FRST.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Exécuté par jmnau (administrateur) sur PC-FIXE-DE-JM (Gigabyte Technology Co., Ltd. H510M H) (05-05-2024 23:39:08)
Exécuté depuis D:\OneDrive_D\OneDrive\Documents JMN\Desktop\FRST64.exe
Profils chargés: jmnau
Plate-forme: Microsoft Windows 11 Professionnel Version 23H2 22631.3527 (X64) Langue: Anglais (Royaume-Uni) -> Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9d19662e01abea6b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe <2>
(services.exe ->) (SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2417.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.076.0414.0005\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.80\Installer\setup.exe [7135680 2024-05-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3850656 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\Run: [AudialsNotifier] => C:\Program Files\Audials\Audials 2024\AudialsNotifier.exe [364224 2023-12-20] (Audials AG -> Audials AG)
HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\Run: [MicrosoftEdgeAutoLaunch_878A606CA185B854FF5CCF8AFD397E8F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [673696 2024-05-01] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\MountPoints2: {667b2d82-a925-11ed-99a7-803f5d020a27} - "H:\Setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2023-12-21]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {07520C50-80EB-474F-8C33-8128675824C6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {FCAE8FE7-5803-445F-80C2-A0134AC5628A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5439240 2024-04-24] (Microsoft Windows -> Microsoft Corporation)
Task: {24A9EDE4-32BB-4120-B2EF-D26B33304E8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452944 2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {94C5B5EB-B5D4-4F99-9970-CE51A5F34B5B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452944 2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2E78562-C13A-4629-8D67-41BF6F972FC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309944 2024-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE7B2456-B5D5-4189-BF4F-58C0AA87F2AD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309944 2024-04-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {1128CAA4-BDCA-45D2-97E7-E5FF61E92B9B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168488 2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {44F1CAC0-7C93-49FF-96FE-859B2EBF946B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B576ACFD-47B0-4169-BFDA-0999A4A2D0C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32852BBB-6206-40F4-A26C-C39A75CAFEFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BC2C21A-B1D9-41CB-B0C1-8C5FDC6F8D72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE27854C-F6C5-48FB-8251-0871C46F6D5D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {9A147523-C7ED-4E96-A047-B26413643E99} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3722162592-3493389248-2344746714-1006 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {422BE114-5440-4C5D-9B0E-7B358BC6C5BA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {35023028-8313-41BA-88EE-35049288D253} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E9A2C26-DE74-4454-BBBE-3EDAAF028E8A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3722162592-3493389248-2344746714-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{33ae9cfe-8a54-4783-949f-ba0af2507e3e}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{722d3bfa-fbae-4c09-bba3-64886b1c7be7}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{722d3bfa-fbae-4c09-bba3-64886b1c7be7}\D4162796E6567237027416C616879702E4F647561303B2: [DhcpNameServer] 192.168.241.60
Tcpip\..\Interfaces\{f4f656de-3030-4128-b3eb-173cf0e5af72}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jmnau\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-05]
Edge Extension: (Google Docs hors connexion) - C:\Users\jmnau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-30]
Edge Extension: (Edge relevant text changes) - C:\Users\jmnau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-06]
Edge Extension: (uBlock Origin) - C:\Users\jmnau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-04-09]

FireFox:
========
FF DefaultProfile: lp77kve2.default-1478419688235
FF ProfilePath: C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ajiqg1f2.default-release [2024-02-14]
FF Session Restore: Mozilla\Firefox\Profiles\ajiqg1f2.default-release -> est activé.
FF ProfilePath: C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235 [2024-05-05]
FF DownloadDir: D:\OneDrive_D\OneDrive\Documents JMN\Desktop
FF Homepage: Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235 -> hxxps://duckduckgo.com/
FF Session Restore: Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235 -> est activé.
FF Extension: (Disconnect) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\2.0@disconnect.me.xpi [2024-02-29]
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\@windscribeff.xpi [2024-01-31]
FF Extension: (Disable HTML5 Autoplay) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\disable-html5-autoplay@afnankhan.xpi [2024-04-26]
FF Extension: (Dictionnaire français) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-05-30]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2024-03-15]
FF Extension: (Decodex) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\lemonde-decodex@lemonde.fr.xpi [2020-01-18]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-04-16]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-04-05]
FF ProfilePath: C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375 [2024-02-14]
FF Homepage: Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375 -> hxxp://duckduckgo.com/
FF Extension: (Ghostery) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375\Extensions\firefox@ghostery.com.xpi [2016-05-04] []
FF Extension: (YouTube mp3) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375\Extensions\info@youtube-mp3.org.xpi [2016-06-11] []
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-04-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5323592 2024-04-11] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14221280 2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.076.0414.0005\FileSyncHelper.exe [3506704 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4683144 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.076.0414.0005\OneDriveUpdaterService.exe [3846560 2024-05-02] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21047096 2023-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [60488 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.)
R3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [63944 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.)
R3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [303624 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2023-11-16] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm660.sys [159912 2023-07-07] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R3 MpKsl277588f3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71E7720A-A328-49FB-B54E-A787259F4EEE}\MpKslDrv.sys [301336 2024-05-05] (Microsoft Windows -> Microsoft Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [167936 2023-11-16] (Microsoft Windows -> )
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl3ba601c0; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{636CDAB8-8C42-4C87-A1C1-C851A566E155}\MpKslDrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-05-05 23:26 - 2024-05-05 23:26 - 000771570 _____ C:\WINDOWS\system32\perfh00C.dat
2024-05-05 23:26 - 2024-05-05 23:26 - 000148698 _____ C:\WINDOWS\system32\perfc00C.dat
2024-05-03 20:36 - 2024-05-03 20:36 - 000018544 _____ C:\Users\jmnau\Downloads\2024_03_BPENS_mars.pdf
2024-05-01 09:50 - 2024-05-03 07:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-04-24 23:04 - 2024-04-24 23:07 - 000000000 ___HD C:\$WinREAgent
2024-04-18 19:43 - 2024-04-20 14:49 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-04-12 00:00 - 2024-04-12 00:00 - 000721569 _____ C:\Users\jmnau\Downloads\EBOOK Jake Adelstein - Le dernier des Yakuzas.epub
2024-04-12 00:00 - 2024-04-12 00:00 - 000468895 _____ C:\Users\jmnau\Downloads\EBOOK Jake Adelstein - Tokyo Vice 2 Tokyo Detective.epub
2024-04-11 23:59 - 2024-04-11 23:59 - 001230306 _____ C:\Users\jmnau\Downloads\EBOOK Jake Adelstein - Tokyo Vice.epub
2024-04-05 22:57 - 2024-04-05 22:57 - 000523794 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 12 L homme inquiet.epub
2024-04-05 22:57 - 2024-04-05 22:57 - 000495254 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 11 Une main encombrante.epub
2024-04-05 22:56 - 2024-04-05 22:56 - 000728552 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 10 Avant le gel.epub
2024-04-05 22:56 - 2024-04-05 22:56 - 000621324 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 9 La muraille invisible.epub
2024-04-05 22:56 - 2024-04-05 22:56 - 000619568 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 8 Les morts de la Saint Jean.epub
2024-04-05 22:55 - 2024-04-05 22:56 - 000505650 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 7 La cinquieme femme.epub
2024-04-05 22:55 - 2024-04-05 22:55 - 000516400 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 6 Le guerrier solitaire.epub
2024-04-05 22:55 - 2024-04-05 22:55 - 000414291 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 4 La lionne blanche.epub
2024-04-05 22:55 - 2024-04-05 22:55 - 000342470 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 5 L homme qui souriait.epub
2024-04-05 22:54 - 2024-04-05 22:54 - 000269735 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 3 Les chiens de Riga.epub
2024-04-05 22:54 - 2024-04-05 22:54 - 000258118 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 2 Meurtriers sans visage.epub
2024-04-05 22:54 - 2024-04-05 22:54 - 000186386 _____ C:\Users\jmnau\Downloads\EBOOK Henning Mankell - Wallander 0 - Le coup de couteau - la premiere enquete de Wallander.epub

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-05-05 23:39 - 2024-02-12 13:31 - 000000000 ____D C:\FRST
2024-05-05 23:37 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-05-05 23:30 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-05 23:29 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-05 23:26 - 2022-10-09 13:22 - 001713450 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-05 23:25 - 2021-10-24 20:24 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-05 23:23 - 2022-10-09 00:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-05 23:20 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-05-05 23:19 - 2022-10-22 23:56 - 000000000 ____D C:\Users\jmnau\AppData\Local\CrashDumps
2024-05-05 23:19 - 2022-10-10 23:27 - 000000000 ____D C:\Program Files\TeamViewer
2024-05-05 23:19 - 2022-10-09 13:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-05 23:19 - 2022-10-09 13:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-05 23:19 - 2022-10-09 00:19 - 000000000 __SHD C:\Users\jmnau\IntelGraphicsProfiles
2024-05-05 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-05 23:19 - 2022-04-25 23:50 - 000000000 ____D C:\Intel
2024-05-05 23:19 - 2021-10-24 20:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-04 00:40 - 2022-10-09 20:14 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Microsoft\Word
2024-05-04 00:37 - 2022-10-09 17:37 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Microsoft\Excel
2024-05-03 19:46 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-03 07:13 - 2022-10-09 09:56 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-05-03 07:13 - 2022-10-09 00:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-02 14:22 - 2022-10-09 13:18 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3722162592-3493389248-2344746714-1006
2024-05-02 14:22 - 2022-10-09 13:18 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-05-02 14:22 - 2022-10-09 08:56 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-02 12:11 - 2022-10-09 00:56 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-01 09:51 - 2022-10-09 00:28 - 000000000 ____D C:\Users\jmnau\AppData\Local\D3DSCache
2024-04-25 23:02 - 2022-10-09 18:46 - 000000000 ____D C:\ProgramData\Suivi production Panneaux solaires
2024-04-24 23:46 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-04-24 23:45 - 2022-10-09 13:13 - 000474176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-24 23:44 - 2022-05-07 12:16 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-04-24 23:44 - 2022-05-07 12:16 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-04-24 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-24 23:44 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-04-24 23:22 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-04-24 23:14 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2024-04-24 23:14 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2024-04-24 23:14 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-24 23:11 - 2022-10-09 13:18 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-19 14:08 - 2022-10-09 12:42 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-04-17 23:57 - 2022-10-09 13:15 - 000000000 ____D C:\Users\jmnau
2024-04-16 23:42 - 2022-10-09 01:12 - 000000000 ____D C:\Program Files\Microsoft Office
2024-04-14 00:44 - 2022-10-11 21:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-14 00:41 - 2023-09-20 12:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-04-12 14:59 - 2023-03-01 17:28 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\calibre
2024-04-12 13:55 - 2023-03-01 17:29 - 000000000 ____D C:\Users\jmnau\Bibliothèque calibre
2024-04-12 12:34 - 2023-10-11 15:24 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-04-12 12:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-12 00:26 - 2023-03-01 17:28 - 000000000 ____D C:\Users\jmnau\AppData\Local\calibre-cache
2024-04-11 23:42 - 2022-10-09 09:01 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-11 23:42 - 2022-10-09 09:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-11 00:01 - 2023-12-21 11:43 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2024-04-10 19:33 - 2021-10-24 20:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-08 23:53 - 2023-12-11 13:42 - 000000000 ____D C:\Photos transfert Portable

==================== Fichiers à la racine de certains dossiers ========

2022-10-16 10:04 - 2022-10-16 10:04 - 000007605 _____ () C:\Users\jmnau\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== BCD ================================

Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2

Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {2a4c5149-47d4-11ed-9625-ef2a260243d0}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 10

Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {2a4c514b-47d4-11ed-9625-ef2a260243d0}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {2a4c5149-47d4-11ed-9625-ef2a260243d0}
nx OptIn
bootmenupolicy Standard

Chargeur de démarrage Windows
-----------------------------
identificateur {2a4c514b-47d4-11ed-9625-ef2a260243d0}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2a4c514c-47d4-11ed-9625-ef2a260243d0}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-GB
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2a4c514c-47d4-11ed-9625-ef2a260243d0}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {2a4c5149-47d4-11ed-9625-ef2a260243d0}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {2a4c514b-47d4-11ed-9625-ef2a260243d0}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

Paramètres EMS
--------------
identificateur {emssettings}
bootems No

Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local

Erreurs de mémoire RAM
----------------------
identificateur {badmemory}

Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de périphérique
-----------------------
identificateur {2a4c514c-47d4-11ed-9625-ef2a260243d0}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Signaler le contenu de ce document