Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01 Exécuté par carin (administrateur) sur LAPTOP-46LR2QBH (ASUSTeK COMPUTER INC. X705UAR) (02-02-2024 14:46:19) Exécuté depuis C:\Users\carin\Desktop\FRST64.exe Profils chargés: carin Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3930 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Google\Chrome\Application\chrome.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe (explorer.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek Computer Inc.) C:\Program Files\WindowsApps\b9eced6f.asusbatteryhealthcharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <43> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3952104 2020-09-24] (Logitech -> Logitech, Inc.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.) HKLM\Software\Policies\...\system: [EnableActivityFeed] 1 HKLM\Software\Policies\...\system: [PublishUserActivities] 1 HKLM\Software\Policies\...\system: [UploadUserActivities] 1 HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher [2086912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> ) HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [Microsoft Edge Update] => C:\Users\carin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\MicrosoftEdgeUpdateCore.exe [264264 2023-10-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [MicrosoftEdgeAutoLaunch_5245CEBF12C39CC06692E3907897DF77] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2131826725-57417705-4140628651-1001\...\Run: [GoogleChromeAutoLaunch_281D590184FC330A4A9370400F9D531C] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2754848 2024-01-30] (Google LLC -> Google LLC) HKLM\...\Windows x64\Print Processors\sst7cPC: C:\Windows\System32\spool\prtprocs\x64\sst7cpc.dll [43520 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\sst7c Langmon: C:\WINDOWS\system32\sst7clm.dll [22528 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.140\Installer\chrmstp.exe [2024-02-02] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {F466B6F9-A8EA-416E-8342-0B4098B15975} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {B9D03F91-4368-4449-9765-94C453A64D5E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "7230259a-62c4-4e36-b5f6-0723dec0181c" --version "6.20.10897" --silent Task: {974BE38A-58EC-43DF-8477-A91CA31B6F54} - System32\Tasks\CCleanerSkipUAC - carin => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {3AB7971A-B013-4B32-AC45-52EF37D34033} - System32\Tasks\GoogleUpdateTaskMachineCore{52C98F00-4B58-4C28-9CC8-809DEA2E7864} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-22] (Google LLC -> Google LLC) Task: {F28FB028-7DD5-4959-AAD0-BB8648726589} - System32\Tasks\GoogleUpdateTaskMachineUA{2EE8ECEA-2E4F-4190-9A7C-ECCBA946C63A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-22] (Google LLC -> Google LLC) Task: {05DC144F-1D92-4719-8980-025F6D051B2E} - System32\Tasks\McAfee\McAfee OOBE Patch Telemetry => C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe [3499728 2022-02-14] (McAfee, LLC -> McAfee, LLC) Task: {7AEC7BE9-B42D-4884-9F11-3C3A227E7D6E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371640 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {F02DD79A-E274-4197-AE41-653220F6A4F0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371640 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {6C8E266B-A5C9-4855-972D-24F2F3AD8A0A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218592 2024-02-01] (Microsoft Corporation -> Microsoft Corporation) Task: {0687B0BF-FC1D-47FA-8EBD-7DB3D1BB1502} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218592 2024-02-01] (Microsoft Corporation -> Microsoft Corporation) Task: {8D421C9F-7292-4104-8599-FC648BDE2CEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5CDEF35F-B78D-46F9-B01B-865494142A51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C79332A3-78D2-48D6-BF6C-F20F274867B3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {475346B6-E5C9-4289-B421-9EE716DE6A78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E88C02F3-F124-4864-8791-6B2310236573} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2131826725-57417705-4140628651-1001Core{D84A2EE3-7042-4B9D-A15C-758A4E3CEA02} => C:\Users\carin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206240 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {E135C47A-E614-4B06-91F2-FCCAF5B41E44} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2131826725-57417705-4140628651-1001UA{9AA77288-150A-45F1-8049-69CFFB831E5C} => C:\Users\carin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206240 2023-06-20] (Microsoft Corporation -> Microsoft Corporation) Task: {31B4FEE1-7377-463A-B279-A14ECA92CF97} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-02-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {C777CCB9-DA25-46DA-A074-A339C5988EE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-01] (Mozilla Corporation -> Mozilla Foundation) Task: {E8C2FC6C-4408-460F-B76C-DCC479788DD3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2977416301-2504957958-2930931968-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier) Task: {362AFB0F-3840-45BC-912C-AF4BE1C44133} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {38CC0911-206A-42C4-B8BF-F13F629CBE35} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {5E288E8F-F186-45CB-9582-D1DC4851B4FF} - System32\Tasks\SplendidTask => C:\ProgramData\ASUS\ASUS -> Splendid\SplendidStartUp.exe <==== ATTENTION Task: {35A46466-5AEC-468F-A5FF-18D478D9A20B} - System32\Tasks\Update Checker => "C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe" (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6d81eee9-be89-4f1c-a0e5-24012b7e8dfe}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6d81eee9-be89-4f1c-a0e5-24012b7e8dfe}\356425F523140303: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6d81eee9-be89-4f1c-a0e5-24012b7e8dfe}\356425F583831383: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-01] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-01-25] Edge Extension: (Google Docs hors connexion) - C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25] Edge Extension: (Edge relevant text changes) - C:\Users\carin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF DefaultProfile: ijm8uouj.default FF ProfilePath: C:\Users\carin\AppData\Roaming\Mozilla\Firefox\Profiles\ijm8uouj.default [2022-03-01] FF ProfilePath: C:\Users\carin\AppData\Roaming\Mozilla\Firefox\Profiles\5hfnrf32.default-release-1678707044716 [2024-02-02] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2023-12-18] [non signé] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-01] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default [2024-02-02] CHR Extension: (Google Traduction) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-23] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-01-27] CHR Extension: (Amazon Keyword Tool for free: SellerApp) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebpbmopodkmcadehlkmghfcfmgnacdm [2023-12-12] CHR Extension: (SellerSprite - Amazon Research Tool) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbmbgocenenhhhdojdielgnmeflbnfb [2023-12-28] CHR Extension: (Helium 10) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2024-01-31] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\carin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-22] CHR Profile: C:\Users\carin\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-02-01] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14045768 2024-01-25] (Microsoft Corporation -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [109504 2018-04-26] (Alcorlink Corp. -> ) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-23] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) R3 MpKsl83675348; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D92726C-03DB-44C0-902C-FBC7F04556E2}\MpKslDrv.sys [263560 2024-02-02] (Microsoft Windows -> Microsoft Corporation) R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-02-02 14:38 - 2024-02-02 14:46 - 000020227 _____ C:\Users\carin\Desktop\FRST.txt 2024-02-02 14:38 - 2024-02-02 14:46 - 000000000 ____D C:\FRST 2024-02-02 14:37 - 2024-02-02 14:37 - 002389504 _____ (Farbar) C:\Users\carin\Desktop\FRST64.exe 2024-02-02 10:41 - 2024-02-02 10:41 - 000146490 _____ C:\Users\carin\Desktop\ZHPDiag.txt 2024-02-02 10:37 - 2024-02-02 10:41 - 000000000 ____D C:\Users\carin\AppData\Roaming\ZHP 2024-02-02 10:37 - 2024-02-02 10:37 - 000000867 _____ C:\Users\carin\Desktop\ZHPSuite.lnk 2024-02-02 10:37 - 2024-02-02 10:37 - 000000000 ____D C:\Users\carin\AppData\Local\ZHP 2024-02-02 10:35 - 2024-02-02 10:35 - 003538080 _____ (Nicolas Coolman) C:\Users\carin\Desktop\ZHPSuite.exe 2024-02-01 18:58 - 2024-02-02 09:42 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-01-27 00:14 - 2024-01-27 00:14 - 000000000 ____D C:\Mes Sites Web 2024-01-26 14:04 - 2024-01-26 14:04 - 000000000 ____D C:\Users\carin\AppData\LocalLow\webviewdata 2024-01-11 10:27 - 2024-01-11 10:27 - 000000000 ____D C:\Users\carin\AppData\Local\Microsoft_Corporation 2024-01-11 00:49 - 2024-01-11 00:49 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\MMC 2024-01-10 13:05 - 2024-01-10 13:07 - 000000000 ___HD C:\$WinREAgent 2023-12-18 19:23 - 2023-12-18 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2023-12-18 19:23 - 2023-12-18 19:23 - 000000000 ____D C:\ProgramData\Logishrd 2023-12-18 19:23 - 2023-12-18 19:23 - 000000000 ____D C:\Program Files\Logitech 2023-12-18 19:22 - 2023-12-18 19:23 - 000000000 ____D C:\Program Files\Common Files\Logishrd 2023-12-18 19:20 - 2023-12-18 19:21 - 000000000 ____D C:\Users\carin\AppData\Roaming\Logishrd 2023-12-18 19:20 - 2023-12-18 19:20 - 000000000 ____D C:\Users\carin\AppData\Roaming\Logitech 2023-12-15 11:36 - 2023-12-15 11:36 - 000000000 ____D C:\WINDOWS\InboxApps 2023-12-14 17:44 - 2023-12-14 17:44 - 000002224 _____ C:\Users\Public\Desktop\seotool.lnk 2023-12-14 17:44 - 2023-12-14 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\groupbuyseotools.org 2023-12-14 17:44 - 2023-12-14 17:44 - 000000000 ____D C:\Program Files (x86)\groupbuyseotools 2023-12-14 13:08 - 2023-12-14 13:08 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-11-20 20:45 - 2024-01-20 16:43 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\Outlook 2023-11-14 20:51 - 2023-11-14 20:51 - 000000000 ____D C:\Users\carin\AppData\Roaming\com.adobe.dunamis 2023-11-14 19:49 - 2023-11-14 22:01 - 000000000 ____D C:\Users\carin\AppData\Roaming\LightPDF 2023-11-14 19:48 - 2023-11-14 19:48 - 000000000 ____D C:\Program Files (x86)\LightPDF ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-02-02 14:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-02-02 14:36 - 2022-02-14 16:18 - 000000000 ____D C:\Users\carin\AppData\Local\Packages 2024-02-02 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-02 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-02 14:27 - 2022-02-24 10:37 - 000000000 ____D C:\Users\carin\Desktop\TEMPORAIRE 2024-02-02 14:20 - 2023-10-16 11:57 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-02 14:20 - 2022-02-22 01:07 - 000000000 ____D C:\Program Files\CCleaner 2024-02-02 14:20 - 2022-02-22 00:19 - 000000000 ____D C:\Program Files (x86)\Google 2024-02-02 14:20 - 2022-02-14 16:18 - 000000000 __SHD C:\Users\carin\IntelGraphicsProfiles 2024-02-02 13:54 - 2022-02-22 10:33 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\Excel 2024-02-02 11:03 - 2022-02-14 16:21 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\Word 2024-02-02 10:36 - 2023-10-16 11:12 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-02 10:36 - 2019-12-07 15:49 - 000757852 _____ C:\WINDOWS\system32\perfh00C.dat 2024-02-02 10:36 - 2019-12-07 15:49 - 000142606 _____ C:\WINDOWS\system32\perfc00C.dat 2024-02-02 10:32 - 2023-10-16 11:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-02 10:32 - 2022-02-23 14:37 - 000008192 ___SH C:\DumpStack.log.tmp 2024-02-02 10:32 - 2022-02-22 08:18 - 000000000 ___HD C:\Intel 2024-02-02 10:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-02-02 10:32 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2024-02-02 10:31 - 2022-03-01 00:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-02-02 09:42 - 2023-10-16 11:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-02 09:42 - 2022-09-28 23:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-02-02 00:31 - 2023-03-13 12:30 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-02-01 21:26 - 2022-03-01 14:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-02-01 20:04 - 2023-10-16 11:26 - 000003766 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{7CF04A7C-EF8B-400D-8DD7-D8D57EE23EF9} 2024-02-01 20:04 - 2023-10-16 11:26 - 000003642 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{4ADADC89-E30F-4F3B-B106-E92A1514865E} 2024-02-01 10:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-01-30 14:03 - 2022-02-22 21:01 - 000000000 ____D C:\Users\carin\AppData\Roaming\vlc 2024-01-29 16:52 - 2022-03-02 22:19 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\PowerPoint 2024-01-28 16:58 - 2022-02-14 16:19 - 000000000 ____D C:\Users\carin\AppData\Roaming\Microsoft\InputMethod 2024-01-28 10:06 - 2023-10-16 11:14 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{2EE8ECEA-2E4F-4190-9A7C-ECCBA946C63A} 2024-01-28 10:06 - 2023-10-16 11:14 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{52C98F00-4B58-4C28-9CC8-809DEA2E7864} 2024-01-27 20:44 - 2023-10-16 11:03 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-27 19:32 - 2023-10-16 11:27 - 000000000 ___RD C:\Users\carin\OneDrive 2024-01-26 21:07 - 2023-10-16 11:04 - 000000000 ____D C:\Users\carin 2024-01-23 15:52 - 2023-10-18 15:54 - 000000000 ____D C:\Users\carin\Desktop\Annonces 2024-01-20 08:05 - 2023-10-16 11:14 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-01-18 19:02 - 2022-09-21 18:07 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-01-17 12:57 - 2023-10-16 11:14 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-01-12 11:45 - 2022-02-22 01:06 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2024-01-10 16:44 - 2023-10-16 11:03 - 000437400 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-01-10 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-01-10 13:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-01-10 13:04 - 2022-02-22 10:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-10 13:02 - 2022-02-22 10:32 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Fichiers à la racine de certains dossiers ======== 2022-04-05 11:13 - 2021-05-04 19:23 - 000375808 _____ (PC SOFT) C:\Program Files\INSTALL.EXE 2022-05-01 00:50 - 2022-05-01 00:50 - 000000761 _____ () C:\Users\carin\AppData\Local\recently-used.xbel ==================== SigCheckExt ========================= 2022-04-06 18:55 - 2015-05-26 10:04 - 000087552 ____N C:\WINDOWS\system32\ssdevm64.dll 2022-04-05 11:13 - 2021-05-04 19:23 - 000375808 _____ (PC SOFT) C:\Program Files\INSTALL.EXE 2004-10-15 13:18 - 2004-10-15 13:18 - 000483328 _____ (3M) C:\WINDOWS\SysWOW64\PSNShare.dll 2022-04-06 18:55 - 2015-05-26 10:04 - 000094208 ____N C:\WINDOWS\SysWOW64\ssdevm.dll 2024-02-02 14:37 - 2024-02-02 14:37 - 002389504 _____ (Farbar) C:\Users\carin\Desktop\FRST64.exe 2024-02-02 10:35 - 2024-02-02 10:35 - 003538080 _____ (Nicolas Coolman) C:\Users\carin\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {7649f790-20c4-11ee-bd36-809133ce7dcc} {7649f791-20c4-11ee-bd36-809133ce7dcc} {7649f792-20c4-11ee-bd36-809133ce7dcc} timeout 2 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {86915cd0-6c13-11ee-91b6-c4ba02cc00aa} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {7649f790-20c4-11ee-bd36-809133ce7dcc} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {7649f791-20c4-11ee-bd36-809133ce7dcc} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {7649f792-20c4-11ee-bd36-809133ce7dcc} description UEFI:Network Device Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {86915cd2-6c13-11ee-91b6-c4ba02cc00aa} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {86915cd0-6c13-11ee-91b6-c4ba02cc00aa} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {86915cd2-6c13-11ee-91b6-c4ba02cc00aa} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{86915cd3-6c13-11ee-91b6-c4ba02cc00aa} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{86915cd3-6c13-11ee-91b6-c4ba02cc00aa} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {86915cd0-6c13-11ee-91b6-c4ba02cc00aa} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {86915cd2-6c13-11ee-91b6-c4ba02cc00aa} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {86915cd3-6c13-11ee-91b6-c4ba02cc00aa} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================