Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-06-2022
Exécuté par JPB (administrateur) sur DESKTOP-VERPV48 (ASUSTeK COMPUTER INC. V230IC-DDR4) (10-06-2022 10:32:13)
Exécuté depuis C:\Users\JPB\Desktop
Profils chargés: JPB
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1706 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxEM.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.11.0\crashpad_handler.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (MAGIX AG) [Fichier non signé] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269312 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ListenToDevice] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [MicrosoftEdgeAutoLaunch_CAE618BB992FFA1F7A80B48E750B43C2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2F892AF2-06DD-4505-AFD9-60B89A405078} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-02] (Google LLC -> Google LLC)
Task: {36CAB8C4-E774-422F-8580-B1215A3D093E} - System32\Tasks\CCleanerSkipUAC - JPB => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {40171460-B1DD-4CD2-9F2B-0CE8878D29BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B2AB967-C6E3-42AD-A618-AB13CED3BA39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-02] (Google LLC -> Google LLC)
Task: {7602561E-1755-4B82-BD71-8A071B807B1D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {807D4AB2-4C24-42E8-9DDD-2D2F942606AB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {91168BE0-8999-4BFD-87DE-4C57DFEB3DFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1FB515A-E778-4875-A283-371EB0AEC900} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C5C2E688-9ED9-4D1E-B2E3-417734B93CD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F6B60235-3EFC-4F33-BAA9-1F065A6F8FFF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72bb6338-0cde-416d-abd8-3f8ac44c40ec}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a4935af2-3966-46cc-8028-f100acc9dccc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\JPB\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-09]
Edge DownloadDir: Default -> C:\Users\JPB\Desktop
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ykf33b1y.default
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\ykf33b1y.default [2021-10-06]
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\sqayz44t.default-release-1619596817691 [2022-06-10]
FF DownloadDir: C:\Users\JPB\Desktop
FF Homepage: Mozilla\Firefox\Profiles\sqayz44t.default-release-1619596817691 -> hxxps://www.orange.fr/portail
FF Extension: (uBlock Origin) - C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\sqayz44t.default-release-1619596817691\Extensions\uBlock0@raymondhill.net.xpi [2022-04-10]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Fichier non signé]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-27] (HP Inc. -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [54552 2015-12-17] (Broadcom Corporation -> Broadcom Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287744 2022-04-14] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-11-23] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl21fed64a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D849FEEB-6D5A-4EC1-ADDB-D61374F1EA81}\MpKslDrv.sys [137464 2022-06-08] (Microsoft Windows -> Microsoft Corporation)
R3 MpKslbeed1bd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3E1752D8-F325-48E1-931A-948FCEA19F4E}\MpKslDrv.sys [137464 2022-06-09] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-10 10:16 - 2022-06-10 10:18 - 000036325 _____ C:\Users\JPB\Desktop\Addition.txt
2022-06-10 10:13 - 2022-06-10 10:33 - 000014478 _____ C:\Users\JPB\Desktop\FRST.txt
2022-06-10 10:12 - 2022-06-10 10:32 - 000000000 ____D C:\FRST
2022-06-10 10:09 - 2022-06-10 10:10 - 002368000 _____ (Farbar) C:\Users\JPB\Desktop\FRST64.exe
2022-06-10 09:00 - 2022-06-10 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-09 06:19 - 2022-06-09 06:19 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-02 07:13 - 2022-06-08 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-05-31 17:20 - 2022-05-31 17:21 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.3
2022-05-31 17:20 - 2022-05-31 17:20 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 7.3.lnk
2022-05-13 18:43 - 2022-05-13 18:43 - 000000000 ____D C:\ProgramData\Piriform
2022-05-13 08:14 - 2022-05-13 08:14 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:13 - 2022-05-13 08:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:13 - 2022-05-13 08:13 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 07:31 - 2022-05-13 07:31 - 000000000 ___HD C:\$WinREAgent
2022-05-08 18:19 - 2022-05-09 11:42 - 000000000 ____D C:\WINDOWS\Minidump
2022-05-06 10:36 - 2022-05-12 11:33 - 000000000 ____D C:\Users\JPB\AppData\Roaming\Peugeot Update
2022-05-06 10:23 - 2022-05-06 10:23 - 000001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2022-05-06 10:23 - 2022-05-06 10:23 - 000001937 _____ C:\Users\Public\Desktop\Peugeot Update.lnk
2022-05-06 10:23 - 2022-05-06 10:23 - 000000000 ____D C:\Program Files\Peugeot Update
2022-05-01 16:12 - 2022-05-01 16:12 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-26 12:54 - 2022-04-26 12:54 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-21 09:28 - 2022-04-21 09:28 - 000001277 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2022-04-21 09:26 - 2022-04-21 09:25 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-21 07:34 - 2022-02-01 07:01 - 000431936 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 001465016 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-04-21 07:34 - 2022-02-01 07:00 - 001465016 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-04-21 07:34 - 2022-02-01 07:00 - 001043176 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 001043176 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 000448392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 000362944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-04-14 09:17 - 2022-04-14 09:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-14 09:12 - 2022-04-14 09:12 - 000287744 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-10 10:32 - 2020-11-01 18:28 - 000000000 ____D C:\Users\JPB\AppData\LocalLow\Mozilla
2022-06-10 10:30 - 2021-10-10 11:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-10 10:30 - 2020-12-05 10:41 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-10 10:30 - 2020-12-05 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-10 10:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-10 10:07 - 2021-10-10 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-10 07:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-10 07:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-10 07:53 - 2020-12-06 13:08 - 000000000 ____D C:\Program Files\CCleaner
2022-06-10 07:50 - 2020-11-02 01:39 - 000000000 __SHD C:\Users\JPB\IntelGraphicsProfiles
2022-06-09 11:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-09 06:15 - 2020-12-05 11:10 - 000000000 ____D C:\Users\JPB\AppData\Local\D3DSCache
2022-06-08 10:29 - 2021-10-10 11:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-08 10:29 - 2021-10-10 11:03 - 000562912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-08 10:29 - 2020-11-02 00:36 - 000000000 ____D C:\Intel
2022-06-08 10:29 - 2020-11-02 00:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-07 10:32 - 2021-01-05 13:23 - 000000000 ____D C:\Users\JPB\AppData\LocalLow\IGDump
2022-06-06 07:43 - 2021-10-10 11:26 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-05 08:10 - 2020-12-11 17:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-03 08:42 - 2021-11-05 15:24 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2022-06-01 11:13 - 2020-12-05 10:41 - 000000000 ____D C:\ProgramData\Mozilla
2022-05-31 17:26 - 2020-12-05 10:56 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2022-05-31 17:21 - 2020-12-21 09:53 - 000000000 ____D C:\Program Files\LibreOffice
2022-05-31 17:08 - 2020-12-05 11:01 - 000000844 _____ C:\Users\Public\Desktop\UCheck.lnk
2022-05-31 17:08 - 2020-12-05 11:01 - 000000000 ____D C:\Program Files\UCheck
2022-05-31 17:08 - 2020-11-02 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2022-05-24 11:11 - 2021-10-10 11:22 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-24 11:11 - 2019-12-07 16:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2022-05-24 11:11 - 2019-12-07 16:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2022-05-24 11:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-16 18:34 - 2021-10-10 10:25 - 000000000 ____D C:\Users\JPB
2022-05-13 08:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 08:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-12 10:57 - 2020-12-05 07:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-12 10:54 - 2020-12-05 07:54 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {ee5b337a-3668-11eb-8600-bc012f573684}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {0b848e85-29a9-11ec-9c26-b5a41f5165e8}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0b848e86-29a9-11ec-9c26-b5a41f5165e8}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0b848e86-29a9-11ec-9c26-b5a41f5165e8}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {6858c517-f3bd-11e7-8f46-f412bc45de1b}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6858c518-f3bd-11e7-8f46-f412bc45de1b}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6858c518-f3bd-11e7-8f46-f412bc45de1b}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {0b848e85-29a9-11ec-9c26-b5a41f5165e8}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {ee5b337a-3668-11eb-8600-bc012f573684}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {ee5b337a-3668-11eb-8600-bc012f573684}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {0b848e85-29a9-11ec-9c26-b5a41f5165e8}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {0b848e86-29a9-11ec-9c26-b5a41f5165e8}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par JPB (administrateur) sur DESKTOP-VERPV48 (ASUSTeK COMPUTER INC. V230IC-DDR4) (10-06-2022 10:32:13)
Exécuté depuis C:\Users\JPB\Desktop
Profils chargés: JPB
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1706 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxEM.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.11.0\crashpad_handler.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_5b87a6d6dce2309d\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (MAGIX AG) [Fichier non signé] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269312 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ListenToDevice] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [MicrosoftEdgeAutoLaunch_CAE618BB992FFA1F7A80B48E750B43C2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.11.0\GoogleDriveFS.exe [54450008 2021-11-23] (Google LLC -> Google, Inc.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2F892AF2-06DD-4505-AFD9-60B89A405078} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-02] (Google LLC -> Google LLC)
Task: {36CAB8C4-E774-422F-8580-B1215A3D093E} - System32\Tasks\CCleanerSkipUAC - JPB => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {40171460-B1DD-4CD2-9F2B-0CE8878D29BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B2AB967-C6E3-42AD-A618-AB13CED3BA39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-02] (Google LLC -> Google LLC)
Task: {7602561E-1755-4B82-BD71-8A071B807B1D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {807D4AB2-4C24-42E8-9DDD-2D2F942606AB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {91168BE0-8999-4BFD-87DE-4C57DFEB3DFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1FB515A-E778-4875-A283-371EB0AEC900} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C5C2E688-9ED9-4D1E-B2E3-417734B93CD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F6B60235-3EFC-4F33-BAA9-1F065A6F8FFF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{72bb6338-0cde-416d-abd8-3f8ac44c40ec}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a4935af2-3966-46cc-8028-f100acc9dccc}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\JPB\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-09]
Edge DownloadDir: Default -> C:\Users\JPB\Desktop
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ykf33b1y.default
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\ykf33b1y.default [2021-10-06]
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\sqayz44t.default-release-1619596817691 [2022-06-10]
FF DownloadDir: C:\Users\JPB\Desktop
FF Homepage: Mozilla\Firefox\Profiles\sqayz44t.default-release-1619596817691 -> hxxps://www.orange.fr/portail
FF Extension: (uBlock Origin) - C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\sqayz44t.default-release-1619596817691\Extensions\uBlock0@raymondhill.net.xpi [2022-04-10]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Fichier non signé]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Fichier non signé]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Fichier non signé]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-27] (HP Inc. -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [54552 2015-12-17] (Broadcom Corporation -> Broadcom Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287744 2022-04-14] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-11-23] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl21fed64a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D849FEEB-6D5A-4EC1-ADDB-D61374F1EA81}\MpKslDrv.sys [137464 2022-06-08] (Microsoft Windows -> Microsoft Corporation)
R3 MpKslbeed1bd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3E1752D8-F325-48E1-931A-948FCEA19F4E}\MpKslDrv.sys [137464 2022-06-09] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-10 10:16 - 2022-06-10 10:18 - 000036325 _____ C:\Users\JPB\Desktop\Addition.txt
2022-06-10 10:13 - 2022-06-10 10:33 - 000014478 _____ C:\Users\JPB\Desktop\FRST.txt
2022-06-10 10:12 - 2022-06-10 10:32 - 000000000 ____D C:\FRST
2022-06-10 10:09 - 2022-06-10 10:10 - 002368000 _____ (Farbar) C:\Users\JPB\Desktop\FRST64.exe
2022-06-10 09:00 - 2022-06-10 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-09 06:19 - 2022-06-09 06:19 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-06-02 07:13 - 2022-06-08 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-05-31 17:20 - 2022-05-31 17:21 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.3
2022-05-31 17:20 - 2022-05-31 17:20 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 7.3.lnk
2022-05-13 18:43 - 2022-05-13 18:43 - 000000000 ____D C:\ProgramData\Piriform
2022-05-13 08:14 - 2022-05-13 08:14 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-05-13 08:13 - 2022-05-13 08:13 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-05-13 08:13 - 2022-05-13 08:13 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-05-13 07:31 - 2022-05-13 07:31 - 000000000 ___HD C:\$WinREAgent
2022-05-08 18:19 - 2022-05-09 11:42 - 000000000 ____D C:\WINDOWS\Minidump
2022-05-06 10:36 - 2022-05-12 11:33 - 000000000 ____D C:\Users\JPB\AppData\Roaming\Peugeot Update
2022-05-06 10:23 - 2022-05-06 10:23 - 000001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2022-05-06 10:23 - 2022-05-06 10:23 - 000001937 _____ C:\Users\Public\Desktop\Peugeot Update.lnk
2022-05-06 10:23 - 2022-05-06 10:23 - 000000000 ____D C:\Program Files\Peugeot Update
2022-05-01 16:12 - 2022-05-01 16:12 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-26 12:54 - 2022-04-26 12:54 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-21 09:28 - 2022-04-21 09:28 - 000001277 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2022-04-21 09:26 - 2022-04-21 09:25 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-21 07:34 - 2022-02-01 07:01 - 000431936 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 001465016 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-04-21 07:34 - 2022-02-01 07:00 - 001465016 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-04-21 07:34 - 2022-02-01 07:00 - 001043176 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 001043176 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 000448392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-04-21 07:34 - 2022-02-01 07:00 - 000362944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-04-14 09:17 - 2022-04-14 09:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-14 09:12 - 2022-04-14 09:12 - 000287744 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-10 10:32 - 2020-11-01 18:28 - 000000000 ____D C:\Users\JPB\AppData\LocalLow\Mozilla
2022-06-10 10:30 - 2021-10-10 11:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-10 10:30 - 2020-12-05 10:41 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-10 10:30 - 2020-12-05 10:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-10 10:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-10 10:07 - 2021-10-10 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-10 07:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-10 07:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-10 07:53 - 2020-12-06 13:08 - 000000000 ____D C:\Program Files\CCleaner
2022-06-10 07:50 - 2020-11-02 01:39 - 000000000 __SHD C:\Users\JPB\IntelGraphicsProfiles
2022-06-09 11:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-09 06:15 - 2020-12-05 11:10 - 000000000 ____D C:\Users\JPB\AppData\Local\D3DSCache
2022-06-08 10:29 - 2021-10-10 11:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-08 10:29 - 2021-10-10 11:03 - 000562912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-08 10:29 - 2020-11-02 00:36 - 000000000 ____D C:\Intel
2022-06-08 10:29 - 2020-11-02 00:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-07 10:32 - 2021-01-05 13:23 - 000000000 ____D C:\Users\JPB\AppData\LocalLow\IGDump
2022-06-06 07:43 - 2021-10-10 11:26 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-05 08:10 - 2020-12-11 17:17 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-03 08:42 - 2021-11-05 15:24 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2022-06-01 11:13 - 2020-12-05 10:41 - 000000000 ____D C:\ProgramData\Mozilla
2022-05-31 17:26 - 2020-12-05 10:56 - 000002009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2022-05-31 17:21 - 2020-12-21 09:53 - 000000000 ____D C:\Program Files\LibreOffice
2022-05-31 17:08 - 2020-12-05 11:01 - 000000844 _____ C:\Users\Public\Desktop\UCheck.lnk
2022-05-31 17:08 - 2020-12-05 11:01 - 000000000 ____D C:\Program Files\UCheck
2022-05-31 17:08 - 2020-11-02 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2022-05-24 11:11 - 2021-10-10 11:22 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-05-24 11:11 - 2019-12-07 16:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2022-05-24 11:11 - 2019-12-07 16:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2022-05-24 11:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-05-16 18:34 - 2021-10-10 10:25 - 000000000 ____D C:\Users\JPB
2022-05-13 08:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-05-13 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-05-13 08:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-12 10:57 - 2020-12-05 07:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-05-12 10:54 - 2020-12-05 07:54 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
timeout 2
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {ee5b337a-3668-11eb-8600-bc012f573684}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {0b848e85-29a9-11ec-9c26-b5a41f5165e8}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0b848e86-29a9-11ec-9c26-b5a41f5165e8}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0b848e86-29a9-11ec-9c26-b5a41f5165e8}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {6858c517-f3bd-11e7-8f46-f412bc45de1b}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6858c518-f3bd-11e7-8f46-f412bc45de1b}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6858c518-f3bd-11e7-8f46-f412bc45de1b}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {0b848e85-29a9-11ec-9c26-b5a41f5165e8}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {ee5b337a-3668-11eb-8600-bc012f573684}
nx OptIn
bootmenupolicy Standard
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {ee5b337a-3668-11eb-8600-bc012f573684}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {0b848e85-29a9-11ec-9c26-b5a41f5165e8}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {0b848e86-29a9-11ec-9c26-b5a41f5165e8}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================