Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Exécuté par Aïcha (administrateur) sur LAPTOP-4HC4E7Q4 (HP HP Notebook) (26-10-2023 09:41:22)
Exécuté depuis C:\Users\Aïcha\Downloads\FRST64(3).exe
Profils chargés: Aïcha
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <29>
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8850688 2016-03-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [Opera Browser Assistant] => C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [1752480 2023-10-06] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [MicrosoftEdgeAutoLaunch_1A88EEAF3B688B620D91AC8B26D0F141] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139936 2023-04-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {20df081a-73d5-11ed-bb81-548ca0548d6a} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {ac9d3c30-c61b-11ec-badf-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {ac9d3f2a-c61b-11ec-badf-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {d0cc0f40-1d26-11ec-b9d2-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\WINDOWS\system32\CNMLMAE.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [327680 2010-02-05] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\118.0.5993.89\Installer\chrmstp.exe [2023-10-20] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2CBE7BC2-CDA5-416B-9022-B34EA7711624} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {32867C71-3B34-468C-9FA3-71F75C4B9882} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {8CC0A316-B823-4A91-8D0F-6814BE838B32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {82D51C28-3169-4C82-A2DA-4DEDA4ABB05F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {52D49DC5-0054-482F-AE3C-F0FB1D009A48} - System32\Tasks\HPDAS => C:\Program -> Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs
Task: {DDD7F558-0AE3-4471-863C-0D0F74EB541F} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {D2676C8E-1406-4FEF-A4DA-781192A70F88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0171959-6B03-4F93-9554-07C726294380} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5DD08CAE-868F-4B6C-A13E-7068E11D8435} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4FD4BC6-C5F9-4D9A-86C6-E840352F4409} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {538407E5-6269-4C47-83D0-ED6B6ABD9367} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {0DDD7ECD-0C7C-4AB2-A3F3-14A51C92AC9A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-10-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {1344527A-9232-4E8C-A1BB-83DE186EE524} - System32\Tasks\Opera scheduled assistant Autoupdate 1582724596 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2820000 2023-10-16] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AE8E541D-3AE2-46FE-965F-516A715033E2} - System32\Tasks\Opera scheduled Autoupdate 1575394450 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2820000 2023-10-16] (Opera Norway AS -> Opera Software)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{e3fa0faa-78f0-46c6-888c-fd6da6e5c0b9}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
DownloadDir: C:\Users\Aïcha\Downloads
Edge Profile: C:\Users\Aïcha\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-26]
Edge DownloadDir: Default -> C:\Users\Aïcha\Downloads
Edge StartupUrls: Default -> "hxxp://google.com/"
Edge DefaultSearchURL: Default -> hxxps://www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
Edge Extension: (Edge relevant text changes) - C:\Users\Aïcha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-24]
FireFox:
========
FF DefaultProfile: 8r1enpzp.default-1680186465040
FF ProfilePath: C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\8r1enpzp.default-1680186465040 [2023-10-26]
FF Notifications: Mozilla\Firefox\Profiles\8r1enpzp.default-1680186465040 -> hxxps://paldenshangpalaboulaye.org; hxxps://www.greenweez.com
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1233203.dll [2018-05-15] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default [2023-10-24]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.huffingtonpost.fr; hxxps://www.sncf-connect.com
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_wnzp01_14_35_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyzztAzy0CtAyB0EtD0CtBtN0D0Tzu0SzyyBtDtN1L2XzutAtFtDtFtCtDtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StByE0A0A0CyCtD0BtG0A0B0AyBtG0ByE0B0EtGyB0F0AtBtGyB0D0DtCyC0FzyzyyB0E0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCyDzzzz0C0A0AtGyBtB0ByDtGyEyD0BtDtGzzzzzy0AtG0EyDtBtCtC0EtDtCtCtAzytC2Q&cr=1185160653&uref=308&ir=
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl"
CHR Extension: (Google Docs hors connexion) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-04]
CHR HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR DefaultProfile: Opera Stable
OPR Profile: C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable [2023-10-19]
OPR Notifications: Opera Stable -> hxxps://forums.futura-sciences.com
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-08-11]
OPR Extension: (Opera Wallet) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-09-21]
OPR Extension: (Aria) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-09-21]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-20]
OPR Extension: (opera-intro) - C:\Users\Aïcha\AppData\Local\Programs\Opera\102.0.4880.56\resources\opera_intro_extension [2023-09-19]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> )
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [Fichier non signé]
S3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [104688 2015-09-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-15] (Microsoft Corporation) [Fichier non signé]
S3 MpKsl371619c5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FFEAD47-3DD0-4944-95C7-62EFF0B3EEF1}\MpKslDrv.sys [263560 2023-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl6163ee38; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FFEAD47-3DD0-4944-95C7-62EFF0B3EEF1}\MpKslDrv.sys [263560 2023-10-24] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-22] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U0 Partizan; system32\drivers\Partizan.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-26 09:40 - 2023-10-26 09:40 - 002383360 _____ (Farbar) C:\Users\Aïcha\Downloads\FRST64(3).exe
2023-10-25 19:17 - 2023-10-26 09:44 - 000000000 ____D C:\FRST
2023-10-25 19:16 - 2023-10-25 19:16 - 002383360 _____ (Farbar) C:\Users\Aïcha\Downloads\FRST64(2).exe
2023-10-25 19:14 - 2023-10-25 19:14 - 002383360 _____ (Farbar) C:\Users\Aïcha\Downloads\FRST64(1).exe
2023-10-25 18:33 - 2023-10-25 19:30 - 000039041 _____ C:\Users\Aïcha\Downloads\Addition.txt
2023-10-25 18:20 - 2023-10-26 09:45 - 000020027 _____ C:\Users\Aïcha\Downloads\FRST.txt
2023-10-25 18:18 - 2023-10-25 18:18 - 002383360 _____ (Farbar) C:\Users\Aïcha\Downloads\FRST64.exe
2023-10-25 14:00 - 2023-10-25 14:00 - 000000726 _____ C:\Users\Aïcha\Desktop\Bibliothèques - Raccourci.lnk
2023-10-25 13:55 - 2023-10-25 13:55 - 002935432 _____ (Opera Software) C:\Users\Aïcha\Downloads\OperaSetup.exe
2023-10-24 17:59 - 2023-10-25 10:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-23 19:33 - 2023-10-23 19:33 - 000000148 _____ C:\Users\Aïcha\Downloads\jocelyne_monneret.vcf
2023-10-23 19:32 - 2023-10-23 19:32 - 000113613 _____ C:\Users\Aïcha\Desktop\702011910921_20231023192747 zb.pdf
2023-10-23 19:32 - 2023-10-23 19:32 - 000112760 _____ C:\Users\Aïcha\Desktop\702011923290_20231023184822 ab.pdf
2023-10-23 19:31 - 2023-10-23 19:31 - 000113613 _____ C:\Users\Aïcha\Downloads\702011910921_20231023192747.pdf
2023-10-23 18:46 - 2023-10-23 18:46 - 000162269 _____ C:\Users\Aïcha\Desktop\Avis_d_impot_2023_sur_les_revenus_2022 zineb.pdf
2023-10-23 18:44 - 2023-10-23 18:44 - 000129089 _____ C:\Users\Aïcha\Desktop\Avis_d_impot_2023_sur_les_revenus_2022.pdf
2023-10-23 12:46 - 2023-10-23 12:46 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-23 11:34 - 2023-10-23 11:34 - 000000000 ___HD C:\$WinREAgent
2023-10-22 14:50 - 2023-10-22 14:50 - 000000000 ____D C:\ProgramData\PLUG
2023-10-19 11:47 - 2023-10-19 11:47 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582724596
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-26 09:32 - 2022-02-10 16:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-26 09:30 - 2021-12-16 13:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-26 09:30 - 2018-06-07 20:35 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-26 09:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-26 09:27 - 2018-06-07 02:36 - 000000000 __SHD C:\Users\Aïcha\IntelGraphicsProfiles
2023-10-26 09:27 - 2018-06-07 02:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-26 09:26 - 2020-08-25 16:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-26 09:26 - 2020-08-25 16:21 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-26 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-25 22:26 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-10-25 22:19 - 2020-08-25 16:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-25 18:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-25 10:41 - 2020-08-25 16:41 - 001926118 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-25 10:41 - 2019-12-07 16:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-25 10:41 - 2019-12-07 16:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-25 10:28 - 2018-06-07 14:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-24 18:26 - 2018-06-07 14:36 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-10-24 18:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-24 13:18 - 2020-08-25 16:29 - 000000000 ____D C:\Users\Aïcha
2023-10-24 11:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-23 15:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-23 15:39 - 2020-08-25 16:21 - 000735728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-23 13:29 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-23 13:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-10-23 13:28 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\fr
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-23 13:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-10-23 13:27 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-23 13:27 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-23 13:27 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-23 13:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-23 13:23 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-23 13:22 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-10-23 13:22 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-23 13:22 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-23 12:45 - 2020-08-25 16:25 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-22 14:45 - 2018-06-07 14:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-22 14:44 - 2018-06-07 14:47 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-22 14:41 - 2022-11-18 10:43 - 000000000 ____D C:\Program Files\RUXIM
2023-10-22 14:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-22 14:32 - 2018-06-07 02:36 - 000000000 ____D C:\Users\Aïcha\AppData\Local\Packages
2023-10-22 14:11 - 2018-06-12 22:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-22 13:48 - 2022-04-11 20:38 - 000000000 ___RD C:\Users\Aïcha\iCloudDrive
2023-10-21 18:04 - 2018-06-07 14:51 - 000000000 ____D C:\Users\Aïcha\Documents\COLLECTIF
2023-10-21 16:43 - 2016-04-12 03:48 - 000000000 ____D C:\ProgramData\Apple
2023-10-20 19:31 - 2019-01-24 21:41 - 000000000 ____D C:\Users\Aïcha\AppData\Roaming\vlc
2023-10-20 10:22 - 2018-06-07 20:36 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-19 12:03 - 2020-08-25 16:55 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1575394450
2023-10-19 12:03 - 2019-12-03 19:34 - 000001474 _____ C:\Users\Aïcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
==================== Fichiers à la racine de certains dossiers ========
2018-06-07 02:36 - 2023-10-26 09:28 - 007232950 _____ () C:\Users\Aïcha\AppData\Local\BTServer.log
2019-07-13 10:47 - 2019-07-13 10:47 - 000000000 _____ () C:\Users\Aïcha\AppData\Local\{2077C79C-0ED0-458E-9BF0-A1C20ED9698A}
2020-11-09 13:42 - 2020-11-09 13:42 - 000000000 _____ () C:\Users\Aïcha\AppData\Local\{C77271EE-B9D1-416A-A523-1C3FF9D4AD90}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================