Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2024 Exécuté par b2302 (administrateur) sur DESKTOP-H4D9G6J (Alienware Alienware x17 R2) (21-01-2024 19:27:25) Exécuté depuis C:\Users\b2302\Desktop\FRST64.exe Profils chargés: b2302 Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3007 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe (C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\OCControlService\OCControl.Service.exe (C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe (C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe (drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe (drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe (DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_01ed1c2dfb80e2cf\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe (DriverStore\FileRepository\ipf_cpu.inf_amd64_72a55bd70de29881\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_72a55bd70de29881\ipf_helper.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18> (explorer.exe ->) (Learnpulse -> Learnpulse) C:\Users\b2302\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6ccc7bd43d32a818\IgoAudioService_x64.exe (services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe (services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (services.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe (services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_01ed1c2dfb80e2cf\DAX3API.exe <2> (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_520b005954d9b5fa\ipfsvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_fb9e356192ae1106\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_07bea76bdbdaf3eb\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_96f5c5992ecd4b87\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_72a55bd70de29881\ipf_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_90ff6c7fe29f9dcf\Intel_PIE_Service.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_7a15919fa204d00b\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe (services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmegpu.inf_amd64_a9769eb167fae6e6\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_257b6f08c40eff46\RtkAudUService64.exe <3> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (sihost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> Alienware Corp.) C:\Program Files\WindowsApps\dellinc.alienwareonscreendisplay_1.11.2.0_x86__htrsf667h5kn2\Win32\AlienwareOn-ScreenDisplay.exe (svchost.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6ccc7bd43d32a818\iGoSwServer.exe <2> (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_257b6f08c40eff46\RtkAudUService64.exe [3392312 2021-12-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-11-15] (Adobe Inc. -> ) HKU\S-1-5-21-2161126306-1069707884-703055476-1001\...\Run: [MicrosoftEdgeAutoLaunch_0A3E91AA87DFEA807A176E2B9E360089] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2161126306-1069707884-703055476-1001\...\Run: [Screenpresso] => C:\Users\b2302\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [20340744 2024-01-09] (Learnpulse -> Learnpulse) HKU\S-1-5-18\...\RunOnce: [{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}] => C:\ProgramData\Dell\drivers\b540b039-506f-424d-9463-33985c966cb3\AWCCInstallationManager.exe [1179439120 2023-09-19] (Dell Inc -> Dell Inc.) HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0 HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [196096 2023-11-23] (pdfforge GmbH) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {B7ECB23F-A9EB-446D-B9B5-3024B6E43B3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.) Task: {8220113C-CA93-4A28-8306-F91D0F9D7077} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [739168 2023-10-09] (Dell Inc -> Dell Inc.) Task: {73A2D27E-9C21-4AE8-A0EC-FF30E87BDDF8} - System32\Tasks\GoogleUpdateTaskMachineCore{C827E17A-7070-452D-8609-C4292B25CFD5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-14] (Google LLC -> Google LLC) Task: {1541D8C7-6AD7-4E29-BD44-FA21E50C51A3} - System32\Tasks\GoogleUpdateTaskMachineUA{CB64A068-8918-4CF2-BB06-957DBAFD57E5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-14] (Google LLC -> Google LLC) Task: {2EF8B42C-6750-49D4-9B1A-94D6AE815E46} - System32\Tasks\iGoAudioTask => C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6ccc7bd43d32a818\iGoSwServer.exe [369216 2022-02-14] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) Task: {FE2D2341-992D-480B-ABD4-56C03497F071} - System32\Tasks\iGoAudioTaskSession => C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6ccc7bd43d32a818\iGoSwServer.exe [369216 2022-02-14] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) Task: {A130E56C-F4A7-4BBC-8632-724AE3AA896C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation) Task: {0A7ECDFD-70B6-4770-B9C3-BC92F4DBB8EF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation) Task: {CBC3BCB7-3A3A-46FE-B8EC-34F67C0A382A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218048 2024-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {8AF181E5-02F6-467F-9E06-99C3BAD5CDDA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218048 2024-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {A1C51302-E423-426D-93C0-6CE49775EF6D} - System32\Tasks\Microsoft\Windows\Setup\EM => %windir%\system32\EM.exe (Pas de fichier) <==== ATTENTION Task: {3F7E960E-AD44-40D1-8D79-7452503DEC0E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {FE5C6143-9DAA-49DA-954B-9DC6723FF55D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B5E00763-993E-4955-A10F-9776A20423DA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {25907355-A2DA-48DE-9E99-C6B096F8E121} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C82EDC86-70D4-4A1C-84C1-B37B76654AC4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BBED7C81-1588-48D4-B7F1-73EF9A901982} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {7161E169-DD59-4267-85F7-CB68078DA121} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-10] (Nvidia Corporation -> NVIDIA Corporation) Task: {00985918-CC87-4F74-9E3E-87C48751B341} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) Task: {3119BA5B-B863-44A1-BF97-895E552496C8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) Task: {7B5D2C76-5766-41EC-9BC0-409E92B7A305} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) Task: {BFEA6B77-655B-4675-B9BC-114EB839327C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) Task: {9485838C-8225-4778-A4AD-022926A03F09} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{41d13573-f58e-487c-895d-0d9498f05653}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{fab4d24b-28d8-4571-abe3-a50969c516c9}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\b2302\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-17] Edge HomePage: Default -> hxxp://www.google.com Edge StartupUrls: Default -> "hxxps://fr.yahoo.com/?guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAADMHPS0sXmhHqz6efuYJ3-uY4JZPLT2zoIep9L7qQho6eCIrX-qHq0nS4bmn6ShC-kWsEJXx5vMNx8iHBvlnDjLJs6VzSLCfJdLkXJmn19uaaY0Oo6jY1O47erbvwtxRt-n3IBC8-0D3q7ivLjMvnow39WBuJf3qkLHwDN4i-MGU&guccounter=2","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.facebook.com/brunolerandonneurfou" Edge Extension: (Old Layout for Facebook) - C:\Users\b2302\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaegaeagge [2023-11-14] Edge Extension: (Google Docs hors connexion) - C:\Users\b2302\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-14] Edge Extension: (Edge relevant text changes) - C:\Users\b2302\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-14] Edge Extension: (Video DownloadHelper) - C:\Users\b2302\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmkaglaafmhbcpleggkmaliipiilhldn [2024-01-16] Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\b2302\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-01-16] FireFox: ======== FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\b2302\AppData\Local\Google\Chrome\User Data\Default [2024-01-21] CHR DownloadDir: C:\Users\b2302\Downloads CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.pagesjaunes.fr CHR HomePage: Default -> hxxp://www.google.com CHR StartupUrls: Default -> "hxxps://fr.yahoo.com/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAABnYVjG2knVPIJ6Q_XvdQQTybdjACzVOhDJ_HR_QzmCD0WLWmzAPXZ9ox5QMX9EhnTHk_UxBMaKxMSMYFTrFgQ61CROdlx2YCx03W1QyuKA7uvy04sKvaOYnNCB6rI4xP4Lrd5n3-yPBQGIrftkwaRlVxXnb1_Rm3y5yPro-T5Iy","hxxps://mail.google.com/mail/u/0/#inbox" CHR Extension: (Old Layout for Facebook) - C:\Users\b2302\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaegaeagge [2023-11-14] CHR Extension: (Google Docs hors connexion) - C:\Users\b2302\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\b2302\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-17] CHR Extension: (Video DownloadHelper) - C:\Users\b2302\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2024-01-17] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\b2302\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-14] CHR HKU\S-1-5-21-2161126306-1069707884-703055476-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.) R2 Alienware Digital Delivery Services; C:\Program Files (x86)\Alienware Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2023-08-16] (Dell Inc -> ) R2 Alienware SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-12-13] (Dell Inc -> Dell INC.) R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [19248 2022-03-09] (Dell Inc -> Dell Technologies) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Fichier non signé] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2023-07-06] (Dell Inc -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2023-07-06] (Dell Inc -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2023-07-06] (Dell Inc -> Dell Technologies Inc.) S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-10-26] (Dell Inc -> ) R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-12-09] (Dell Inc -> Dell) R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_01ed1c2dfb80e2cf\DAX3API.exe [2305592 2021-11-25] (Dolby Laboratories, Inc. -> Dolby Laboratories) R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_520b005954d9b5fa\ipfsvc.exe [544928 2022-03-23] (Intel Corporation -> Intel Corporation) R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [25336 2022-03-19] (Dell Inc -> Dell Inc.) R2 IgoAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_6ccc7bd43d32a818\IgoAudioService_x64.exe [33936 2022-02-14] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\PlatformLicenseManagerService.exe [749048 2022-12-20] (Intel Corporation -> Intel(R) Corporation) R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_7a15919fa204d00b\AS\IAS\IntelAudioService.exe [532664 2021-11-08] (Intel Corporation -> Intel) R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_72a55bd70de29881\ipf_uf.exe [2748600 2022-03-26] (Intel Corporation -> Intel Corporation) R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-07-13] (Intel Corporation -> Intel® Corporation) R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-07-13] (Intel Corporation -> Intel) R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-07-13] (Intel Corporation -> Intel) R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-07-13] (Intel Corporation -> Intel® Corporation) S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.) R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2023-08-09] (nordvpn s.a. -> nordvpn S.A.) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160608 2023-10-09] (Dell Inc -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18071352 2023-12-04] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmegpu.inf_amd64_a9769eb167fae6e6\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmegpu.inf_amd64_a9769eb167fae6e6\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [42448 2022-05-23] (IndiLogic LLC -> Dell Inc.) R3 csaudio; C:\WINDOWS\System32\DriverStore\FileRepository\csaudio.inf_amd64_307d688e084eadf9\csaudio.sys [311480 2021-10-28] (Cirrus Logic, Inc -> Windows (R) Win 7 DDK provider) S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies) R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 e3k25cx21x64; C:\WINDOWS\System32\DriverStore\FileRepository\e3k25cx21x64.inf_amd64_2187e0f3da9ad764\e3k25cx21x64.sys [717144 2023-07-26] (Realtek Semiconductor Corp. -> Realtek) R3 EvoMouseDriverFilterHidUsb; C:\WINDOWS\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29616 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Evoluent) S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [79872 2023-09-15] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.) R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_c385707073e5c73f\iaLPSS2_GPIO2_ADL.sys [139912 2021-10-24] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_8ad31c966ef4e638\iaLPSS2_I2C_ADL.sys [207504 2021-10-24] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_SPI_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_2d1a1b06fd89c8d4\iaLPSS2_SPI_ADL.sys [160912 2021-10-24] (Intel Corporation -> Intel Corporation) S3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_9f84cae4176aa5ed\iaLPSS2_UART2_ADL.sys [318624 2021-10-24] (Intel Corporation -> Intel Corporation) R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1587376 2021-11-22] (Intel Corporation -> Intel Corporation) S3 IntcSdwBus; C:\WINDOWS\System32\DriverStore\FileRepository\intcsdwbus.inf_amd64_723ff49241462f1e\IntcSdwBus.sys [507552 2021-11-08] (Intel Corporation -> Intel(R) Corporation) S3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_19ceb7ce67a7cf8b\gna.sys [87208 2021-09-17] (Intel Corporation -> Intel Corporation) R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_b7940a75dbb658af\ipf_acpi.sys [86712 2022-03-26] (Intel Corporation -> Intel Corporation) R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_72a55bd70de29881\ipf_cpu.sys [80568 2022-03-26] (Intel Corporation -> Intel Corporation) R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_72a55bd70de29881\ipf_lf.sys [432824 2022-03-26] (Intel Corporation -> Intel Corporation) R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-07-13] (Intel Corporation -> Rivet Networks, LLC.) R3 MpKsl2b7260c7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{53DAC60E-FF2C-4661-BC35-9D3BEE32E750}\MpKslDrv.sys [263560 2024-01-21] (Microsoft Windows -> Microsoft Corporation) R2 NDivert; C:\Program Files\NordVPN\7.17.5.0\Drivers\NDivert.sys [131472 2023-08-04] (nordvpn s.a. -> Nordvpn S.A.) R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [238608 2023-06-26] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project) S3 UsbNcm; C:\WINDOWS\System32\drivers\UsbNcm.sys [167936 2023-11-01] (Microsoft Windows -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-03-30] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-21 19:27 - 2024-01-21 19:27 - 000033529 _____ C:\Users\b2302\Desktop\FRST.txt 2024-01-21 19:26 - 2024-01-21 19:27 - 000000000 ____D C:\FRST 2024-01-21 19:08 - 2024-01-21 19:08 - 002389504 _____ (Farbar) C:\Users\b2302\Desktop\FRST64.exe 2024-01-21 19:04 - 2024-01-21 19:04 - 000811170 _____ C:\WINDOWS\system32\perfh00C.dat 2024-01-21 19:04 - 2024-01-21 19:04 - 000157606 _____ C:\WINDOWS\system32\perfc00C.dat 2024-01-17 16:46 - 2024-01-17 16:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-01-17 16:46 - 2024-01-17 16:46 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-01-13 21:56 - 2024-01-13 22:01 - 000000000 ____D C:\Users\b2302\AppData\Roaming\Microsoft\MMC 2024-01-10 08:57 - 2024-01-10 08:57 - 000016720 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-12-31 12:26 - 2024-01-10 16:45 - 000475832 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-12-31 11:56 - 2023-12-31 11:56 - 000000000 ____D C:\Users\b2302\Documents\Dell 2023-12-29 18:25 - 2023-12-29 18:25 - 000000000 ____D C:\Users\b2302\Documents\Enregistrements audio ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-21 19:26 - 2023-11-14 21:32 - 000000000 ____D C:\Program Files (x86)\Google 2024-01-21 19:26 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-01-21 19:17 - 2022-05-23 17:58 - 000000000 ____D C:\Program Files (x86)\Alienware Digital Delivery Services 2024-01-21 19:04 - 2023-11-14 20:32 - 001804850 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-01-21 19:04 - 2023-11-14 20:11 - 000000000 ____D C:\WINDOWS\INF 2024-01-21 19:00 - 2023-12-14 14:28 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-01-21 19:00 - 2023-11-15 05:30 - 000003312 _____ C:\WINDOWS\system32\Tasks\iGoAudioTask 2024-01-21 19:00 - 2023-11-15 05:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-01-21 19:00 - 2023-11-15 05:22 - 000012288 ___SH C:\DumpStack.log.tmp 2024-01-21 19:00 - 2023-11-15 05:22 - 000000000 ____D C:\ProgramData\NVIDIA 2024-01-21 19:00 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\ServiceState 2024-01-21 19:00 - 2023-11-14 20:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-01-21 19:00 - 2023-11-14 20:10 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-01-21 18:54 - 2023-11-14 22:02 - 000000000 ____D C:\Users\b2302\AppData\Roaming\Microsoft\Word 2024-01-21 16:49 - 2023-11-14 20:12 - 000000000 ___HD C:\Program Files\WindowsApps 2024-01-21 16:49 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-01-21 16:33 - 2023-11-15 05:22 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2024-01-21 16:10 - 2023-11-15 07:08 - 000000000 ____D C:\Users\b2302\AppData\Roaming\vlc 2024-01-21 12:43 - 2023-11-15 05:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-01-21 10:47 - 2023-11-14 20:51 - 000000000 ____D C:\Users\b2302\AppData\Local\D3DSCache 2024-01-20 23:53 - 2023-11-21 15:44 - 000000000 ____D C:\Users\b2302\AppData\Roaming\uTorrent 2024-01-20 09:30 - 2023-11-16 08:40 - 000000000 ____D C:\Users\b2302\AppData\Roaming\Microsoft\Excel 2024-01-19 08:56 - 2023-11-14 21:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-01-18 07:59 - 2023-11-15 05:22 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-17 18:06 - 2023-11-14 20:46 - 000000000 ____D C:\Users\b2302 2024-01-17 18:04 - 2023-11-15 07:45 - 000000000 ____D C:\Users\b2302\AppData\Local\NordVPN 2024-01-14 18:27 - 2023-11-14 21:29 - 000000000 ____D C:\Bruno 2024-01-14 18:19 - 2023-11-14 20:48 - 000000000 ____D C:\Users\b2302\AppData\Local\Packages 2024-01-14 15:31 - 2023-11-15 07:45 - 000000000 ____D C:\ProgramData\NordVPN 2024-01-14 15:31 - 2023-11-14 20:46 - 000000000 ___SD C:\Users\b2302\AppData\Roaming\Microsoft\Credentials 2024-01-14 09:44 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-01-13 22:12 - 2023-11-20 17:23 - 000000000 ____D C:\Users\b2302\AppData\Roaming\XnView 2024-01-13 22:12 - 2023-11-17 17:35 - 000000000 ____D C:\Users\b2302\AppData\Local\CrashDumps 2024-01-12 14:42 - 2023-11-14 22:07 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2024-01-12 14:37 - 2023-11-14 21:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-01-12 14:33 - 2023-11-15 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec 2024-01-12 14:33 - 2023-11-15 07:45 - 000000000 ____D C:\Program Files\NordVPN 2024-01-10 17:00 - 2023-11-14 20:12 - 000000000 ____D C:\ProgramData\USOPrivate 2024-01-10 16:44 - 2023-11-14 20:12 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-01-10 16:44 - 2023-11-14 20:12 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-01-10 16:44 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\SystemResources 2024-01-10 16:44 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-01-10 16:44 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-01-10 16:44 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-01-10 09:05 - 2023-11-14 22:06 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-10 09:02 - 2023-11-14 22:06 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-01-10 09:01 - 2023-11-14 20:10 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-01-10 08:57 - 2023-11-15 05:24 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-01-08 08:17 - 2023-11-15 08:31 - 000000000 ____D C:\Users\b2302\AppData\LocalLow\Adobe 2024-01-04 08:57 - 2023-11-14 20:12 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2023-12-31 12:21 - 2022-05-23 17:51 - 000000000 ____D C:\Program Files (x86)\Dell 2023-12-31 12:15 - 2022-05-23 17:55 - 000000000 ____D C:\Program Files\Intel 2023-12-31 12:15 - 2022-05-23 17:52 - 000000000 ____D C:\ProgramData\Package Cache 2023-12-31 12:14 - 2023-11-14 20:18 - 000000000 ____D C:\WINDOWS\Panther 2023-12-31 12:01 - 2023-11-14 22:02 - 000000000 ____D C:\Users\b2302\AppData\Roaming\Microsoft\Office 2023-12-31 12:00 - 2022-05-23 17:51 - 000000000 ____D C:\ProgramData\Dell ==================== Fichiers à la racine de certains dossiers ======== 2022-05-23 17:56 - 2021-05-14 12:42 - 000000235 _____ () C:\ProgramData\LaunchOSDonce.vbs ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {9ee3da93-dac0-11ec-a256-806e6f6e6963} {9ee3da94-dac0-11ec-a256-806e6f6e6963} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} isolatedcontext Yes default {current} resumeobject {974ae238-8322-11ee-88e0-c53dd0a73f0e} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {9ee3da93-dac0-11ec-a256-806e6f6e6963} description Onboard NIC (IPV4 PXE) isolatedcontext Yes Application logicielle (101fffff) -------------------------------- identificateur {9ee3da94-dac0-11ec-a256-806e6f6e6963} description Onboard NIC (IPV6 PXE) isolatedcontext Yes Chargeur de démarrage Windows ----------------------------- identificateur {09c405cc-9ec4-11e5-9b46-5ce0c5654d7a} device ramdisk=[\Device\HarddiskVolume6]\sources\sos.wim,{492933ee-cd0d-11e1-9b66-d4bed91b7fc5} path \windows\system32\winload.efi description Dell SupportAssist locale en-US inherit {bootloadersettings} isolatedcontext Yes osdevice ramdisk=[\Device\HarddiskVolume6]\sources\sos.wim,{492933ee-cd0d-11e1-9b66-d4bed91b7fc5} systemroot \Windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {c10e11ef-f75e-11ec-998f-b86c761c44fd} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {974ae238-8322-11ee-88e0-c53dd0a73f0e} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {c10e11ef-f75e-11ec-998f-b86c761c44fd} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{c10e11f0-f75e-11ec-998f-b86c761c44fd} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery displaymessageoverride PushButtonReset isolatedcontext Yes osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{c10e11f0-f75e-11ec-998f-b86c761c44fd} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {974ae238-8322-11ee-88e0-c53dd0a73f0e} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {c10e11ef-f75e-11ec-998f-b86c761c44fd} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes isolatedcontext Yes Paramètres EMS -------------- identificateur {emssettings} bootems No isolatedcontext Yes Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local isolatedcontext Yes Erreurs de mémoire RAM ---------------------- identificateur {badmemory} isolatedcontext Yes Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} isolatedcontext Yes Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} isolatedcontext Yes Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} isolatedcontext Yes hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} isolatedcontext Yes Options de périphérique ----------------------- identificateur {492933ee-cd0d-11e1-9b66-d4bed91b7fc5} isolatedcontext Yes ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \sources\boot.sdi Options de périphérique ----------------------- identificateur {c10e11f0-f75e-11ec-998f-b86c761c44fd} description Windows Recovery isolatedcontext Yes ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================