - 2023-09-16 16:39 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Jumpstart.lnk 2024-02-13 19:59 - 2021-01-06 14:09 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2024-02-13 19:59 - 2019-09-16 11:15 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2024-02-13 19:59 - 2019-09-16 11:15 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2024-02-13 19:59 - 2017-12-25 14:04 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk 2024-02-08 19:27 - 2019-04-15 13:44 - 000000000 ____D C:\Users\Michael portable\AppData\Local\ElevatedDiagnostics ==================== Fichiers à la racine de certains dossiers ======== 2018-07-12 17:37 - 2023-06-13 15:13 - 000000129 _____ () C:\Users\Michael portable\AppData\Roaming\D2Info0 2018-07-12 17:37 - 2023-05-27 18:17 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_1 2019-01-06 00:55 - 2023-05-27 17:31 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_2 2019-07-03 21:41 - 2023-06-13 15:17 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_3 2019-07-04 21:20 - 2019-07-04 21:20 - 000000008 _____ () C:\Users\Michael portable\AppData\Roaming\DofusAppId0_4 2019-03-08 16:16 - 2023-10-09 12:36 - 000000128 _____ () C:\Users\Michael portable\AppData\Roaming\winscp.rnd 2021-01-15 18:41 - 2021-01-15 18:41 - 000000128 _____ () C:\Users\Michael portable\AppData\Local\PUTTY.RND 2021-07-15 17:32 - 2024-03-05 02:07 - 000007666 _____ () C:\Users\Michael portable\AppData\Local\Resmon.ResmonCfg ==================== SigCheckExt ========================= 1996-12-17 00:00 - 1996-12-17 00:00 - 000123904 _____ (Microsoft) C:\WINDOWS\SysWOW64\ACCWIZ.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000007440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\APPXEC32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000006976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMC.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000151584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CNFNOT32.EXE 1996-12-17 00:00 - 1996-12-17 00:00 - 000057342 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMMTB32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000094320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONTAB32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CONVDSN.EXE 1996-12-17 00:00 - 1996-12-17 00:00 - 000022016 _____ C:\WINDOWS\SysWOW64\DOCOBJ.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000004656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS16GT.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DS32GT.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000518928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EMSUIX32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000304976 _____ (Microsoft Corperation) C:\WINDOWS\SysWOW64\ETEXCH32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 001123600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000028432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20FRA.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ C:\WINDOWS\SysWOW64\HLINKPRX.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HLP95EN.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IMGWALK.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000497600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPI.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000025392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISP32.EXE 1996-12-17 00:00 - 1996-12-17 00:00 - 000041152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MAPISRVR.EXE 1996-12-17 00:00 - 1996-12-17 00:00 - 000097040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MDISP32.EXE 1996-12-17 00:00 - 1996-12-17 00:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCANS32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000242144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MINET32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000007904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ML3XEC16.EXE 1996-12-17 00:00 - 1996-12-17 00:00 - 000297808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMFMIG32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000094208 _____ C:\WINDOWS\SysWOW64\MSENCODE.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSEXCL35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000502640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFS32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMRT.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000120320 _____ (Microsoft) C:\WINDOWS\SysWOW64\MSIMUSIC.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000016304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINF16H.EXE 1996-12-17 00:00 - 1996-12-17 00:00 - 001038848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJET35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000041232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJINT35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000024336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSJTER35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOTHUNK.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000509712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPST32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000251664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRD2X35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000368400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSRDO20.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000402704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSREPL35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSTEXT35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSXBSE35.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000026224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC16GT.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBC32GT.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000022016 _____ C:\WINDOWS\SysWOW64\ODBCSTF.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ODBCTL32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PICSTORE.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PUBDLG.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000093456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RDOCURS.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\REFEDIT.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCP32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000032256 _____ (Microsoft) C:\WINDOWS\SysWOW64\SELFREG.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000012288 _____ C:\WINDOWS\SysWOW64\VAFR232.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAR332.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBSFR.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000020080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSSPI.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 001059088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSUI32.DLL 1996-12-17 00:00 - 1996-12-17 00:00 - 000048640 _____ C:\WINDOWS\SysWOW64\WRKGADM.EXE 2024-03-06 15:17 - 2024-03-06 15:17 - 002390016 _____ (Farbar) C:\Users\Michael portable\Desktop\FRST64.exe 2018-06-16 14:58 - 2018-06-16 15:02 - 078846496 _____ (Riot Games, Inc) C:\Users\Michael portable\Downloads\League of Legends installer EUW.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {cc13f02d-e9b2-11e7-8d53-9829a64a5eeb} {cc13f02e-e9b2-11e7-8d53-9829a64a5eeb} {cc13f02f-e9b2-11e7-8d53-9829a64a5eeb} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {cc13f02d-e9b2-11e7-8d53-9829a64a5eeb} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {cc13f02e-e9b2-11e7-8d53-9829a64a5eeb} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {cc13f02f-e9b2-11e7-8d53-9829a64a5eeb} description EFI Network Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec} nx OptOut bootmenupolicy Standard usefirmwarepcisettings No Chargeur de démarrage Windows ----------------------------- identificateur {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ed08bc54-1ef1-11eb-8ad8-aea017ee99ec} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ed08bc54-1ef1-11eb-8ad8-aea017ee99ec} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {ed08bc51-1ef1-11eb-8ad8-aea017ee99ec} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {ed08bc53-1ef1-11eb-8ad8-aea017ee99ec} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {ed08bc54-1ef1-11eb-8ad8-aea017ee99ec} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================