cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01
Exécuté par carin (administrateur) sur LAPTOP-46LR2QBH (ASUSTeK COMPUTER INC. X705UAR) (02-02-2024 14:46:19)
Exécuté depuis C:\Users\carin\Desktop\FRST64.exe
Profils chargés: carin
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe
(explorer.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek Computer Inc.) C:\Program Files\WindowsApps\b9eced6f.asusbatteryhealthcharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <43>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3952104 2020-09-24] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.)
HKLM\Software\Policies\...\system: [EnableActivityFeed] 1
HKLM\Software\Policies\...\system: [PublishUserActivities] 1
HKLM\Software\Policies\...\system: [UploadUserActivities] 1
HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher [2086912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> )
HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [Microsoft Edge Update] => C:\Users\carin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\MicrosoftEdgeUpdateCore.exe [264264 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [MicrosoftEdgeAutoLaunch_5245CEBF12C39CC06692E3907897DF77] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [GoogleChromeAutoLaunch_281D590184FC330A4A9370400F9D531C] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2754848 2024-01-30] (Google LLC -> Google LLC)
HKLM\...\Windows x64\Print Processors\sst7cPC: C:\Windows\System32\spool\prtprocs\x64\sst7cpc.dll [43520 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\sst7c Langmon: C:\WINDOWS\system32\sst7clm.dll [22528 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.140\Installer\chrmstp.exe [2024-02-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {F466B6F9-A8EA-416E-8342-0B4098B15975} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B9D03F91-4368-4449-9765-94C453A64D5E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "7230259a-62c4-4e36-b5f6-0723dec0181c" --version "6.20.10897" --silent
Task: {974BE38A-58EC-43DF-8477-A91CA31B6F54} - System32\Tasks\CCleanerSkipUAC - carin => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3AB7971A-B013-4B32-AC45-52EF37D34033} - System32\Tasks\GoogleUpdateTaskMachineCore{52C98F00-4B58-4C28-9CC8-809DEA2E7864} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-22] (Google LLC -> Google LLC)
Task: {F28FB028-7DD5-4959-AAD0-BB8648726589} - System32\Tasks\GoogleUpdateTaskMachineUA{2EE8ECEA-2E4F-4190-9A7C-ECCBA946C63A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-22] (Google LLC -> Google LLC)
Task: {05DC144F-1D92-4719-8980-025F6D051B2E} - System32\Tasks\McAfee\McAfee OOBE Patch Telemetry => C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe [3499728 2022-02-14] (McAfee, LLC -> McAfee, LLC)
Task: {7AEC7BE9-B42D-4884-9F11-3C3A227E7D6E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371640 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F02DD79A-E274-4197-AE41-653220F6A4F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371640 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C8E266B-A5C9-4855-972D-24F2F3AD8A0A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218592 2024-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0687B0BF-FC1D-47FA-8EBD-7DB3D1BB1502} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218592 2024-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D421C9F-7292-4104-8599-FC648BDE2CEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CDEF35F-B78D-46F9-B01B-865494142A51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C79332A3-78D2-48D6-BF6C-F20F274867B3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {475346B6-E5C9-4289-B421-9EE716DE6A78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E88C02F3-F124-4864-8791-6B2310236573} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2131826725-57417705-4140628651-1001Core{D84A2EE3-7042-4B9D-A15C-758A4E3CEA02} => C:\Users\carin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206240 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E135C47A-E614-4B06-91F2-FCCAF5B41E44} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2131826725-57417705-4140628651-1001UA{9AA77288-150A-45F1-8049-69CFFB831E5C} => C:\Users\carin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206240 2023-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {31B4FEE1-7377-463A-B279-A14ECA92CF97} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-02-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C777CCB9-DA25-46DA-A074-A339C5988EE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {E8C2FC6C-4408-460F-B76C-DCC479788DD3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2977416301-2504957958-2930931968-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {362AFB0F-3840-45BC-912C-AF4BE1C44133} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {38CC0911-206A-42C4-B8BF-F13F629CBE35} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5E288E8F-F186-45CB-9582-D1DC4851B4FF} - System32\Tasks\SplendidTask => C:\ProgramData\ASUS\ASUS -> Splendid\SplendidStartUp.exe <==== ATTENTION
Task: {35A46466-5AEC-468F-A5FF-18D478D9A20B} - System32\Tasks\Update Checker => "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" (Pas de fichier)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d81eee9-be89-4f1c-a0e5-24012b7e8dfe}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d81eee9-be89-4f1c-a0e5-24012b7e8dfe}\356425F523140303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d81eee9-be89-4f1c-a0e5-24012b7e8dfe}\356425F583831383: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-01]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-01-25]
Edge Extension: (Google Docs hors connexion) - C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Edge relevant text changes) - C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: ijm8uouj.default
FF ProfilePath: C:\Users\carin\AppData\Roaming\Mozilla\Firefox\Profiles\ijm8uouj.default [2022-03-01]
FF ProfilePath: C:\Users\carin\AppData\Roaming\Mozilla\Firefox\Profiles\5hfnrf32.default-release-1678707044716 [2024-02-02]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2023-12-18] [non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default [2024-02-02]
CHR Extension: (Google Traduction) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-01-27]
CHR Extension: (Amazon Keyword Tool for free: SellerApp) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebpbmopodkmcadehlkmghfcfmgnacdm [2023-12-12]
CHR Extension: (SellerSprite - Amazon Research Tool) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbmbgocenenhhhdojdielgnmeflbnfb [2023-12-28]
CHR Extension: (Helium 10) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2024-01-31]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-22]
CHR Profile: C:\Users\carin\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-02-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14045768 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [109504 2018-04-26] (Alcorlink Corp. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-23] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKsl83675348; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D92726C-03DB-44C0-902C-FBC7F04556E2}\MpKslDrv.sys [263560 2024-02-02] (Microsoft Windows -> Microsoft Corporation)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-02-02 14:38 - 2024-02-02 14:46 - 000020227 _____ C:\Users\carin\Desktop\FRST.txt
2024-02-02 14:38 - 2024-02-02 14:46 - 000000000 ____D C:\FRST
2024-02-02 14:37 - 2024-02-02 14:37 - 002389504 _____ (Farbar) C:\Users\carin\Desktop\FRST64.exe
2024-02-02 10:41 - 2024-02-02 10:41 - 000146490 _____ C:\Users\carin\Desktop\ZHPDiag.txt
2024-02-02 10:37 - 2024-02-02 10:41 - 000000000 ____D C:\Users\carin\AppData\Roaming\ZHP
2024-02-02 10:37 - 2024-02-02 10:37 - 000000867 _____ C:\Users\carin\Desktop\ZHPSuite.lnk
2024-02-02 10:37 - 2024-02-02 10:37 - 000000000 ____D C:\Users\carin\AppData\Local\ZHP
2024-02-02 10:35 - 2024-02-02 10:35 - 003538080 _____ (Nicolas Coolman) C:\Users\carin\Desktop\ZHPSuite.exe
2024-02-01 18:58 - 2024-02-02 09:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-01-27 00:14 - 2024-01-27 00:14 - 000000000 ____D C:\Mes Sites Web
2024-01-26 14:04 - 2024-01-26 14:04 - 000000000 ____D C:\Users\carin\AppData\LocalLow\webviewdata
2024-01-11 10:27 - 2024-01-11 10:27 - 000000000 ____D C:\Users\carin\AppData\Local\Microsoft_Corporation
2024-01-11 00:49 - 2024-01-11 00:49 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\MMC
2024-01-10 13:05 - 2024-01-10 13:07 - 000000000 ___HD C:\$WinREAgent
2023-12-18 19:23 - 2023-12-18 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2023-12-18 19:23 - 2023-12-18 19:23 - 000000000 ____D C:\ProgramData\Logishrd
2023-12-18 19:23 - 2023-12-18 19:23 - 000000000 ____D C:\Program Files\Logitech
2023-12-18 19:22 - 2023-12-18 19:23 - 000000000 ____D C:\Program Files\Common Files\Logishrd
2023-12-18 19:20 - 2023-12-18 19:21 - 000000000 ____D C:\Users\carin\AppData\Roaming\Logishrd
2023-12-18 19:20 - 2023-12-18 19:20 - 000000000 ____D C:\Users\carin\AppData\Roaming\Logitech
2023-12-15 11:36 - 2023-12-15 11:36 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-14 17:44 - 2023-12-14 17:44 - 000002224 _____ C:\Users\Public\Desktop\seotool.lnk
2023-12-14 17:44 - 2023-12-14 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\groupbuyseotools.org
2023-12-14 17:44 - 2023-12-14 17:44 - 000000000 ____D C:\Program Files (x86)\groupbuyseotools
2023-12-14 13:08 - 2023-12-14 13:08 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-11-20 20:45 - 2024-01-20 16:43 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\Outlook
2023-11-14 20:51 - 2023-11-14 20:51 - 000000000 ____D C:\Users\carin\AppData\Roaming\com.adobe.dunamis
2023-11-14 19:49 - 2023-11-14 22:01 - 000000000 ____D C:\Users\carin\AppData\Roaming\LightPDF
2023-11-14 19:48 - 2023-11-14 19:48 - 000000000 ____D C:\Program Files (x86)\LightPDF

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-02-02 14:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-02 14:36 - 2022-02-14 16:18 - 000000000 ____D C:\Users\carin\AppData\Local\Packages
2024-02-02 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-02 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-02 14:27 - 2022-02-24 10:37 - 000000000 ____D C:\Users\carin\Desktop\TEMPORAIRE
2024-02-02 14:20 - 2023-10-16 11:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-02 14:20 - 2022-02-22 01:07 - 000000000 ____D C:\Program Files\CCleaner
2024-02-02 14:20 - 2022-02-22 00:19 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-02 14:20 - 2022-02-14 16:18 - 000000000 __SHD C:\Users\carin\IntelGraphicsProfiles
2024-02-02 13:54 - 2022-02-22 10:33 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\Excel
2024-02-02 11:03 - 2022-02-14 16:21 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\Word
2024-02-02 10:36 - 2023-10-16 11:12 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-02 10:36 - 2019-12-07 15:49 - 000757852 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-02 10:36 - 2019-12-07 15:49 - 000142606 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-02 10:32 - 2023-10-16 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-02 10:32 - 2022-02-23 14:37 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-02 10:32 - 2022-02-22 08:18 - 000000000 ___HD C:\Intel
2024-02-02 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-02 10:32 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-02-02 10:31 - 2022-03-01 00:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-02 09:42 - 2023-10-16 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-02 09:42 - 2022-09-28 23:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-02 00:31 - 2023-03-13 12:30 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-01 21:26 - 2022-03-01 14:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-02-01 20:04 - 2023-10-16 11:26 - 000003766 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{7CF04A7C-EF8B-400D-8DD7-D8D57EE23EF9}
2024-02-01 20:04 - 2023-10-16 11:26 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{4ADADC89-E30F-4F3B-B106-E92A1514865E}
2024-02-01 10:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-30 14:03 - 2022-02-22 21:01 - 000000000 ____D C:\Users\carin\AppData\Roaming\vlc
2024-01-29 16:52 - 2022-03-02 22:19 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\PowerPoint
2024-01-28 16:58 - 2022-02-14 16:19 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\InputMethod
2024-01-28 10:06 - 2023-10-16 11:14 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{2EE8ECEA-2E4F-4190-9A7C-ECCBA946C63A}
2024-01-28 10:06 - 2023-10-16 11:14 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{52C98F00-4B58-4C28-9CC8-809DEA2E7864}
2024-01-27 20:44 - 2023-10-16 11:03 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-27 19:32 - 2023-10-16 11:27 - 000000000 ___RD C:\Users\carin\OneDrive
2024-01-26 21:07 - 2023-10-16 11:04 - 000000000 ____D C:\Users\carin
2024-01-23 15:52 - 2023-10-18 15:54 - 000000000 ____D C:\Users\carin\Desktop\Annonces
2024-01-20 08:05 - 2023-10-16 11:14 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-01-18 19:02 - 2022-09-21 18:07 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-01-17 12:57 - 2023-10-16 11:14 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-01-12 11:45 - 2022-02-22 01:06 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-10 16:44 - 2023-10-16 11:03 - 000437400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-10 13:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-10 13:04 - 2022-02-22 10:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 13:02 - 2022-02-22 10:32 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Fichiers à la racine de certains dossiers ========

2022-04-05 11:13 - 2021-05-04 19:23 - 000375808 _____ (PC SOFT) C:\Program Files\INSTALL.EXE
2022-05-01 00:50 - 2022-05-01 00:50 - 000000761 _____ () C:\Users\carin\AppData\Local\recently-used.xbel

==================== SigCheckExt =========================

2022-04-06 18:55 - 2015-05-26 10:04 - 000087552 ____N C:\WINDOWS\system32\ssdevm64.dll
2022-04-05 11:13 - 2021-05-04 19:23 - 000375808 _____ (PC SOFT) C:\Program Files\INSTALL.EXE
2004-10-15 13:18 - 2004-10-15 13:18 - 000483328 _____ (3M) C:\WINDOWS\SysWOW64\PSNShare.dll
2022-04-06 18:55 - 2015-05-26 10:04 - 000094208 ____N C:\WINDOWS\SysWOW64\ssdevm.dll
2024-02-02 14:37 - 2024-02-02 14:37 - 002389504 _____ (Farbar) C:\Users\carin\Desktop\FRST64.exe
2024-02-02 10:35 - 2024-02-02 10:35 - 003538080 _____ (Nicolas Coolman) C:\Users\carin\Desktop\ZHPSuite.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{7649f790-20c4-11ee-bd36-809133ce7dcc}
{7649f791-20c4-11ee-bd36-809133ce7dcc}
{7649f792-20c4-11ee-bd36-809133ce7dcc}
timeout 2

Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {86915cd0-6c13-11ee-91b6-c4ba02cc00aa}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Application logicielle (101fffff)
--------------------------------
identificateur {7649f790-20c4-11ee-bd36-809133ce7dcc}
description UEFI:CD/DVD Drive

Application logicielle (101fffff)
--------------------------------
identificateur {7649f791-20c4-11ee-bd36-809133ce7dcc}
description UEFI:Removable Device

Application logicielle (101fffff)
--------------------------------
identificateur {7649f792-20c4-11ee-bd36-809133ce7dcc}
description UEFI:Network Device

Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {86915cd2-6c13-11ee-91b6-c4ba02cc00aa}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {86915cd0-6c13-11ee-91b6-c4ba02cc00aa}
nx OptIn
bootmenupolicy Standard

Chargeur de démarrage Windows
-----------------------------
identificateur {86915cd2-6c13-11ee-91b6-c4ba02cc00aa}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{86915cd3-6c13-11ee-91b6-c4ba02cc00aa}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{86915cd3-6c13-11ee-91b6-c4ba02cc00aa}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {86915cd0-6c13-11ee-91b6-c4ba02cc00aa}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {86915cd2-6c13-11ee-91b6-c4ba02cc00aa}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

Paramètres EMS
--------------
identificateur {emssettings}
bootems No

Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local

Erreurs de mémoire RAM
----------------------
identificateur {badmemory}

Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de périphérique
-----------------------
identificateur {86915cd3-6c13-11ee-91b6-c4ba02cc00aa}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité