Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Exécuté par User (administrateur) sur DESKTOP-7S93L4U (LENOVO 20KES3X800) (22-04-2024 17:31:17)
Exécuté depuis C:\Users\User\Desktop\FRST64.exe
Profils chargés: User
Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.3447 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24060.3103.2805.2099_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe <6>
(C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe <35>
(Key for TBT Legacy Driver -> Intel Corporation) C:\Program Files (x86)\Intel\Thunderbolt Software\Thunderbolt.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\24.065.0331.0002\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Fibocom Wireless Inc. -> Fibocom Wireless Inc.) C:\Windows\Firmware\FwSwitchbin\FwSwitchService.exe
(services.exe ->) (Fibocom Wireless Inc. -> Intel) C:\Windows\System32\ModemAuthenticator.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_d372a4ea3b959b1c\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(services.exe ->) (Key for TBT Legacy Driver -> Intel Corporation) C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_328e373c8f88e5d8\LITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.500.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2405130692-3532857895-399146113-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.36.363\GoogleUpdateCore.exe [223008 2023-12-06] (Google LLC -> Google LLC)
HKU\S-1-5-21-2405130692-3532857895-399146113-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4082112 2024-04-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2405130692-3532857895-399146113-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11411360 2024-04-11] (Adobe Inc. -> Adobe Systems Incorporated)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {9D9247D7-3561-48F4-B70E-4A77BE2A721A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {8FE48BDD-BAC7-40C0-95D4-14E4C3BC53C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2405130692-3532857895-399146113-1001Core{7BBF05B8-72CC-4E3D-8DBB-E06AF6ADF2E5} => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [162072 2023-07-20] (Google LLC -> Google LLC)
Task: {170D09AE-84DF-40CC-A7B3-1F8A77FE23A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2405130692-3532857895-399146113-1001UA{1A53AC49-9818-4B0F-B59C-4BCE11740101} => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [162072 2023-07-20] (Google LLC -> Google LLC)
Task: {5B99844C-C934-4C9D-A312-FFC22457D275} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {C3341830-9A82-4650-A709-392A078908FD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {89B97099-6E60-446E-95C2-27C43E9FCC76} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {31E59535-DB75-474B-8750-350EB6E6F8CC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalServiceStart
Task: {B9B70B5E-CD02-4722-8A79-CB9E799B2190} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\start ThunderboltService
Task: {0426CD8B-BA7A-4712-A5E7-14D2547AD1DD} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2405130692-3532857895-399146113-1001 => C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2024-04-15] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {53297551-1CDC-4918-9009-3146CC778F50} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128872 2023-12-20] (Lenovo -> Lenovo)
Task: {2D5C4D01-4826-4808-AAC9-ECE2AD7FF9DA} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> )
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {8706D11B-4EFC-4A94-A68E-3C82D68F80C5} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1E407B71-1F69-4156-B8D1-15894B844271} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DAFEF8AC-20BA-4E51-8E0D-24BBA60831DE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1a38dbc3-83e1-4f65-8f00-f596f75996eb}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-22]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-28]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-04-11] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2024-04-22]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (uBlock Origin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-04-08]
CHR Extension: (Adobe Acrobat : outils de modif., de conversion et de signature de PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-04-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-04-10]
CHR Extension: (Recettes Cooking) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjlkpmdjhaamdimpnoioadjkilhgpkgd [2024-02-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-20]
CHR HKU\S-1-5-21-2405130692-3532857895-399146113-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 IBMPMSVC; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe [1031024 2023-06-20] (Lenovo -> Lenovo)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-04] (Lenovo -> Lenovo Group Limited)
R2 LITSSVC; C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_328e373c8f88e5d8\LITSSvc.exe [1083352 2023-11-01] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\LPlatSvc.exe [915824 2023-06-20] (Lenovo -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-04-21] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-21] (Malwarebytes Inc. -> Malwarebytes)
R2 ModemAuthenticatorService; C:\Windows\System32\ModemAuthenticator.exe [1034672 2022-08-25] (Fibocom Wireless Inc. -> Intel)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522080 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 IBMPMDRV; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmdrv.sys [56128 2023-06-20] (Lenovo -> Lenovo)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [234312 2024-04-21] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-04-21] (Malwarebytes Inc. -> Malwarebytes)
R1 PMDRVS; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\pmdrvs.sys [41792 2023-06-20] (Lenovo -> Lenovo)
R3 UDE; C:\Windows\System32\drivers\UDE.sys [344496 2022-08-25] (Fibocom Wireless Inc. -> Intel Corporation)
R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 HWiNFO_161; \??\C:\Users\User\AppData\Local\Temp\HWiNFO64A_161.SYS [X] <==== ATTENTION
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-22 17:31 - 2024-04-22 17:31 - 000019740 _____ C:\Users\User\Desktop\FRST.txt
2024-04-22 17:31 - 2024-04-22 17:31 - 000000000 ____D C:\FRST
2024-04-22 17:30 - 2024-04-22 17:30 - 002394112 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2024-04-21 11:57 - 2024-04-21 11:57 - 000001535 _____ C:\Users\User\Desktop\Malwarebytes Compte-rendu d'analyse 2024-04-21 095154.txt
2024-04-21 11:51 - 2024-04-22 17:30 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2024-04-21 11:51 - 2024-04-21 11:51 - 000234312 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-04-21 11:51 - 2024-04-21 11:51 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-04-21 11:51 - 2024-04-21 11:51 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-04-21 11:50 - 2024-04-21 11:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-04-21 11:49 - 2024-04-21 11:50 - 000000000 ____D C:\Program Files\Malwarebytes
2024-04-21 11:48 - 2024-04-21 11:48 - 002589624 _____ (Malwarebytes) C:\Users\User\Desktop\MBSetup.exe
2024-04-20 12:27 - 2024-04-20 12:28 - 000000000 ____D C:\Users\User\Desktop\Documents perso
2024-04-18 11:40 - 2024-04-18 11:40 - 000000000 ____D C:\Users\User\AppData\Local\LenovoServiceBridge
2024-04-10 15:26 - 2024-04-10 15:26 - 000774296 _____ C:\Windows\system32\perfh00C.dat
2024-04-10 15:26 - 2024-04-10 15:26 - 000149372 _____ C:\Windows\system32\perfc00C.dat
2024-04-10 12:32 - 2024-04-10 12:32 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2024-04-10 11:59 - 2024-04-10 11:59 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-10 11:58 - 2024-04-10 11:58 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-04-10 11:54 - 2024-04-10 11:56 - 000000000 ___HD C:\$WinREAgent
2024-04-08 17:54 - 2024-04-08 17:54 - 005660816 _____ C:\Users\User\Downloads\434c_veynom_ex_user_manuals_gr.pdf
2024-04-08 17:54 - 2024-04-08 17:54 - 004545911 _____ C:\Users\User\Downloads\5e55_veynom_lx_user_manuals_gr.pdf
2024-04-07 12:15 - 2024-04-07 12:15 - 000001188 _____ C:\Users\Public\Desktop\Comptabilité Familiale 2024.lnk
2024-04-07 12:15 - 2024-04-07 12:15 - 000000000 ____D C:\Users\User\AppData\Roaming\Jsoft.fr
2024-04-07 12:15 - 2024-04-07 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comptabilité Familiale 2024
2024-04-07 12:15 - 2024-04-07 12:15 - 000000000 ____D C:\Program Files (x86)\Jsoft.fr
2024-03-29 13:11 - 2024-04-04 15:40 - 000000000 ____D C:\Users\User\Desktop\Films
2024-03-24 19:12 - 2024-03-28 13:09 - 000002855 _____ C:\Users\User\Desktop\Facebook.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-22 17:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-04-22 17:19 - 2023-07-17 10:17 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2024-04-22 17:19 - 2023-06-02 07:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-04-21 18:04 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-21 12:47 - 2023-08-05 10:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\MMC
2024-04-21 11:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-04-21 11:50 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-04-21 11:50 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-04-21 11:38 - 2023-07-17 07:59 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2405130692-3532857895-399146113-1001
2024-04-21 11:38 - 2023-06-02 11:37 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2405130692-3532857895-399146113-1001
2024-04-21 11:38 - 2023-06-02 11:37 - 000002414 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-20 12:12 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-20 11:40 - 2023-06-02 07:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-20 11:40 - 2023-06-02 07:24 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-18 13:28 - 2023-07-20 10:32 - 000000000 ____D C:\Users\User\Downloads\Telegram Desktop
2024-04-16 10:32 - 2023-06-02 07:27 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2024-04-15 22:33 - 2023-07-17 10:32 - 000000000 ____D C:\Windows\system32\icmsg
2024-04-12 23:18 - 2023-09-26 15:22 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-04-12 23:18 - 2023-09-26 15:22 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-04-12 23:18 - 2023-09-26 15:22 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-04-10 15:26 - 2023-06-02 11:38 - 001713458 _____ C:\Windows\system32\PerfStringBackup.INI
2024-04-10 15:21 - 2023-07-17 10:17 - 000000000 ____D C:\Intel
2024-04-10 15:21 - 2023-06-02 07:25 - 000001575 _____ C:\Windows\system32\config\VSMIDK
2024-04-10 15:21 - 2023-06-02 07:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-04-10 15:21 - 2023-06-02 07:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-04-10 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-04-10 12:34 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-04-10 12:33 - 2023-06-02 07:23 - 000295408 _____ C:\Windows\system32\FNTCACHE.DAT
2024-04-10 12:32 - 2023-10-12 11:47 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-04-10 12:32 - 2022-05-07 12:35 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-04-10 12:03 - 2023-07-17 10:04 - 000000000 ____D C:\Windows\system32\MRT
2024-04-10 12:01 - 2023-07-17 10:04 - 192651728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-04-10 12:01 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-04-10 11:59 - 2023-06-02 07:28 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-04-10 00:20 - 2023-06-02 07:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-04-04 22:16 - 2023-06-02 07:24 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 22:16 - 2023-06-02 07:24 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-29 13:09 - 2024-03-03 12:51 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2024-03-28 13:25 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-03-24 19:12 - 2023-06-02 07:27 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2024-03-24 18:14 - 2023-07-17 10:01 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2024-03-24 18:13 - 2023-10-29 19:00 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================