Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Exécuté par angel (administrateur) sur LAPTOP-EI93KU5P (LENOVO 80XW) (07-12-2021 20:29:19)
Exécuté depuis C:\Users\angel\Desktop
Profils chargés: angel
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1348 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0341168.inf_amd64_121d7cdc98257567\B340713\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0341168.inf_amd64_121d7cdc98257567\B340713\atiesrxx.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-3443548542-2266835365-3506002505-1001\...\Run: [HP ENVY 5000 (NET)] => C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-3443548542-2266835365-3506002505-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {05AAB9E5-51F7-4CD3-BC25-49D09F07EFCA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {078EF477-0A72-42B6-B397-489741F801B6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9d6a326b-eadf-4483-9e0b-0772ade879eb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {166F27CC-E6BF-453F-B780-67A6FB333F0B} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {17D024FA-E468-4B37-A4A5-DA3A95E37773} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {17D6A452-1078-4914-BEDA-2FCC5EC80570} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27738A32-B516-4705-BEC3-A4E54FF0EA47} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {285F2504-CCAE-4FFD-AE17-61CDFF09F2D8} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2019-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3CBD80C8-0FF3-4360-8F4F-3513B28B8A3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-01] (Google LLC -> Google LLC)
Task: {404D5335-00FF-41E7-A254-18A3ED4F1C01} - System32\Tasks\CCleanerSkipUAC - angel => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4E742B7D-CCDD-4A8B-99F3-19BB0A225257} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {5408E657-6B7C-4F90-8079-0081A7975BAB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4749344-e78d-4284-af69-c4b29db93122 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {6B76D853-F057-4F44-A206-0DC40730C0C1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5509b520-684e-4bbf-8aa7-7344b69e3813 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {71F118BD-3515-412C-8867-8925EA5EB812} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {743FDFDC-73D0-43B2-B2EA-0B1D824CBE9E} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier)
Task: {7FC37811-ED1B-4B0B-8702-9D765A3D2F64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92958FE2-7805-4CE5-B66A-05333BAC1F71} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Pas de fichier)
Task: {941948C0-6DE5-488D-A0D4-0AF2A81FDFCE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {94A827BA-E7D0-4031-A7DB-9E6AA9DF87A0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9000503b-58b4-4112-918b-be34db73326b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {9BFACDCA-3C53-4824-B99B-08B37B0766C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-01] (Google LLC -> Google LLC)
Task: {A316AACD-629B-4A48-A0E8-3A8894EE3032} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2016-09-30] (CyberLink Corp. -> CyberLink Corp.)
Task: {AABC1907-1CFF-4541-B5DA-0BE74BEC514D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF6E62E3-8847-45B5-85B0-442ADE760FB8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1D2CFD6-E42D-4C05-8B5D-71FDAD7B37C6} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {C5DB0D48-0179-42BF-A20A-2FAA4E87A96C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC9E635F-D7AC-41B3-813B-FCFDEC1C5F36} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {CCF2797F-C2B2-4969-A806-426C3E5C5EFF} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {D6424190-D322-4121-BD19-E47A78BB9AD3} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D87BABBF-3376-4456-8934-223EF58A482B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E340544B-DD81-4D92-AED1-ED680714CD34} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E768FEBC-E2C1-48A5-B5BA-3FF4AEB197FF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9c88c5fc-c038-4764-a9b9-68b8003e329f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {ECA50659-3A75-4A61-AA8E-8D37F895387B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {F6A6073C-3E53-43F5-B4F9-34CADA2A317A} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F8D5DF42-8AD6-4150-8495-0D2BE767B1FD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4d063934-19b5-436e-b3bf-d68cdb01262c}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{531c0b86-582f-4100-80d2-b2d243991591}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{a4311148-55f1-42e7-9cef-71b89aca24d2}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b836dc05-8e23-45d6-bc48-3f7771fec1e8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ee912534-f021-4fc7-be4b-9de4fbd7a500}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\angel\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-21]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default [2021-12-07]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.rencontre60ans.fr
CHR Extension: (Slides) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-01]
CHR Extension: (Docs) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-01]
CHR Extension: (Google Drive) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-01]
CHR Extension: (Sheets) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 MpKsl31de2bad; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{914E09BB-2318-4B22-9C0E-2BC919A05935}\MpKslDrv.sys [134376 2021-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 20:26 - 2021-12-07 20:29 - 000029936 _____ C:\Users\angel\Desktop\Addition.txt
2021-12-07 20:21 - 2021-12-07 20:32 - 000019688 _____ C:\Users\angel\Desktop\FRST.txt
2021-12-07 20:20 - 2021-12-07 20:30 - 000000000 ____D C:\FRST
2021-12-07 20:19 - 2021-12-07 20:19 - 002311168 _____ (Farbar) C:\Users\angel\Desktop\FRST64.exe
2021-11-26 12:47 - 2021-11-26 12:47 - 000000398 _____ C:\WINDOWS\storelibdebug.txt
2021-11-12 16:55 - 2021-11-12 16:55 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-12 16:55 - 2021-11-12 16:55 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-12 16:54 - 2021-11-12 16:54 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-12 16:52 - 2021-11-12 16:52 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-12 15:14 - 2021-11-12 15:14 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 20:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-07 20:21 - 2020-07-01 15:48 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-07 20:03 - 2021-07-28 08:20 - 000000000 ____D C:\Program Files\CCleaner
2021-12-07 17:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-07 16:51 - 2021-03-25 12:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-07 15:33 - 2020-08-14 12:03 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-07 15:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-07 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-07 15:22 - 2021-03-25 13:20 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3443548542-2266835365-3506002505-1001
2021-12-07 15:22 - 2021-03-25 12:57 - 000002474 _____ C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-06 12:15 - 2021-03-25 12:57 - 000000000 ____D C:\Users\angel
2021-12-06 11:45 - 2021-07-28 08:20 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-06 11:40 - 2021-03-25 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-06 11:40 - 2021-03-25 12:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-06 11:40 - 2021-03-11 18:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-12-06 11:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-28 13:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-27 13:09 - 2021-03-25 13:09 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-27 13:09 - 2019-12-07 15:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-27 13:09 - 2019-12-07 15:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-26 22:12 - 2020-07-01 14:51 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-11-26 22:12 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-24 19:44 - 2020-07-01 15:39 - 000000000 ____D C:\Users\angel\AppData\Local\D3DSCache
2021-11-20 10:12 - 2021-03-19 16:46 - 000000000 ____D C:\Users\angel\AppData\Local\CrashDumps
2021-11-17 13:38 - 2021-04-13 14:21 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7216f44b94af4
2021-11-17 13:38 - 2021-03-25 13:20 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-14 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-14 14:08 - 2017-06-22 05:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-13 21:32 - 2021-03-25 12:49 - 000267544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-13 21:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-12 19:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-12 15:02 - 2020-07-01 23:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-12 14:53 - 2020-07-01 23:01 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-08-12 10:55 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-07 22:36 - 2021-08-12 10:55 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2021-01-29 14:42 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2020-08-03 11:26 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par angel (administrateur) sur LAPTOP-EI93KU5P (LENOVO 80XW) (07-12-2021 20:29:19)
Exécuté depuis C:\Users\angel\Desktop
Profils chargés: angel
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1348 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0341168.inf_amd64_121d7cdc98257567\B340713\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0341168.inf_amd64_121d7cdc98257567\B340713\atiesrxx.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-3443548542-2266835365-3506002505-1001\...\Run: [HP ENVY 5000 (NET)] => C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-3443548542-2266835365-3506002505-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {05AAB9E5-51F7-4CD3-BC25-49D09F07EFCA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {078EF477-0A72-42B6-B397-489741F801B6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9d6a326b-eadf-4483-9e0b-0772ade879eb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {166F27CC-E6BF-453F-B780-67A6FB333F0B} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {17D024FA-E468-4B37-A4A5-DA3A95E37773} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {17D6A452-1078-4914-BEDA-2FCC5EC80570} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27738A32-B516-4705-BEC3-A4E54FF0EA47} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {285F2504-CCAE-4FFD-AE17-61CDFF09F2D8} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2019-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3CBD80C8-0FF3-4360-8F4F-3513B28B8A3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-01] (Google LLC -> Google LLC)
Task: {404D5335-00FF-41E7-A254-18A3ED4F1C01} - System32\Tasks\CCleanerSkipUAC - angel => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4E742B7D-CCDD-4A8B-99F3-19BB0A225257} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {5408E657-6B7C-4F90-8079-0081A7975BAB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4749344-e78d-4284-af69-c4b29db93122 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {6B76D853-F057-4F44-A206-0DC40730C0C1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5509b520-684e-4bbf-8aa7-7344b69e3813 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {71F118BD-3515-412C-8867-8925EA5EB812} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {743FDFDC-73D0-43B2-B2EA-0B1D824CBE9E} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier)
Task: {7FC37811-ED1B-4B0B-8702-9D765A3D2F64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92958FE2-7805-4CE5-B66A-05333BAC1F71} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Pas de fichier)
Task: {941948C0-6DE5-488D-A0D4-0AF2A81FDFCE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {94A827BA-E7D0-4031-A7DB-9E6AA9DF87A0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9000503b-58b4-4112-918b-be34db73326b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {9BFACDCA-3C53-4824-B99B-08B37B0766C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-01] (Google LLC -> Google LLC)
Task: {A316AACD-629B-4A48-A0E8-3A8894EE3032} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2016-09-30] (CyberLink Corp. -> CyberLink Corp.)
Task: {AABC1907-1CFF-4541-B5DA-0BE74BEC514D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF6E62E3-8847-45B5-85B0-442ADE760FB8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1D2CFD6-E42D-4C05-8B5D-71FDAD7B37C6} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {C5DB0D48-0179-42BF-A20A-2FAA4E87A96C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC9E635F-D7AC-41B3-813B-FCFDEC1C5F36} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {CCF2797F-C2B2-4969-A806-426C3E5C5EFF} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {D6424190-D322-4121-BD19-E47A78BB9AD3} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D87BABBF-3376-4456-8934-223EF58A482B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E340544B-DD81-4D92-AED1-ED680714CD34} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E768FEBC-E2C1-48A5-B5BA-3FF4AEB197FF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9c88c5fc-c038-4764-a9b9-68b8003e329f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {ECA50659-3A75-4A61-AA8E-8D37F895387B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {F6A6073C-3E53-43F5-B4F9-34CADA2A317A} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F8D5DF42-8AD6-4150-8495-0D2BE767B1FD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4d063934-19b5-436e-b3bf-d68cdb01262c}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{531c0b86-582f-4100-80d2-b2d243991591}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{a4311148-55f1-42e7-9cef-71b89aca24d2}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b836dc05-8e23-45d6-bc48-3f7771fec1e8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ee912534-f021-4fc7-be4b-9de4fbd7a500}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\angel\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-21]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default [2021-12-07]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.rencontre60ans.fr
CHR Extension: (Slides) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-01]
CHR Extension: (Docs) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-01]
CHR Extension: (Google Drive) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-01]
CHR Extension: (Sheets) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\angel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 MpKsl31de2bad; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{914E09BB-2318-4B22-9C0E-2BC919A05935}\MpKslDrv.sys [134376 2021-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 20:26 - 2021-12-07 20:29 - 000029936 _____ C:\Users\angel\Desktop\Addition.txt
2021-12-07 20:21 - 2021-12-07 20:32 - 000019688 _____ C:\Users\angel\Desktop\FRST.txt
2021-12-07 20:20 - 2021-12-07 20:30 - 000000000 ____D C:\FRST
2021-12-07 20:19 - 2021-12-07 20:19 - 002311168 _____ (Farbar) C:\Users\angel\Desktop\FRST64.exe
2021-11-26 12:47 - 2021-11-26 12:47 - 000000398 _____ C:\WINDOWS\storelibdebug.txt
2021-11-12 16:55 - 2021-11-12 16:55 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-12 16:55 - 2021-11-12 16:55 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-12 16:54 - 2021-11-12 16:54 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-12 16:52 - 2021-11-12 16:52 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-12 15:14 - 2021-11-12 15:14 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 20:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-07 20:21 - 2020-07-01 15:48 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-07 20:03 - 2021-07-28 08:20 - 000000000 ____D C:\Program Files\CCleaner
2021-12-07 17:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-07 16:51 - 2021-03-25 12:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-07 15:33 - 2020-08-14 12:03 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-07 15:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-07 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-07 15:22 - 2021-03-25 13:20 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3443548542-2266835365-3506002505-1001
2021-12-07 15:22 - 2021-03-25 12:57 - 000002474 _____ C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-06 12:15 - 2021-03-25 12:57 - 000000000 ____D C:\Users\angel
2021-12-06 11:45 - 2021-07-28 08:20 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-06 11:40 - 2021-03-25 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-06 11:40 - 2021-03-25 12:49 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-06 11:40 - 2021-03-11 18:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-12-06 11:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-28 13:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-27 13:09 - 2021-03-25 13:09 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-27 13:09 - 2019-12-07 15:49 - 000792842 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-27 13:09 - 2019-12-07 15:49 - 000149972 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-26 22:12 - 2020-07-01 14:51 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-11-26 22:12 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-24 19:44 - 2020-07-01 15:39 - 000000000 ____D C:\Users\angel\AppData\Local\D3DSCache
2021-11-20 10:12 - 2021-03-19 16:46 - 000000000 ____D C:\Users\angel\AppData\Local\CrashDumps
2021-11-17 13:38 - 2021-04-13 14:21 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7216f44b94af4
2021-11-17 13:38 - 2021-03-25 13:20 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-14 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-14 14:08 - 2017-06-22 05:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-13 21:32 - 2021-03-25 12:49 - 000267544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-13 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-13 21:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-12 19:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-12 15:02 - 2020-07-01 23:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-12 14:53 - 2020-07-01 23:01 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-07 22:36 - 2021-08-12 10:55 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-11-07 22:36 - 2021-08-12 10:55 - 000063728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-11-07 22:36 - 2021-01-29 14:42 - 000429952 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-11-07 22:36 - 2020-08-03 11:26 - 000109296 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================