Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2024 Exécuté par COC-NitroBook (administrateur) sur COC-NITROBOOK (Acer Nitro AN515-55) (20-06-2024 21:23:39) Exécuté depuis C:\Users\simec\Desktop\FRST64.exe Profils chargés: COC-NitroBook Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3737 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (C:\Program Files\Acer\NitroSense Service\PSAgent.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.61\msedgewebview2.exe <7> (C:\Users\simec\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\simec\AppData\Local\WebEx\WebEx64\Meetings_slow\atmgr.exe (C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (drivers\RivetNetworks\Killer\KAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe (drivers\RivetNetworks\Killer\xTendUtilityService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe (DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxEM.exe (explorer.exe ->) () [Fichier non signé] C:\Program Files\VanceAI PC\liveUpdate.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe (explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\simec\AppData\Local\WebEx\WebexHost.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (explorer.exe ->) (Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe (services.exe ->) (Code Sector -> ) C:\Program Files\TeraCopy\TeraCopyService.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2b7bcff446ea567f\IntelCpHeciSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe (services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.3.2\NortonSecurity.exe <2> (services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.3.2\nsWscSvc.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_2ba22b3456e19b2f\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe <2> (services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe (services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe (services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe (services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe (svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxext.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3> (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe [1201968 2020-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6609176 2023-11-02] (Adobe Inc. -> Adobe Systems Inc.) [Fichier non signé] HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [95510296 2023-07-14] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-11-16] (Adobe Inc. -> ) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [bbd83440e0c75ee4effdbab29c29df16] => C:\Program Files\VanceAI PC\liveUpdate.exe [3469312 2023-06-02] () [Fichier non signé] HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [MicrosoftEdgeAutoLaunch_7E2BF839E2BA7183F3C20FDD77FFB84B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883456 2024-06-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [CiscoMeetingDaemon] => C:\Users\simec\AppData\Local\WebEx\WebexHost.exe [7272032 2024-02-28] (Cisco WebEx LLC -> Cisco Webex LLC) HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [6010880 2024-01-16] (Tonec Inc.) [Fichier non signé] HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.63\Installer\chrmstp.exe [2024-06-19] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {94AEA632-70DE-4882-81E2-0D4C809BC8B2} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto Task: {51405CD2-91E7-4D98-87B9-2DD2A3E5D8F8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> ) Task: {B4A0FA69-8A60-4D29-BA37-CF85BB4B6D18} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> ) Task: {7E679064-76ED-4AA0-AD69-04DFA44787A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {5C167A66-B261-49BB-AE50-87CA32D02C58} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {0F0C1B18-B445-43C6-AF10-8E7E433D91B1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {BEB9CB78-3AF8-4B5F-AFBC-CE2EC9518F1B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5472312 2024-06-12] (Microsoft Windows -> Microsoft Corporation) Task: {5AF0A73E-D337-4D71-BE63-5DDA3F4EC235} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{3063BB0C-81F2-4E8F-B5FD-76E7AEFDD9F3} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC) Task: {F0D21572-11CC-464D-83DA-134687C9B907} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) Task: {A02699EB-EF57-4700-B706-46CCB0B11BBD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {A058BDA2-C5F4-4AB1-9409-149FBF583949} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {2CDA407C-52F2-4401-8380-0C018CAA3C9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {4FBFC145-77A7-473A-99CC-0FA4CEB9F393} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-21] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect Task: {FC9480C9-FD4D-4C34-826C-B1DD159CB22F} - System32\Tasks\Microsoft\Windows\ApplicationData\CNNune_IBV32 => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Common Files\SwitchSecurity\FirstTgmes\/U "C:\Program Files (x86)\Common Files\SwitchSecurity\FirstTgmes\wlbsiutTBvltn.dll" Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {1A08533E-F818-401F-8C23-0009520594AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B08FBCB3-C451-4A51-99CB-21BE9131C33A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F735FD33-EA75-4A2B-AF8A-8EEADD756B07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FFAE8FF8-95EF-49E7-BB99-E22ECB59F363} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F1C60F84-44E0-4E0D-9951-50E1D69CCFA4} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609512 2021-08-09] (Acer Incorporated -> Acer Incorporated) Task: {354EB9C7-77F1-4FE6-8E66-EB543BBDC79F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) Task: {64C62D34-551F-4719-AE56-FA64BD85A388} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) Task: {6FDC6C3D-A0CC-4B4C-A9E8-7850E8CBC2EB} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.24.3.2\symerr.exe [379024 2024-04-05] (NortonLifeLock Inc. -> Gen Digital Inc.) Task: {53D74F62-C7AA-4FAD-BFB5-9556AA4E3F30} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.3.2\WSCStub.exe [646520 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {D7436A6F-681D-4259-A871-7E1F13BC6FB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {6163C4D2-CD72-40FA-BB5B-4A4FA2154AB5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {792E37EA-A6E9-4286-AE5C-085D403033BE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {46FD7F59-AA1F-402F-A4AD-2044055073AE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {486A1754-E100-4D65-8B61-AC41B9E57123} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B7EBE9C3-52F6-4F30-8BFB-133696AAE4DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D891F835-013D-40C9-AC47-84F7C5AE9366} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A667874C-234C-44A3-957D-5B55902AC9CD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {03E70AE5-ACFA-4204-A720-CFDBBFCB43ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {957CD20E-295A-4D23-8ECC-3B669642CAE8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation) Task: {B4216622-EE47-47C2-87ED-B8B81C5291CC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-17] (Microsoft Corporation -> Microsoft Corporation) Task: {88CF6961-FA90-4B30-A6C1-4DB80A363CFE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier) Task: {D14BAB62-31E4-4500-B682-9E6ABCD5F37F} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {FAF45B0E-13EC-4EEF-BDEB-ACBFDC8B54C8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {F15A97A3-9943-4D68-BEE3-C5D554DD1B44} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {E22DD8DB-C2F2-4FEB-8B9D-561A230A8E10} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}\34F434F535F4C4554594F4E435D25374: [DhcpNameServer] 41.86.224.81 102.38.129.139 Tcpip\..\Interfaces\{14a7f9bc-8482-43f1-947e-94eac6fe7b2e}\55355425F5032454631314D25374: [DhcpNameServer] 41.86.224.81 102.38.128.139 Tcpip\..\Interfaces\{15734811-4786-4071-80ec-e9f26d93b474}: [DhcpDomain] local Tcpip\..\Interfaces\{3df7b0ed-677c-4e77-901c-c734c9707dda}: [DhcpNameServer] 192.168.88.1 41.86.224.81 102.38.128.139 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-20] Edge Extension: (Google Docs hors connexion) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20] Edge Extension: (Edge relevant text changes) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (IDM Integration Module) - C:\Users\simec\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-06-20] Edge HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2024-01-16] FireFox: ======== FF DefaultProfile: erqcml9a.default FF ProfilePath: C:\Users\simec\AppData\Roaming\Mozilla\Firefox\Profiles\erqcml9a.default [2024-06-20] FF ProfilePath: C:\Users\simec\AppData\Roaming\Mozilla\Firefox\Profiles\0bml8kbl.default-release [2024-06-20] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\simec\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\simec\AppData\Roaming\IDM\idmmzcc5 [2024-05-06] [] [non signé] FF HKU\S-1-5-21-1283810175-761726887-3710497458-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] [] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default [2024-06-20] CHR DownloadDir: D:\01 DOWNLOADS\Pictures 2 CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-06-20] CHR Extension: (Google Docs hors connexion) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-11] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-11-03] CHR Extension: (IDM Integration Module) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-06-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\simec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-03] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16] CHR HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-1283810175-761726887-3710497458-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-01-16] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243432 2022-07-08] (DTS, Inc. -> DTS Inc.) R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448 2023-08-22] (CHENGDU YIWO Tech Development Co., Ltd. -> ) S3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{BACC7F68-6461-4861-839F-B46406967631} [46416 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\FileSyncHelper.exe [3514384 2024-06-17] (Microsoft Corporation -> Microsoft Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé] R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1748992 2020-01-10] (Rivet Networks LLC -> Rivet Networks) R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2651640 2020-01-10] (Rivet Networks LLC -> Rivet Networks) R3 Killer Wifi Optimization Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73704 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [73712 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NativePushService; C:\Users\simec\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.3.2\NortonSecurity.exe [344888 2024-04-05] (NortonLifeLock Inc. -> NortonLifelock Inc.) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.3.2\nsWscSvc.exe [1059176 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_2ba22b3456e19b2f\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.108.0528.0005\OneDriveUpdaterService.exe [3853744 2024-06-17] (Microsoft Corporation -> Microsoft Corporation) R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [840424 2021-08-09] (Acer Incorporated -> Acer Incorporated) S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [112184 2021-02-01] (Code Sector -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-20] (Microsoft Windows Publisher -> Microsoft Corporation) S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73720 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36784 2022-06-08] (Acer Incorporated -> Acer Incorporated) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.10.10\Definitions\BASHDefs\20240618.001\BHDrvx64.sys [1706496 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\ccSetx64.sys [198288 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ebrntdrv; C:\WINDOWS\system32\ebrntdrv.sys [27728 2023-06-19] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 IDMWFP; C:\WINDOWS\System32\drivers\idmwfp.sys [173736 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.10.10\Definitions\IPSDefs\20240619.064\IDSvia64.sys [1554432 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [177272 2020-01-10] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2020-05-19] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net) S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\nsvst.sys [57120 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-12-06] (Nvidia Corporation -> NVIDIA Corporation) R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SRTSP64.SYS [960640 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SRTSPX64.SYS [52864 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SYMEFASI64.SYS [2180248 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\SymELAM.sys [36016 2024-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100344 2023-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.10.10\SymPlatform\SymEvnt.sys [934912 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\Ironx64.SYS [306872 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\symnets.sys [492720 2024-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-20] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-20] (Microsoft Windows -> Microsoft Corporation) S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618030.002\wpCtrlDrv.sys [1016792 2024-04-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X] S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-06-20 21:23 - 2024-06-20 21:24 - 000041259 _____ C:\Users\simec\Desktop\FRST.txt 2024-06-20 20:58 - 2024-06-20 20:58 - 000810954 _____ C:\WINDOWS\system32\perfh00C.dat 2024-06-20 20:58 - 2024-06-20 20:58 - 000157390 _____ C:\WINDOWS\system32\perfc00C.dat 2024-06-20 20:22 - 2024-06-20 21:23 - 000000000 ____D C:\FRST 2024-06-20 20:21 - 2024-06-20 20:21 - 002395648 _____ (Farbar) C:\Users\simec\Desktop\FRST64.exe 2024-06-20 20:16 - 2024-06-20 20:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2024-06-18 15:56 - 2024-06-18 15:56 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\HTML Help 2024-06-13 10:26 - 2024-06-13 10:26 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Bibliography 2024-06-12 16:34 - 2024-06-12 16:34 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-06-12 16:34 - 2024-06-12 16:34 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-06-11 17:06 - 2024-06-11 17:06 - 000000000 ____D C:\Users\simec\Documents\Modèles Office personnalisés 2024-06-11 16:26 - 2024-06-11 16:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2024-06-11 16:21 - 2024-06-11 16:21 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\WINDOWS\PCHEALTH 2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-06-11 16:21 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2024-06-11 16:20 - 2024-06-11 16:21 - 000000000 ____D C:\WINDOWS\SHELLNEW 2024-06-11 16:20 - 2024-06-11 16:21 - 000000000 ____D C:\Program Files\Microsoft Office 2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 __RHD C:\MSOCache 2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Users\simec\AppData\Local\Microsoft Help 2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-06-11 16:20 - 2024-06-11 16:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2024-06-11 15:18 - 2024-06-11 15:19 - 000000106 _____ C:\Users\simec\Desktop\Download Latest Office 2016 Permanent Activator Ultimate.url 2024-06-11 15:18 - 2024-06-11 15:18 - 000000000 ____D C:\Users\simec\AppData\Local\Office2016 2024-06-10 18:43 - 2024-06-10 18:43 - 000000000 ____D C:\ProgramData\KMSAuto 2024-06-10 18:38 - 2024-06-10 18:46 - 000000000 ____D C:\Users\simec\AppData\Local\MSfree Inc 2024-06-10 18:38 - 2024-06-10 18:38 - 000000000 ____D C:\Users\simec\AppData\Local\Zofolazo 2024-06-10 18:22 - 2024-06-10 19:44 - 000000000 _____ C:\WINDOWS\SECOH-QAD.exe 2024-06-10 18:21 - 2024-06-10 18:26 - 000000000 ____D C:\Program Files\KMSpico 2024-06-10 18:21 - 2024-06-10 18:21 - 000000000 ____D C:\Program Files (x86)\data_test 2024-06-06 14:46 - 2024-06-06 14:46 - 000000000 ____D C:\WINDOWS\system32\%userprofile% 2024-06-05 16:10 - 2024-06-05 16:10 - 000000790 _____ C:\Users\simec\AppData\Local\recently-used.xbel 2024-06-05 14:48 - 2024-06-05 16:10 - 000000000 ____D C:\Users\simec\AppData\Roaming\inkscape 2024-06-05 14:48 - 2024-06-05 14:48 - 000000000 ____D C:\Users\simec\AppData\Local\fontconfig 2024-06-05 14:48 - 2024-06-05 14:48 - 000000000 ____D C:\Users\simec\.dbus-keyrings 2024-06-05 14:47 - 2024-06-05 14:47 - 000000939 _____ C:\Users\Public\Desktop\Inkscape.lnk 2024-06-05 14:47 - 2024-06-05 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 2024-06-05 14:47 - 2024-06-05 14:47 - 000000000 ____D C:\Program Files\Inkscape 2024-05-21 17:18 - 2024-05-21 17:18 - 000000000 ____D C:\Users\simec\AppData\Local\DJI Assistant 2 2024-05-21 17:12 - 2024-05-21 20:24 - 000000000 ____D C:\Users\simec\AppData\Roaming\DJIAssistant2 2024-05-21 17:12 - 2024-05-21 17:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\Electron 2024-05-21 17:12 - 2024-05-21 17:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\DJI Assistant 2 2024-05-06 14:56 - 2024-06-20 19:51 - 000000000 ____D C:\Users\simec\AppData\Roaming\DMCache 2024-05-06 14:56 - 2024-06-20 17:18 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2024-05-06 14:56 - 2024-05-06 19:14 - 000000000 ____D C:\Users\simec\AppData\Roaming\IDM 2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2024-05-06 14:56 - 2024-05-06 14:56 - 000000000 ____D C:\ProgramData\IDM 2024-05-02 13:45 - 2024-05-02 13:45 - 000002143 _____ C:\Users\Public\Desktop\RODE Central.lnk 2024-05-02 13:45 - 2024-05-02 13:45 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RODE Central.lnk 2024-05-02 13:45 - 2024-05-02 13:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\RØDE 2024-05-02 13:45 - 2024-05-02 13:45 - 000000000 ____D C:\Program Files\RØDE Microphones 2024-05-01 11:33 - 2024-05-01 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2024-04-29 19:38 - 2024-04-29 19:38 - 000000000 ____D C:\Users\simec\AppData\Roaming\Maxon 2024-04-26 19:14 - 2024-06-20 20:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360 2024-04-26 19:09 - 2024-04-26 19:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2024-04-26 19:09 - 2024-04-26 19:09 - 000003374 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration 2024-04-12 11:32 - 2024-04-12 11:32 - 000000000 ____D C:\Users\simec\AppData\Roaming\webex 2024-04-12 11:31 - 2024-04-12 11:50 - 000000000 ____D C:\Users\simec\AppData\LocalLow\WebEx 2024-04-12 11:22 - 2024-06-20 12:55 - 000000000 ____D C:\Users\simec\AppData\Local\WebEx 2024-04-12 11:22 - 2024-04-13 20:09 - 000000000 ____D C:\Users\simec\AppData\Local\CiscoSpark 2024-04-12 11:22 - 2024-04-12 11:23 - 000000000 ____D C:\Users\simec\AppData\Local\CiscoSparkLauncher 2024-04-12 11:22 - 2024-04-12 11:22 - 000001454 _____ C:\Users\simec\Desktop\Webex.lnk 2024-04-12 11:22 - 2024-04-12 11:22 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex 2024-04-11 11:53 - 2024-04-11 11:53 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs 2024-04-03 18:06 - 2024-04-03 18:07 - 000000000 ____D C:\Users\simec\AppData\Local\iZotope 2024-04-03 11:55 - 2024-04-03 11:55 - 000001256 _____ C:\Users\simec\Desktop\iZotope RX 10 Audio Editor.lnk 2024-04-03 11:55 - 2024-04-03 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope 2024-04-03 11:55 - 2024-04-03 11:55 - 000000000 ____D C:\Program Files (x86)\iZotope 2024-04-03 11:54 - 2024-04-03 11:55 - 000000000 ____D C:\Program Files\iZotope 2024-04-03 11:54 - 2024-04-03 11:54 - 000000000 ____D C:\Program Files\Common Files\VST3 2024-04-03 11:54 - 2024-04-03 11:54 - 000000000 ____D C:\Program Files\Common Files\Avid 2024-03-29 20:14 - 2024-04-03 18:07 - 000000000 ____D C:\Users\simec\AppData\Roaming\iZotope 2024-03-28 10:50 - 2024-06-19 11:30 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Excel ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-06-20 21:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-06-20 21:21 - 2023-11-15 19:42 - 000000000 ____D C:\Users\simec\AppData\Local\Norton 2024-06-20 21:02 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-06-20 21:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-06-20 20:58 - 2023-11-03 21:36 - 001803986 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-06-20 20:58 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2024-06-20 20:56 - 2023-11-06 18:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Word 2024-06-20 20:52 - 2023-11-03 00:09 - 000000000 ____D C:\Users\simec\Documents\VanceAI 2024-06-20 20:51 - 2023-11-03 21:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-06-20 20:51 - 2023-11-03 21:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-06-20 20:51 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-06-20 20:51 - 2022-03-17 15:32 - 000000000 ____D C:\Intel 2024-06-20 20:51 - 2022-03-17 15:30 - 000000000 ____D C:\ProgramData\NVIDIA 2024-06-20 20:51 - 2022-03-17 15:23 - 000012288 ___SH C:\DumpStack.log.tmp 2024-06-20 20:50 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-06-20 20:46 - 2023-11-02 23:49 - 000000000 ____D C:\Users\simec\AppData\Roaming\TeraCopy 2024-06-20 20:41 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-06-20 20:08 - 2022-03-25 18:39 - 000000000 ____D C:\Users\simec\AppData\Local\Packages 2024-06-20 19:52 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-06-20 19:51 - 2023-11-07 16:29 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2024-06-20 19:51 - 2023-11-03 12:35 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2024-06-20 19:50 - 2022-03-25 18:47 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\MMC 2024-06-20 19:18 - 2022-03-17 15:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-06-20 17:32 - 2023-11-03 19:02 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Windows 2024-06-20 17:00 - 2022-03-17 15:42 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2024-06-20 15:55 - 2023-11-03 00:05 - 000000000 ____D C:\Users\simec\AppData\Roaming\discord 2024-06-20 15:54 - 2023-11-11 20:54 - 000000000 ____D C:\Users\simec\AppData\Roaming\HandBrake 2024-06-20 15:54 - 2023-11-03 00:05 - 000002243 _____ C:\Users\simec\Desktop\Discord.lnk 2024-06-20 15:54 - 2023-11-03 00:05 - 000000000 ____D C:\Users\simec\AppData\Local\Discord 2024-06-20 15:01 - 2023-11-02 23:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2024-06-20 14:40 - 2023-11-11 20:41 - 000000000 ____D C:\Users\simec\AppData\Roaming\vlc 2024-06-20 14:11 - 2022-03-25 18:39 - 000000000 ____D C:\Users\simec\AppData\Local\D3DSCache 2024-06-20 11:56 - 2023-11-03 13:55 - 000001456 _____ C:\Users\simec\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2024-06-19 20:43 - 2023-11-06 18:45 - 000000000 ____D C:\Users\simec\AppData\Roaming\Microsoft\Office 2024-06-19 20:17 - 2022-03-17 15:23 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-06-19 16:45 - 2022-03-25 18:41 - 000000000 ___RD C:\Users\simec\OneDrive 2024-06-19 10:25 - 2023-11-17 19:21 - 000000000 ____D C:\Users\simec\AppData\LocalLow\Norton 2024-06-19 09:27 - 2023-11-03 00:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-06-19 09:27 - 2023-11-03 00:10 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-06-18 09:16 - 2023-11-03 00:06 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-06-18 09:16 - 2023-11-03 00:06 - 000002080 _____ C:\Users\simec\Desktop\Google Slides.lnk 2024-06-18 09:16 - 2023-11-03 00:06 - 000002080 _____ C:\Users\simec\Desktop\Google Sheets.lnk 2024-06-18 09:16 - 2023-11-03 00:06 - 000002068 _____ C:\Users\simec\Desktop\Google Docs.lnk 2024-06-18 09:16 - 2023-11-03 00:06 - 000002044 _____ C:\Users\simec\Desktop\Google Drive.lnk 2024-06-17 17:03 - 2023-11-03 21:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1283810175-761726887-3710497458-1002 2024-06-17 17:03 - 2023-11-03 21:37 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2024-06-17 17:03 - 2023-11-03 00:52 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-06-16 17:26 - 2023-11-02 23:51 - 000000000 ____D C:\Users\simec\Downloads\Video 2024-06-16 14:32 - 2023-11-17 16:17 - 000000000 ____D C:\Users\simec\Downloads\Telegram Desktop 2024-06-15 09:25 - 2023-11-03 01:00 - 000000000 ____D C:\ProgramData\boost_interprocess 2024-06-13 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-06-13 13:39 - 2022-03-17 15:25 - 000000000 ____D C:\ProgramData\Packages 2024-06-13 13:38 - 2023-11-03 21:34 - 000868280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-06-13 13:37 - 2023-12-26 21:19 - 000000000 ____D C:\WINDOWS\InboxApps 2024-06-13 13:37 - 2023-11-03 19:00 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-06-13 13:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-06-13 13:37 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing 2024-06-12 19:15 - 2023-08-24 15:31 - 000000000 ____D C:\Users\simec\AppData\Local\CrashDumps 2024-06-12 16:37 - 2022-05-07 11:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2024-06-12 16:37 - 2022-05-07 11:31 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2024-06-12 16:37 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-06-12 16:34 - 2023-11-03 21:36 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-06-11 23:07 - 2023-11-03 00:12 - 000000000 ____D C:\Users\simec\AppData\Roaming\utorrent 2024-06-11 16:30 - 2021-06-05 13:08 - 000000167 _____ C:\WINDOWS\win.ini 2024-06-11 16:29 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-06-11 16:20 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System 2024-06-06 14:46 - 2023-11-03 00:52 - 000000000 ___RD C:\Users\Default\OneDrive 2024-06-06 11:11 - 2023-11-03 21:37 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-06-06 11:11 - 2023-11-03 21:37 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-06-05 14:48 - 2023-11-03 19:02 - 000000000 ____D C:\Users\simec 2024-06-03 22:30 - 2023-11-02 23:56 - 000000000 ____D C:\Users\simec\AppData\Local\Adobe 2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-05-21 11:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12 2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps 2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2024-05-21 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-05-21 11:44 - 2022-03-17 15:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-05-21 11:43 - 2022-03-17 15:41 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-05-21 11:20 - 2023-11-03 00:05 - 000000000 ____D C:\Program Files (x86)\Google ==================== Fichiers à la racine de certains dossiers ======== 2023-11-11 17:16 - 2023-11-11 17:16 - 000000039 _____ () C:\Users\simec\AppData\Roaming\epm_user.ini 2024-06-18 14:44 - 2024-06-18 14:44 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA0.jpg 2024-06-11 20:00 - 2024-06-11 20:00 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA0.png 2024-06-11 20:14 - 2024-06-11 20:14 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA2.png 2024-06-11 20:11 - 2024-06-11 20:11 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA3.png 2024-06-18 14:03 - 2024-06-18 14:03 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA4.png 2024-06-18 14:02 - 2024-06-18 14:02 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA5.png 2024-06-18 14:37 - 2024-06-18 14:37 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA6.png 2024-06-18 14:20 - 2024-06-18 14:20 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA7.png 2024-06-18 15:31 - 2024-06-18 15:31 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA8.png 2024-06-18 15:30 - 2024-06-18 15:30 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEA9.png 2024-06-18 16:16 - 2024-06-18 16:16 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAA.png 2024-06-18 16:01 - 2024-06-18 16:01 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAB.png 2024-06-18 18:18 - 2024-06-18 18:18 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAC.png 2024-06-18 17:52 - 2024-06-18 17:52 - 000000000 _____ () C:\Users\simec\AppData\Local\1407EEAD.png 2023-11-03 13:55 - 2024-06-20 11:56 - 000001456 _____ () C:\Users\simec\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2023-11-02 23:57 - 2023-11-16 14:56 - 000001640 _____ () C:\Users\simec\AppData\Local\oobelibMkey.log 2024-06-05 16:10 - 2024-06-05 16:10 - 000000790 _____ () C:\Users\simec\AppData\Local\recently-used.xbel 2023-05-21 10:29 - 2023-05-21 10:29 - 000000017 _____ () C:\Users\simec\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2023-11-11 17:09 - 2023-06-19 13:06 - 000163328 _____ C:\WINDOWS\system32\setupdrvx64.exe 2023-11-11 17:08 - 2022-12-29 13:34 - 000174216 _____ C:\WINDOWS\system32\setupepmdrvx64.exe 2024-06-10 18:22 - 2024-06-10 19:44 - 000000000 _____ C:\WINDOWS\SECOH-QAD.exe 2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll 2003-04-18 16:29 - 2003-04-18 16:29 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll 2024-06-20 20:21 - 2024-06-20 20:21 - 002395648 _____ (Farbar) C:\Users\simec\Desktop\FRST64.exe ==================== FCheck ================================ (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) FCheck: C:\WINDOWS\SECOH-QAD.exe [2024-06-10] <==== ATTENTION (zéro octet Fichier/Dossier) ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {3aab778e-a5fd-11ec-b37d-9c49f6a9dc01} {3aab778f-a5fd-11ec-b37d-9c49f6a9dc01} {3aab7790-a5fd-11ec-b37d-9c49f6a9dc01} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {3aab778e-a5fd-11ec-b37d-9c49f6a9dc01} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {3aab778f-a5fd-11ec-b37d-9c49f6a9dc01} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {3aab7790-a5fd-11ec-b37d-9c49f6a9dc01} description EFI Network Chargeur de démarrage Windows ----------------------------- identificateur {3aab7794-a5fd-11ec-b37d-9c49f6a9dc01} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{3aab7795-a5fd-11ec-b37d-9c49f6a9dc01} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{3aab7795-a5fd-11ec-b37d-9c49f6a9dc01} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{3aab779a-a5fd-11ec-b37d-9c49f6a9dc01} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{3aab779a-a5fd-11ec-b37d-9c49f6a9dc01} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {3aab7796-a5fd-11ec-b37d-9c49f6a9dc01} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {3aab7799-a5fd-11ec-b37d-9c49f6a9dc01} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {3aab7795-a5fd-11ec-b37d-9c49f6a9dc01} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi Options de périphérique ----------------------- identificateur {3aab779a-a5fd-11ec-b37d-9c49f6a9dc01} description Windows Recovery ramdisksdidevice unknown ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================