Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02 Exécuté par blaks (administrateur) sur DESKTOP-J9Q4TGS (HP HP Z240 Tower Workstation) (30-11-2023 16:26:46) Exécuté depuis C:\Users\blaks\Downloads\FRST64.exe Profils chargés: blaks Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3086 (X64) Langue: Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (C:\STEAM\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) C:\STEAM\steamapps\common\wallpaper_engine\wallpaper32.exe (cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Discord Inc. -> Discord Inc.) C:\Users\blaks\AppData\Local\Discord\app-1.0.9025\Discord.exe <6> (DriverStore\FileRepository\u0392837.inf_amd64_9a77fba04d783a0e\B392251\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392837.inf_amd64_9a77fba04d783a0e\B392251\atieclxx.exe (explorer.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open Source Developers) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2023.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Opera Norway AS -> Opera Software) C:\Users\blaks\AppData\Local\Programs\Opera GX\104.0.4944.74\opera_autoupdate.exe <2> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392837.inf_amd64_9a77fba04d783a0e\B392251\atiesrxx.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WebManagement.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Skutta, Kristjan -> ) C:\STEAM\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3684_none_7dfc270e7c9a3a0b\TiWorker.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-05-14] (Adobe Inc. -> ) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-20] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-2938157897-1260247550-1139719007-1004\...\Run: [Opera GX Stable] => C:\Users\blaks\AppData\Local\Programs\Opera GX\launcher.exe [2587040 2023-11-29] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-2938157897-1260247550-1139719007-1004\...\Run: [Steam] => C:\STEAM\steam.exe [4371816 2023-06-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2938157897-1260247550-1139719007-1004\...\Run: [Discord] => C:\Users\blaks\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub) HKU\S-1-5-21-2938157897-1260247550-1139719007-1004\...\Run: [Opera GX Browser Assistant] => C:\Users\blaks\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2938157897-1260247550-1139719007-1004\...\Run: [MicrosoftEdgeAutoLaunch_38218B1EEE4C4634E9F2329E8DF8FAB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896784 2023-11-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2938157897-1260247550-1139719007-1004\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (Pas de fichier) HKU\S-1-5-21-2938157897-1260247550-1139719007-1004\...\Run: [WallpaperEngine] => C:\STEAM\steamapps\common\wallpaper_engine\wallpaper32.exe [3050080 2023-05-14] (Skutta, Kristjan -> ) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {A7067AD1-8806-4348-A16A-29CE18749CB5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {EF8E7B5E-65B1-4206-994F-1295FCF1555B} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {9079F9A5-F238-45E2-B814-D69CDB52836D} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => C:\Windows\system32\StartupCheck.vbs [394 2023-06-24] () [Fichier non signé] Task: {F201E027-9EE8-49B4-835D-790884EB82D6} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => Maintenance.vbs (Pas de fichier) Task: {1DC2AEBF-1D73-4BA3-AF44-B9FA1799A7AF} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {6D389AFC-3A4C-4030-A63D-55CFBE6BF81E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1538385B-77EB-4B29-A7A2-84BF6E838600} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8FFF0712-0687-4BF2-8AAE-237BD838D258} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7C85C7B6-C015-4CD1-B030-964E8B71E4D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1757B39D-3C1A-43BB-ADAB-853EC06A6761} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1684251066 => C:\Users\blaks\AppData\Local\Programs\Opera GX\launcher.exe [2587040 2023-11-29] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\blaks\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {D747A50C-B0E2-4539-BA65-061BD03FEAFD} - System32\Tasks\Opera GX scheduled Autoupdate 1684054159 => C:\Users\blaks\AppData\Local\Programs\Opera GX\launcher.exe [2587040 2023-11-29] (Opera Norway AS -> Opera Software) Task: {CB40C0AB-94B5-4C87-AB73-6E90DBD51B57} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {7D1BA16A-2C1C-442E-BADD-AA989E6B3320} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{5cfa4737-cb7c-4b8a-a9ef-bbe267b0dd74}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{d3926fb6-2b17-4e3b-bf92-1e91bc926575}: [DhcpNameServer] 208.67.222.222 Edge: ======= Edge Profile: C:\Users\blaks\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-01] Edge Extension: (Edge relevant text changes) - C:\Users\blaks\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-27] FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-20] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-20] (Adobe Inc. -> Adobe Systems) Opera: ======= StartMenuInternet: (HKU\S-1-5-21-2938157897-1260247550-1139719007-1004) Opera GXStable - "C:\Users\blaks\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Wallpaper Engine Service; C:\STEAM\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [134752 2023-05-14] (Skutta, Kristjan -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices) S3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0392837.inf_amd64_9a77fba04d783a0e\B392251\amdkmdag.sys [100305800 2023-06-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] R3 MpKsl2d725a12; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AB3E2669-4CB4-4AB1-8E7A-6E6AEB31D9EA}\MpKslDrv.sys [263560 2023-11-30] (Microsoft Windows -> Microsoft Corporation) S3 VoiceAIDriver; C:\Windows\System32\DriverStore\FileRepository\voiceaidriver.inf_amd64_214d6aacf9c41414\voiceaidriver.sys [73616 2023-06-20] (Voice AI LLC -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-12] (Microsoft Windows -> Microsoft Corporation) S3 MpKsl8fb67c69; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C16F6E66-5682-4F31-BF1C-6AD09E749FBB}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-11-26 16:49 - 2023-11-26 16:49 - 000000000 ___HD C:\$WinREAgent 2023-11-26 10:14 - 2023-11-26 10:15 - 000037180 _____ C:\Users\blaks\Downloads\Addition.txt 2023-11-26 10:11 - 2023-11-30 16:27 - 000016337 _____ C:\Users\blaks\Downloads\FRST.txt 2023-11-26 10:10 - 2023-11-30 16:27 - 000000000 ____D C:\FRST 2023-11-26 10:10 - 2023-11-26 10:10 - 002383872 _____ (Farbar) C:\Users\blaks\Downloads\FRST64.exe 2023-11-24 11:12 - 2023-11-24 11:12 - 003878340 _____ C:\Windows\Minidump\112423-5406-01.dmp 2023-11-23 13:28 - 2023-11-23 13:28 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_RdpIdd_02_15_00.Wdf 2023-11-23 12:14 - 2023-11-23 12:16 - 159656768 _____ (NVIDIA Corporation) C:\Users\blaks\Downloads\305.53_desktop_winxp_64bit_international (1).exe 2023-11-23 10:53 - 2023-11-23 10:53 - 003897700 _____ C:\Windows\Minidump\112323-5375-01.dmp 2023-11-20 19:39 - 2023-11-20 19:39 - 003916180 _____ C:\Windows\Minidump\112023-5156-01.dmp 2023-11-20 14:45 - 2023-11-20 14:45 - 003805652 _____ C:\Windows\Minidump\112023-7140-01.dmp 2023-11-12 18:40 - 2023-11-12 18:41 - 003820292 _____ C:\Windows\Minidump\111223-7890-01.dmp 2023-11-03 22:57 - 2023-11-03 22:57 - 000000000 ____D C:\ProgramData\PLUG 2023-11-03 12:22 - 2023-11-03 12:22 - 000000000 ____D C:\Program Files\RUXIM ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-11-30 16:24 - 2023-05-14 10:08 - 000000000 ____D C:\Users\blaks\AppData\Roaming\discord 2023-11-30 16:24 - 2023-05-14 10:08 - 000000000 ____D C:\Users\blaks\AppData\Local\Discord 2023-11-30 16:24 - 2023-05-14 09:49 - 000004244 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1684054159 2023-11-30 16:24 - 2023-05-14 09:49 - 000001438 _____ C:\Users\blaks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk 2023-11-30 16:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2023-11-30 16:23 - 2023-05-10 18:11 - 000000000 ___RD C:\Users\blaks\OneDrive 2023-11-30 16:23 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-11-30 16:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-30 16:21 - 2023-04-14 14:38 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI 2023-11-30 16:21 - 2019-12-07 15:50 - 000755174 _____ C:\Windows\system32\perfh00C.dat 2023-11-30 16:21 - 2019-12-07 15:50 - 000141980 _____ C:\Windows\system32\perfc00C.dat 2023-11-30 16:21 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2023-11-30 16:14 - 2023-04-14 14:32 - 000432000 _____ C:\Windows\system32\FNTCACHE.DAT 2023-11-30 16:14 - 2023-04-14 14:32 - 000008192 ___SH C:\DumpStack.log.tmp 2023-11-30 16:14 - 2023-04-14 14:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-11-30 16:12 - 2023-04-14 14:32 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-30 16:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-30 16:12 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI 2023-11-30 16:10 - 2019-12-07 15:53 - 000000000 ___SD C:\Windows\system32\AppV 2023-11-30 16:10 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-11-30 16:10 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-11-30 16:10 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-11-30 16:10 - 2019-12-07 15:50 - 000000000 ____D C:\Windows\SysWOW64\fr 2023-11-30 16:10 - 2019-12-07 15:50 - 000000000 ____D C:\Windows\system32\fr 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-11-30 16:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-11-30 16:10 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing 2023-11-30 16:09 - 2019-12-07 15:53 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2023-11-30 16:09 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2023-11-30 16:09 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2023-11-30 16:04 - 2023-04-14 14:32 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-11-26 16:55 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2023-11-24 22:10 - 2023-06-14 17:54 - 000000000 ____D C:\Users\blaks\AppData\Roaming\Code 2023-11-24 11:13 - 2023-10-30 21:12 - 000000000 ____D C:\Windows\Minidump 2023-11-24 11:12 - 2023-10-30 21:12 - 1194024651 _____ C:\Windows\MEMORY.DMP 2023-11-23 19:31 - 2023-06-14 17:53 - 000000000 ____D C:\Microsoft VS Code 2023-11-23 19:29 - 2023-06-14 17:54 - 000000000 ____D C:\Users\blaks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2023-11-23 19:27 - 2023-06-14 18:14 - 000000000 ____D C:\Users\blaks\.bito 2023-11-23 19:26 - 2023-05-15 16:11 - 000000000 ____D C:\Users\blaks\OneDrive\Documents\[YT] - BLAKS 2023-11-23 13:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState 2023-11-23 13:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports 2023-11-23 13:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Registration 2023-11-23 10:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat 2023-11-22 22:29 - 2023-07-28 17:53 - 000003530 _____ C:\Windows\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 2023-11-22 22:29 - 2023-05-14 12:49 - 000003506 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0 2023-11-20 21:02 - 2023-05-10 18:07 - 000000000 ____D C:\Users\blaks 2023-11-19 15:51 - 2023-06-21 18:53 - 000000000 ____D C:\Users\blaks\AppData\Local\D3DSCache 2023-11-18 22:05 - 2023-04-14 14:43 - 000000000 ____D C:\Windows\system32\MRT 2023-11-18 22:04 - 2023-04-14 14:43 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-11-18 21:53 - 2023-05-10 18:12 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2938157897-1260247550-1139719007-1004 2023-11-18 21:53 - 2023-05-10 18:11 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2938157897-1260247550-1139719007-1004 2023-11-18 21:53 - 2023-05-10 18:11 - 000002421 _____ C:\Users\blaks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-11-12 18:55 - 2023-04-14 14:32 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-11-03 23:02 - 2023-06-24 15:05 - 000000000 ____D C:\Users\blaks\AppData\Local\AMD_Common 2023-11-03 22:57 - 2023-05-10 18:10 - 000000000 ____D C:\Users\blaks\AppData\Local\Packages 2023-11-03 12:24 - 2023-04-14 14:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-10-31 15:58 - 2023-04-14 14:32 - 000003688 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-10-31 15:58 - 2023-04-14 14:32 - 000003564 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Fichiers à la racine de certains dossiers ======== 2023-05-14 12:45 - 2023-05-14 12:45 - 000000410 _____ () C:\Users\blaks\AppData\Local\oobelibMkey.log 2023-07-11 10:13 - 2023-07-11 10:13 - 000007648 _____ () C:\Users\blaks\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================