cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.02.2024 01
Ran by twist (administrator) on CHUCHOTIS (Hewlett-Packard CQ2904EF) (04-02-2024 11:11:30)
Running from C:\Users\twist\Desktop\FRST64.exe
Loaded Profiles: twist
Platform: Microsoft Windows 11 Pro Version 22H2 22621.525 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) C:\Program Files\Microvirt\MEmuHyperv\MEmuHeadless.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(explorer.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) C:\Program Files\Microvirt\MEmu\MEmu.exe
(g3n-h@ckm@n -> SosVirus) [File not signed] [File is in use] C:\Users\twist\Downloads\pre-scan_V9_18.10.19.1.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\microsoftwindows.client.webexperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1367221443-249768293-1022394803-1001\...\Run: [MicrosoftEdgeAutoLaunch_7508D274883AC008CB6CB3C3195F0733] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788840 2024-02-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {BC319B42-BAEB-4771-8162-CA6C46AA1C33} - System32\Tasks\Avast Software\Overseer => C:\Windows\OEM\CustomizationFiles\Overseer.exe [2144664 2024-01-31] (Avast Software s.r.o. -> Avast Software)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{819a7478-59f5-43bb-a570-24b64d1949e1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{819a7478-59f5-43bb-a570-24b64d1949e1}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\twist\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-04]
Edge Extension: (Google Docs Offline) - C:\Users\twist\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-04]
Edge Extension: (Edge relevant text changes) - C:\Users\twist\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
S2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2024-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [113888 2018-05-02] (CyberLink Corp. -> CyberLink)
R3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 ser2pl_1; C:\WINDOWS\system32\DRIVERS\ser2pl64_1.sys [343216 2023-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-04 10:35 - 2024-02-04 10:41 - 000000000 ____D C:\Pre_Scan
2024-02-04 10:35 - 2024-02-04 10:35 - 000001563 _____ C:\Users\twist\Desktop\Pre_Scan_Restore.lnk
2024-02-04 10:35 - 2024-02-04 10:35 - 000001223 _____ C:\Users\twist\Desktop\Pre_Scan_Donate.lnk
2024-02-04 10:31 - 2024-02-04 10:33 - 003082136 _____ (SosVirus) C:\Users\twist\Downloads\pre-scan_V9_18.10.19.1.exe
2024-02-04 10:31 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2024-02-04 10:24 - 2024-02-04 10:24 - 000000000 ____D C:\Users\twist\AppData\Local\Comms
2024-02-04 10:19 - 2024-02-04 10:19 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-02-04 10:14 - 2024-02-04 10:14 - 000000966 _____ C:\Users\twist\Desktop\Multi-MEmu.lnk
2024-02-04 10:14 - 2024-02-04 10:14 - 000000927 _____ C:\Users\twist\Desktop\MEmu.lnk
2024-02-04 10:13 - 2024-02-04 10:14 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2024-02-04 10:13 - 2024-02-04 10:13 - 000000000 ____D C:\Users\twist\Downloads\MEmu Download
2024-02-04 10:03 - 2021-01-04 11:00 - 000320360 _____ (Maiwei Corporation) C:\WINDOWS\system32\Drivers\MEmuDrv.sys
2024-02-04 10:02 - 2024-02-04 10:37 - 000000000 ____D C:\Users\twist\.MemuHyperv
2024-02-04 10:02 - 2024-02-04 10:12 - 000000000 ____D C:\Users\twist\.android
2024-02-04 10:01 - 2024-02-04 10:01 - 000000000 ____D C:\Users\twist\AppData\Local\Publishers
2024-02-04 09:46 - 2024-02-04 10:20 - 000000000 ____D C:\Program Files\Microvirt
2024-02-04 09:45 - 2024-02-04 10:21 - 000000000 ____D C:\Users\twist\AppData\Local\Microvirt
2024-02-04 09:44 - 2024-02-04 09:45 - 024084360 _____ (Microvirt Software Technology Co. Ltd.) C:\Users\twist\Downloads\MEmu-setup-abroad-sdk-mv (1).exe
2024-02-04 09:44 - 2024-02-04 09:45 - 000002379 _____ C:\Users\twist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-04 09:40 - 2024-02-04 09:45 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1367221443-249768293-1022394803-1001
2024-02-04 09:40 - 2024-02-04 09:43 - 024084360 _____ (Microvirt Software Technology Co. Ltd.) C:\Users\twist\Downloads\MEmu-setup-abroad-sdk-mv.exe
2024-02-04 09:39 - 2024-02-04 09:45 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1367221443-249768293-1022394803-1001
2024-02-04 09:34 - 2024-02-04 10:11 - 000000000 ____D C:\Users\twist\AppData\Local\AMD
2024-02-04 09:33 - 2024-02-04 09:33 - 000000000 ____D C:\Users\twist\AppData\Roaming\ATI
2024-02-04 09:33 - 2024-02-04 09:33 - 000000000 ____D C:\Users\twist\AppData\Local\ATI
2024-02-04 09:33 - 2024-02-04 09:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-02-04 09:33 - 2024-02-04 09:33 - 000000000 ____D C:\ProgramData\ATI
2024-02-04 09:30 - 2024-02-04 09:30 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Network
2024-02-04 09:27 - 2024-02-04 10:20 - 000000000 ____D C:\ProgramData\Packages
2024-02-04 09:27 - 2024-02-04 09:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-02-04 09:26 - 2024-02-04 10:20 - 000000000 ____D C:\Users\twist\AppData\Local\Packages
2024-02-04 09:26 - 2024-02-04 09:26 - 000000000 ____D C:\Users\twist\AppData\Roaming\Adobe
2024-02-04 09:25 - 2024-02-04 10:36 - 000000000 ____D C:\Users\twist\AppData\Local\ConnectedDevicesPlatform
2024-02-04 09:25 - 2024-02-04 09:25 - 000000020 ___SH C:\Users\twist\ntuser.ini
2024-02-04 09:11 - 2024-02-04 09:11 - 000000000 ____D C:\WINDOWS\OEM
2024-02-04 09:00 - 2024-02-04 01:27 - 000000000 ____D C:\WINDOWS\Panther
2024-02-04 09:00 - 2024-02-04 01:27 - 000000000 ____D C:\Windows.old
2024-02-04 08:58 - 2024-02-04 08:59 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-02-04 08:26 - 2024-02-04 08:26 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-02-04 08:26 - 2024-02-04 08:26 - 000000000 ____D C:\Program Files\MSBuild
2024-02-04 08:26 - 2024-02-04 08:26 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-04 08:26 - 2024-02-04 08:26 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-04 08:20 - 2024-02-04 08:20 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-02-04 00:42 - 2024-02-04 00:42 - 000850316 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-04 00:40 - 2024-02-04 00:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-04 00:40 - 2024-02-04 00:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-04 00:39 - 2024-02-04 00:39 - 000016158 _____ C:\Users\twist\Desktop\Removed Apps.html
2024-02-04 00:39 - 2024-02-04 00:39 - 000014712 _____ C:\Users\_ashbackup_\Desktop\Removed Apps.html
2024-02-04 00:38 - 2024-02-04 00:38 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\SystemCertificates
2024-02-04 00:38 - 2024-02-04 00:38 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Crypto
2024-02-04 00:36 - 2024-02-04 00:36 - 000000000 ____D C:\ProgramData\AMD
2024-02-04 00:33 - 2024-02-04 10:50 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Spelling
2024-02-04 00:33 - 2024-02-04 10:02 - 000000000 ____D C:\Users\twist
2024-02-04 00:33 - 2024-02-04 09:32 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Windows
2024-02-04 00:33 - 2024-02-04 00:38 - 000000000 ____D C:\Users\_ashbackup_\AppData\Roaming\Microsoft\Windows
2024-02-04 00:33 - 2024-02-04 00:38 - 000000000 ____D C:\Users\_ashbackup_
2024-02-04 00:33 - 2022-05-07 06:24 - 000000000 ____D C:\Users\_ashbackup_\AppData\Roaming\Microsoft\Spelling
2024-02-04 00:20 - 2024-02-04 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2024-02-04 00:20 - 2024-02-04 00:20 - 000000000 ____D C:\Program Files\ATI Technologies
2024-02-04 00:19 - 2024-02-04 00:20 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2024-02-04 00:18 - 2024-02-04 00:19 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-04 00:18 - 2024-02-04 00:18 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-02-04 00:18 - 2024-02-04 00:18 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2024-02-04 00:18 - 2024-02-04 00:18 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2024-02-04 00:18 - 2024-02-04 00:18 - 000000000 ____D C:\Program Files\Realtek
2024-02-04 00:17 - 2024-02-04 00:17 - 000000000 ____D C:\Program Files\AMD
2024-02-04 00:17 - 2024-02-04 00:17 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2024-02-04 00:14 - 2024-02-04 00:14 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2024-02-04 00:13 - 2024-02-04 00:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-04 00:13 - 2024-02-04 00:13 - 000293656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-03 20:17 - 2024-02-04 00:40 - 000000000 ___HD C:\$SysReset
2024-02-03 20:13 - 2024-02-03 20:13 - 000000000 ____D C:\Users\twist\Desktop\FRST-OlderVersion
2024-02-03 18:54 - 2013-08-01 14:12 - 000518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2024-02-03 18:54 - 2013-08-01 14:12 - 000211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2024-02-03 18:54 - 2013-08-01 14:12 - 000198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2024-02-03 18:54 - 2013-08-01 14:12 - 000155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 003564376 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2024-02-03 18:53 - 2013-08-01 14:12 - 002795224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 002743328 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 002585304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 001662024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2024-02-03 18:53 - 2013-08-01 14:12 - 001284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 001004248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000617176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000147672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000110592 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2024-02-03 18:53 - 2013-08-01 14:12 - 000014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2024-02-03 17:46 - 2024-02-03 17:46 - 000000000 ___HD C:\$GetCurrent
2024-02-03 17:04 - 2024-02-03 17:04 - 002291214 _____ C:\Users\twist\Desktop\CBS.zip
2024-02-03 17:03 - 2024-02-03 17:03 - 000000940 _____ C:\Users\twist\Desktop\Resultat.txt
2024-02-03 11:59 - 2024-02-03 11:59 - 000000713 _____ C:\Users\twist\Desktop\ComponentsScanner.txt
2024-02-03 11:49 - 2024-02-03 11:50 - 038670744 _____ (Sysnative Forums Software Ltd) C:\Users\twist\Desktop\ComponentsScanner.exe
2024-02-03 11:49 - 2024-02-03 11:50 - 002316112 _____ (niemiro) C:\Users\twist\Desktop\SFCFix.exe
2024-02-03 11:47 - 2024-02-03 11:48 - 000088202 _____ C:\Users\twist\Desktop\services.txt
2024-02-02 21:05 - 2024-02-02 13:30 - 000026897 _____ C:\Users\twist\Desktop\Pre_Scan.txt
2024-02-02 21:01 - 2024-02-02 21:02 - 014071400 _____ (AVAST Software) C:\Users\twist\Downloads\avastclear.exe
2024-02-02 20:56 - 2024-02-03 20:14 - 000001152 _____ C:\Users\twist\Desktop\Fixlog.txt
2024-02-02 20:56 - 2024-02-02 20:56 - 000007056 _____ C:\Users\twist\Downloads\fixlist (1).txt
2024-02-02 15:10 - 2024-02-02 15:10 - 000066013 _____ C:\Users\twist\Desktop\Shortcut.txt
2024-02-02 15:03 - 2024-02-02 15:10 - 000027246 _____ C:\Users\twist\Desktop\Addition.txt
2024-02-02 14:27 - 2024-02-04 11:16 - 000006802 _____ C:\Users\twist\Desktop\FRST.txt
2024-02-02 14:25 - 2024-02-04 11:14 - 000000000 ____D C:\FRST
2024-02-02 14:20 - 2024-02-03 20:13 - 002389504 _____ (Farbar) C:\Users\twist\Desktop\FRST64.exe
2024-02-02 13:30 - 2024-02-04 10:42 - 000044617 _____ C:\Pre_Scan.txt
2024-02-02 13:09 - 2022-09-30 05:24 - 000076832 _____ (QUALCOMM Incorporated) C:\WINDOWS\system32\Drivers\ssudqcfilter.sys
2024-02-02 13:09 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2024-02-02 13:04 - 2024-02-02 13:05 - 000000000 ____D C:\Users\twist\Desktop\Mobizen
2024-02-02 12:29 - 2024-02-02 12:29 - 000000000 ____D C:\Users\twist\AppData\LocalLow\uTorrent
2024-02-01 11:26 - 2024-02-01 11:28 - 000001672 _____ C:\Users\twist\Downloads\PROD_Start_DriverPack.hta
2024-01-31 23:46 - 2024-01-31 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Analyzer Pro
2024-01-31 23:22 - 2024-02-04 00:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-31 23:22 - 2024-02-04 00:32 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-31 23:18 - 2024-02-04 00:35 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-31 23:16 - 2024-01-31 23:16 - 000000112 ___SH C:\bootTel.dat
2024-01-31 22:58 - 2024-01-31 22:58 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2024-01-31 22:51 - 2024-01-31 22:51 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2024-01-31 22:50 - 2024-01-31 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2024-01-31 21:37 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-31 20:48 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Backup & Restore
2024-01-31 20:38 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToUSB
2024-01-31 20:36 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows To Go Upgrader
2024-01-31 20:05 - 2024-01-31 20:05 - 000000643 _____ C:\Users\twist\Desktop\LiberKey.lnk
2024-01-31 20:05 - 2024-01-31 20:05 - 000000000 ____D C:\LiberKey
2024-01-31 19:49 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo Backup Suite
2024-01-31 19:08 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo EasyUEFI
2024-01-31 18:57 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo BitLocker Anywhere
2024-01-31 18:50 - 2024-01-31 18:50 - 000933888 _____ (CyberLink Corp.) C:\Users\twist\Downloads\UWebinar_7.14.1.09605_production_PLK231123-01.tmp
2024-01-31 18:45 - 2024-01-31 18:45 - 000000000 ____D C:\Users\twist\Downloads\U Meeting Recordings
2024-01-31 18:39 - 2024-01-31 18:54 - 369989064 _____ C:\Users\twist\Downloads\YouCam_10.1.2717.1_Subscription_YUC231123-03.exe
2024-01-31 18:31 - 2018-05-02 16:02 - 000113888 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualBus01.sys
2024-01-31 18:26 - 2024-01-31 18:26 - 000000000 ____D C:\Users\twist\AppData\LocalLow\uTorrent.WebView2
2024-01-31 18:25 - 2024-02-02 12:29 - 000000000 ____D C:\Users\twist\Documents\PerfectCam
2024-01-31 18:23 - 2024-01-31 18:24 - 045760512 _____ C:\Users\twist\Downloads\Promeo_2531_7.3_Essential_PRP231215-01.tmp
2024-01-31 18:23 - 2024-01-31 18:23 - 000000876 _____ C:\Users\twist\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2024-01-31 18:15 - 2024-01-31 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-01-31 18:09 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adaware
2024-01-31 18:09 - 2024-01-31 18:52 - 163692544 _____ C:\Users\twist\Downloads\PowerDVD_23.0.1303.62_Essential_DVD231204-04.tmp
2024-01-31 18:07 - 2024-01-31 18:39 - 046183160 _____ (CyberLink Corp.) C:\Users\twist\Downloads\U_7.15.12118.25181551(7.15.0Prod)_Free_YOU231018-05.exe
2024-01-31 18:05 - 2024-01-31 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360
2024-01-31 17:59 - 2024-01-31 18:02 - 202304800 _____ C:\Users\twist\Downloads\Power2Go_13.0.0718.0b_Essential_Essential_P2G190705-02.exe
2024-01-31 17:48 - 2024-01-31 17:48 - 000000000 ___SD C:\Users\_ashbackup_\AppData\Roaming\Microsoft\Protect
2024-01-31 17:47 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2024-01-31 17:42 - 2024-01-31 17:44 - 144189048 _____ C:\Users\twist\Downloads\PerfectCam_2.3.7124.0_Subscription_PFC231124-01.exe
2024-01-31 17:39 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Axon
2024-01-31 17:38 - 2024-02-04 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2024-01-31 17:33 - 2024-01-31 17:33 - 000000000 ___HD C:\OneDriveTemp
2024-01-31 17:28 - 2024-02-02 01:31 - 000000000 ___RD C:\Users\twist\OneDrive
2024-01-31 17:22 - 2024-01-31 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APFS for Windows by Paragon Software
2024-01-31 17:05 - 2024-02-04 09:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-01-31 17:04 - 2024-01-31 17:04 - 000000000 ____D C:\Users\twist\AppData\Roaming\Microsoft\Vault
2024-01-31 16:51 - 2024-01-31 16:51 - 000000000 ___SD C:\Users\twist\AppData\Roaming\Microsoft\Protect
2024-01-31 16:51 - 2024-01-31 16:51 - 000000000 ___SD C:\Users\twist\AppData\Roaming\Microsoft\Credentials
2024-01-31 15:50 - 2024-01-31 15:50 - 000000000 ____D C:\WINDOWS\CSC
2024-01-31 10:56 - 2024-01-31 10:56 - 1286361926 _____ C:\Users\twist\Desktop\BitLockerAnywhere_Trial_sib.exe
2024-01-31 10:42 - 2024-01-31 10:42 - 550888982 _____ C:\Users\twist\Desktop\ProV10.ARM64_sib.exe
2024-01-30 17:30 - 2024-01-30 17:32 - 000000000 ____D C:\Aimersoft Video Suite
2024-01-30 16:45 - 2024-01-30 16:45 - 000000352 _____ C:\demande aide problème 301 & 300.txt
2024-01-26 13:16 - 2024-02-04 00:17 - 000000000 ____D C:\AMD
2024-01-26 11:47 - 2024-01-31 12:34 - 000000000 ____D C:\Users\twist\Desktop\twister1a63

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-04 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-04 10:36 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-04 10:20 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-04 10:20 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-04 09:53 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-02-04 09:53 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-04 09:48 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-04 09:27 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-04 09:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-02-04 09:00 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2024-02-04 09:00 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-02-04 09:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-02-04 08:56 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-02-04 08:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-02-04 08:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-02-04 08:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-04 08:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-02-04 08:55 - 2022-05-07 08:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-02-04 08:55 - 2022-05-07 08:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Globalization
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-04 08:55 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-02-04 08:50 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-02-04 08:50 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-02-04 04:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-02-04 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-04 01:36 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-04 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-02-04 01:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-04 00:41 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-04 00:34 - 2022-05-07 06:17 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-02-04 00:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState

==================== SigCheckExt =========================

2021-07-01 15:25 - 2021-07-01 15:25 - 008156672 _____ (Synergenics, LLC) C:\EchoLink.exe
2024-01-31 10:56 - 2024-01-31 10:56 - 1286361926 _____ C:\Users\twist\Desktop\BitLockerAnywhere_Trial_sib.exe
2024-02-02 14:20 - 2024-02-03 20:13 - 002389504 _____ (Farbar) C:\Users\twist\Desktop\FRST64.exe
2024-01-31 10:42 - 2024-01-31 10:42 - 550888982 _____ C:\Users\twist\Desktop\ProV10.ARM64_sib.exe
2024-02-04 10:31 - 2024-02-04 10:33 - 003082136 _____ (SosVirus) C:\Users\twist\Downloads\pre-scan_V9_18.10.19.1.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{4edaf063-bc7f-11ee-b814-c25f4c8da036}
{4edaf062-bc7f-11ee-b814-c25f4c8da036}
{4edaf058-bc7f-11ee-b814-c25f4c8da036}
{4edaf05e-bc7f-11ee-b814-c25f4c8da036}
{4edaf057-bc7f-11ee-b814-c25f4c8da036}
{4edaf059-bc7f-11ee-b814-c25f4c8da036}
{4edaf05b-bc7f-11ee-b814-c25f4c8da036}
{4edaf05c-bc7f-11ee-b814-c25f4c8da036}
{4edaf05d-bc7f-11ee-b814-c25f4c8da036}
{4edaf05f-bc7f-11ee-b814-c25f4c8da036}
{4edaf060-bc7f-11ee-b814-c25f4c8da036}
{4edaf061-bc7f-11ee-b814-c25f4c8da036}
{4edaf05a-bc7f-11ee-b814-c25f4c8da036}
{4edaf065-bc7f-11ee-b814-c25f4c8da036}
{4edaf067-bc7f-11ee-b814-c25f4c8da036}
{4edaf064-bc7f-11ee-b814-c25f4c8da036}
timeout 2

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {7fae32d3-c333-11ee-b602-9afc247ea2ec}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {4edaf057-bc7f-11ee-b814-c25f4c8da036}
description UEFI: General USB Flash Disk 1.00

Firmware Application (101fffff)
-------------------------------
identifier {4edaf058-bc7f-11ee-b814-c25f4c8da036}
description USB Floppy/CD

Firmware Application (101fffff)
-------------------------------
identifier {4edaf059-bc7f-11ee-b814-c25f4c8da036}
description UEFI: SanDisk

Firmware Application (101fffff)
-------------------------------
identifier {4edaf05a-bc7f-11ee-b814-c25f4c8da036}
description Atheros Boot Agent

Firmware Application (101fffff)
-------------------------------
identifier {4edaf05b-bc7f-11ee-b814-c25f4c8da036}
description UEFI: FixMeStick 8.07

Firmware Application (101fffff)
-------------------------------
identifier {4edaf05c-bc7f-11ee-b814-c25f4c8da036}
description UEFI: WD Elements 10A8 1042

Firmware Application (101fffff)
-------------------------------
identifier {4edaf05d-bc7f-11ee-b814-c25f4c8da036}
description UEFI: TOSHIBA TransMemory 1.00

Firmware Application (101fffff)
-------------------------------
identifier {4edaf05e-bc7f-11ee-b814-c25f4c8da036}
description USB Floppy/CD

Firmware Application (101fffff)
-------------------------------
identifier {4edaf05f-bc7f-11ee-b814-c25f4c8da036}
description USB Hard Drive

Firmware Application (101fffff)
-------------------------------
identifier {4edaf060-bc7f-11ee-b814-c25f4c8da036}
description UEFI: KingstonDataTraveler 2.01.00

Firmware Application (101fffff)
-------------------------------
identifier {4edaf061-bc7f-11ee-b814-c25f4c8da036}
description UEFI: ZALMAN ZM-VE350 1060

Firmware Application (101fffff)
-------------------------------
identifier {4edaf062-bc7f-11ee-b814-c25f4c8da036}
path \EFI\ubuntu\shimx64.efi
description ubuntu

Firmware Application (101fffff)
-------------------------------
identifier {4edaf063-bc7f-11ee-b814-c25f4c8da036}
path \EFI\debian\shimx64.efi
description debian

Firmware Application (101fffff)
-------------------------------
identifier {4edaf064-bc7f-11ee-b814-c25f4c8da036}
description CD/DVD Drive

Firmware Application (101fffff)
-------------------------------
identifier {4edaf065-bc7f-11ee-b814-c25f4c8da036}
description USB Floppy/CD

Firmware Application (101fffff)
-------------------------------
identifier {4edaf067-bc7f-11ee-b814-c25f4c8da036}
description Hard Drive

Windows Boot Loader
-------------------
identifier {4edaf06e-bc7f-11ee-b814-c25f4c8da036}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{4edaf06f-bc7f-11ee-b814-c25f4c8da036}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{4edaf06f-bc7f-11ee-b814-c25f4c8da036}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale en-US
inherit {bootloadersettings}
recoverysequence {4edaf06e-bc7f-11ee-b814-c25f4c8da036}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {7fae32d3-c333-11ee-b602-9afc247ea2ec}
nx OptIn
bootmenupolicy Standard

Resume from Hibernate
---------------------
identifier {7fae32d3-c333-11ee-b602-9afc247ea2ec}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {4edaf06e-bc7f-11ee-b814-c25f4c8da036}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {4edaf06f-bc7f-11ee-b814-c25f4c8da036}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== End of FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité