Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2023 Exécuté par jmnau (administrateur) sur PC-FIXE-DE-JM (Gigabyte Technology Co., Ltd. H510M H) (20-09-2023 13:13:01) Exécuté depuis D:\OneDrive_D\OneDrive\Documents JMN\Desktop\FRST64.exe Profils chargés: jmnau Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.2283 (X64) Langue: Anglais (Royaume-Uni) -> Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe <6> (DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxEM.exe (explorer.exe ->) (Audials AG -> ) C:\Program Files\Audials\Audials 2023\AudialsNotifier.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9d19662e01abea6b\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0797c0ea8580ae89\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncHelper.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe <2> (services.exe ->) (SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607648 2023-09-16] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\Run: [AudialsNotifier] => C:\Program Files\Audials\Audials 2023\AudialsNotifier.exe [2203840 2022-10-20] (Audials AG -> ) HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\Run: [MicrosoftEdgeAutoLaunch_878A606CA185B854FF5CCF8AFD397E8F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4219448 2023-09-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3722162592-3493389248-2344746714-1006\...\MountPoints2: {667b2d82-a925-11ed-99a7-803f5d020a27} - "H:\Setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {B0F3E9C0-16DD-4CF9-A8C1-B1D60CAABD61} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.) Task: {FCAE8FE7-5803-445F-80C2-A0134AC5628A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe [5199488 2023-09-15] (Microsoft Windows -> Microsoft Corporation) Task: {DDD5C93F-D4D1-4BAC-8978-F66E4EF81DFB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation) Task: {A3833FF5-7419-4D98-A855-3B117A2571D5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26913760 2023-09-01] (Microsoft Corporation -> Microsoft Corporation) Task: {5B937167-C594-41AD-A63F-D1CCDED8CAD3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {37CDD468-CFDB-45E4-9F43-D42403888B68} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {2732BC8B-324C-4805-B900-47716CEB5AD7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-02] (Microsoft Corporation -> Microsoft Corporation) Task: {15D772C1-A05F-4BAF-8BEF-8034958B0F4B} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [58880 2023-09-15] (Microsoft Windows -> Microsoft Corporation) Task: {845EA098-32FC-4B5F-8C54-36AB9241BF51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7497121A-5D24-45B1-8737-4ECAF295EE1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7D8A7A57-D449-43E8-B5AE-338FFEFB0C1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A0F82E36-1528-405A-B170-B7AE558C9A23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CE27854C-F6C5-48FB-8251-0871C46F6D5D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {422BE114-5440-4C5D-9B0E-7B358BC6C5BA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-13] (Mozilla Corporation -> Mozilla Foundation) Task: {E83AFB93-8981-4EFF-AAB0-785BCE89014D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-16] (Microsoft Corporation -> Microsoft Corporation) Task: {1E9A2C26-DE74-4454-BBBE-3EDAAF028E8A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3722162592-3493389248-2344746714-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-16] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{33ae9cfe-8a54-4783-949f-ba0af2507e3e}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{722d3bfa-fbae-4c09-bba3-64886b1c7be7}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{f4f656de-3030-4128-b3eb-173cf0e5af72}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\jmnau\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-20] Edge Extension: (Google Docs hors connexion) - C:\Users\jmnau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-31] Edge Extension: (Edge relevant text changes) - C:\Users\jmnau\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13] FireFox: ======== FF DefaultProfile: lp77kve2.default-1478419688235 FF ProfilePath: C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ajiqg1f2.default-release [2023-06-30] FF Session Restore: Mozilla\Firefox\Profiles\ajiqg1f2.default-release -> est activé. FF ProfilePath: C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235 [2023-09-20] FF DownloadDir: D:\OneDrive_D\OneDrive\Documents JMN\Desktop FF Homepage: Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235 -> hxxps://duckduckgo.com/ FF Session Restore: Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235 -> est activé. FF Extension: (Disconnect) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\2.0@disconnect.me.xpi [2021-06-02] FF Extension: (Disable HTML5 Autoplay) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\disable-html5-autoplay@afnankhan.xpi [2020-04-15] FF Extension: (Dictionnaire français) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-05-30] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-09-10] FF Extension: (Decodex) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\lemonde-decodex@lemonde.fr.xpi [2020-01-18] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\lp77kve2.default-1478419688235\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21] FF ProfilePath: C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375 [2023-08-31] FF Homepage: Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375 -> hxxp://duckduckgo.com/ FF Extension: (Ghostery) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375\Extensions\firefox@ghostery.com.xpi [2016-05-04] [] FF Extension: (YouTube mp3) - C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375\Extensions\info@youtube-mp3.org.xpi [2016-06-11] [] FF SearchPlugin: C:\Users\jmnau\AppData\Roaming\Mozilla\Firefox\Profiles\ei5oj8t2.default-1401315239375\searchplugins\McSiteAdvisor.xml [2016-03-09] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11817040 2023-09-01] (Microsoft Corporation -> Microsoft Corporation) R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncHelper.exe [3518480 2023-09-16] (Microsoft Corporation -> Microsoft Corporation) R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4683144 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.180.0828.0001\OneDriveUpdaterService.exe [3855376 2023-09-16] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402352 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20667704 2023-06-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [60488 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.) R3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [63944 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.) R3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [303624 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-06-14] (Microsoft Corporation) [Fichier non signé] R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm660.sys [159912 2023-07-07] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.) R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet, Inc. -> SafeNet Inc.) R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation) R3 MpKsl50d67d53; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{30560ACC-10B6-4E23-9245-5F91F753D6C8}\MpKslDrv.sys [222464 2023-09-20] (Microsoft Windows -> Microsoft Corporation) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-09-15] (Microsoft Windows -> Microsoft Corporation) S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [167936 2022-05-07] (Microsoft Windows -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation) S3 MpKsl85c10151; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{09B67F2D-5595-4B44-BC40-2319B777B967}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-09-20 13:12 - 2023-09-20 13:13 - 000000000 ____D C:\FRST 2023-09-20 12:06 - 2023-09-20 12:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-09-20 12:06 - 2023-09-20 12:06 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2023-09-16 17:39 - 2023-09-16 17:39 - 000771570 _____ C:\WINDOWS\system32\perfh00C.dat 2023-09-16 17:39 - 2023-09-16 17:39 - 000148698 _____ C:\WINDOWS\system32\perfc00C.dat 2023-09-15 23:14 - 2023-07-07 06:24 - 000159912 _____ (DisplayLink Corp.) C:\WINDOWS\system32\Drivers\dlcdcncm660.sys 2023-09-15 18:50 - 2023-09-15 18:52 - 000000000 ___HD C:\$WinREAgent 2023-09-13 22:35 - 2023-09-14 11:32 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2023-09-13 18:21 - 2023-09-14 11:32 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-09-05 18:28 - 2023-09-05 18:28 - 002766244 _____ C:\Users\jmnau\Downloads\PhotoSetupFR12.zip 2023-08-30 17:43 - 2023-08-30 17:44 - 000036453 _____ C:\Users\jmnau\Downloads\mandat_SEPA-40973538.pdf 2023-08-30 17:38 - 2023-08-30 17:38 - 000036453 _____ C:\Users\jmnau\Downloads\mandat_SEPA-40973538(1).pdf 2023-08-29 23:03 - 2023-08-29 23:03 - 000022196 _____ C:\Users\jmnau\Downloads\FEN_Redimension.zip 2023-08-29 22:48 - 2023-08-29 22:48 - 000635323 _____ C:\Users\jmnau\Downloads\jocker.zip 2023-08-28 12:13 - 2023-08-28 12:13 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Microsoft\PowerPoint 2023-08-24 18:29 - 2023-08-24 18:35 - 160161792 _____ C:\Users\jmnau\Downloads\calibre-64bit-6.25.0.msi 2023-08-24 18:12 - 2023-08-24 18:13 - 015302620 _____ C:\Users\jmnau\Downloads\calibre-64bit-6.c_DFqQGQ.25.0.msi.part ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-09-20 13:13 - 2022-10-09 00:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-09-20 13:12 - 2022-10-09 00:56 - 000000000 ____D C:\Users\jmnau\AppData\LocalLow\Mozilla 2023-09-20 13:06 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-09-20 12:40 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-09-20 12:40 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-09-20 12:39 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2023-09-20 12:08 - 2022-10-22 23:56 - 000000000 ____D C:\Users\jmnau\AppData\Local\CrashDumps 2023-09-20 12:06 - 2022-10-11 21:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-09-20 12:06 - 2022-10-11 21:36 - 000000000 ____D C:\Program Files\Common Files\Adobe 2023-09-20 12:06 - 2022-10-11 21:28 - 000000000 ____D C:\Users\jmnau\AppData\Local\Adobe 2023-09-20 12:06 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-09-20 10:22 - 2022-10-09 13:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-09-20 10:22 - 2022-10-09 00:19 - 000000000 __SHD C:\Users\jmnau\IntelGraphicsProfiles 2023-09-20 10:21 - 2022-10-10 23:27 - 000000000 ____D C:\Program Files\TeamViewer 2023-09-20 10:21 - 2022-10-09 13:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-09-20 10:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState 2023-09-20 10:21 - 2022-04-25 23:50 - 000000000 ____D C:\Intel 2023-09-20 10:21 - 2021-10-24 20:23 - 000012288 ___SH C:\DumpStack.log.tmp 2023-09-19 22:50 - 2022-10-09 20:14 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Microsoft\Word 2023-09-19 09:35 - 2022-10-09 17:37 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Microsoft\Excel 2023-09-19 09:25 - 2022-10-09 00:28 - 000000000 ____D C:\Users\jmnau\AppData\Local\D3DSCache 2023-09-18 13:04 - 2022-10-11 11:13 - 000000000 ____D C:\_Temp Photos 2023-09-18 10:37 - 2022-10-09 09:56 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-09-17 16:56 - 2023-01-17 22:52 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-09-17 16:56 - 2021-10-24 20:24 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-09-16 23:15 - 2022-10-09 13:18 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3722162592-3493389248-2344746714-1006 2023-09-16 23:15 - 2022-10-09 13:18 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-09-16 23:15 - 2022-10-09 08:56 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-09-16 17:44 - 2022-10-09 01:12 - 000000000 ____D C:\Program Files\Microsoft Office 2023-09-16 17:39 - 2022-10-09 13:22 - 001713450 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-09-16 00:07 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-09-16 00:06 - 2022-10-09 13:13 - 000474176 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-09-16 00:05 - 2022-05-07 12:16 - 000000000 ___SD C:\WINDOWS\system32\AppV 2023-09-16 00:05 - 2022-05-07 12:16 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-09-16 00:05 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-09-15 19:02 - 2022-10-09 09:01 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-09-15 19:00 - 2022-10-09 09:01 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-09-15 19:00 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-09-15 18:56 - 2022-10-09 13:18 - 003210752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-09-15 18:52 - 2022-10-09 20:14 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Microsoft\UProof 2023-09-15 18:52 - 2022-10-09 17:37 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Microsoft\Office 2023-09-15 18:52 - 2022-10-09 00:20 - 000000000 ____D C:\Users\jmnau\AppData\Local\Packages 2023-09-14 11:32 - 2022-10-09 00:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-09-13 23:25 - 2022-10-09 12:42 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2023-09-13 22:13 - 2022-10-09 00:56 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-09-12 21:41 - 2022-10-09 18:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2023-09-12 21:41 - 2022-10-09 18:55 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2023-09-06 22:52 - 2022-10-09 13:15 - 000000000 ____D C:\Users\jmnau 2023-08-30 11:03 - 2021-10-24 20:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-08-29 23:14 - 2022-10-09 18:42 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\Applications WinDev 2023-08-29 23:12 - 2022-10-09 11:38 - 000000000 ___SD C:\Mes projets 2023-08-26 20:02 - 2023-01-24 18:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-08-24 18:43 - 2023-03-01 17:29 - 000000000 ____D C:\Users\jmnau\Bibliothèque calibre 2023-08-24 18:43 - 2023-03-01 17:28 - 000000000 ____D C:\Users\jmnau\AppData\Roaming\calibre 2023-08-24 18:35 - 2023-03-01 17:28 - 000001053 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk 2023-08-24 18:35 - 2023-03-01 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2023-08-24 18:35 - 2023-03-01 17:28 - 000000000 ____D C:\Program Files\Calibre2 ==================== Fichiers à la racine de certains dossiers ======== 2022-10-16 10:04 - 2022-10-16 10:04 - 000007605 _____ () C:\Users\jmnau\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} timeout 2 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {2a4c5149-47d4-11ed-9625-ef2a260243d0} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {2a4c514b-47d4-11ed-9625-ef2a260243d0} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {2a4c5149-47d4-11ed-9625-ef2a260243d0} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {2a4c514b-47d4-11ed-9625-ef2a260243d0} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2a4c514c-47d4-11ed-9625-ef2a260243d0} path \windows\system32\winload.efi description Windows Recovery Environment locale en-GB inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{2a4c514c-47d4-11ed-9625-ef2a260243d0} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {2a4c5149-47d4-11ed-9625-ef2a260243d0} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {2a4c514b-47d4-11ed-9625-ef2a260243d0} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {2a4c514c-47d4-11ed-9625-ef2a260243d0} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================