Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01 Exécuté par User (administrateur) sur DESKTOP-7S93L4U (LENOVO 20KES3X800) (22-04-2024 17:31:17) Exécuté depuis C:\Users\User\Desktop\FRST64.exe Profils chargés: User Plate-forme: Microsoft Windows 11 Professionnel Version 22H2 22621.3447 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (C:\Program Files\WindowsApps\MicrosoftTeams_24060.3103.2805.2099_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe <6> (C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Update\1.3.36.363\GoogleCrashHandler.exe (C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Update\1.3.36.363\GoogleCrashHandler64.exe (cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe (DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (explorer.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe <35> (Key for TBT Legacy Driver -> Intel Corporation) C:\Program Files (x86)\Intel\Thunderbolt Software\Thunderbolt.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\24.065.0331.0002\Microsoft.SharePoint.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (services.exe ->) (Fibocom Wireless Inc. -> Fibocom Wireless Inc.) C:\Windows\Firmware\FwSwitchbin\FwSwitchService.exe (services.exe ->) (Fibocom Wireless Inc. -> Intel) C:\Windows\System32\ModemAuthenticator.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_d372a4ea3b959b1c\aesm_service.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe (services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe (services.exe ->) (Key for TBT Legacy Driver -> Intel Corporation) C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe (services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe (services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe (services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_328e373c8f88e5d8\LITSSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Google LLC -> Google LLC) C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxext.exe (svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.500.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-2405130692-3532857895-399146113-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.36.363\GoogleUpdateCore.exe [223008 2023-12-06] (Google LLC -> Google LLC) HKU\S-1-5-21-2405130692-3532857895-399146113-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4082112 2024-04-18] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2405130692-3532857895-399146113-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11411360 2024-04-11] (Adobe Inc. -> Adobe Systems Incorporated) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {9D9247D7-3561-48F4-B70E-4A77BE2A721A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {8FE48BDD-BAC7-40C0-95D4-14E4C3BC53C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2405130692-3532857895-399146113-1001Core{7BBF05B8-72CC-4E3D-8DBB-E06AF6ADF2E5} => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [162072 2023-07-20] (Google LLC -> Google LLC) Task: {170D09AE-84DF-40CC-A7B3-1F8A77FE23A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2405130692-3532857895-399146113-1001UA{1A53AC49-9818-4B0F-B59C-4BCE11740101} => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [162072 2023-07-20] (Google LLC -> Google LLC) Task: {5B99844C-C934-4C9D-A312-FFC22457D275} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation) Task: {C3341830-9A82-4650-A709-392A078908FD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation) Task: {89B97099-6E60-446E-95C2-27C43E9FCC76} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation) Task: {31E59535-DB75-474B-8750-350EB6E6F8CC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalServiceStart Task: {B9B70B5E-CD02-4722-8A79-CB9E799B2190} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\start ThunderboltService Task: {0426CD8B-BA7A-4712-A5E7-14D2547AD1DD} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2405130692-3532857895-399146113-1001 => C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2024-04-15] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {53297551-1CDC-4918-9009-3146CC778F50} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128872 2023-12-20] (Lenovo -> Lenovo) Task: {2D5C4D01-4826-4808-AAC9-ECE2AD7FF9DA} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> ) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {8706D11B-4EFC-4A94-A68E-3C82D68F80C5} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {1E407B71-1F69-4156-B8D1-15894B844271} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {DAFEF8AC-20BA-4E51-8E0D-24BBA60831DE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618088 2020-07-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{1a38dbc3-83e1-4f65-8f00-f596f75996eb}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-22] Edge Notifications: Default -> hxxps://www.facebook.com Edge Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-28] Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-04-11] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2024-04-22] CHR Notifications: Default -> hxxps://www.facebook.com CHR Extension: (uBlock Origin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-04-08] CHR Extension: (Adobe Acrobat : outils de modif., de conversion et de signature de PDF) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-04-13] CHR Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-04-10] CHR Extension: (Recettes Cooking) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjlkpmdjhaamdimpnoioadjkilhgpkgd [2024-02-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-20] CHR HKU\S-1-5-21-2405130692-3532857895-399146113-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) R2 IBMPMSVC; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe [1031024 2023-06-20] (Lenovo -> Lenovo) R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-04] (Lenovo -> Lenovo Group Limited) R2 LITSSVC; C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_328e373c8f88e5d8\LITSSvc.exe [1083352 2023-11-01] (Lenovo -> Lenovo.) S2 LPlatSvc; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\LPlatSvc.exe [915824 2023-06-20] (Lenovo -> Lenovo) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-04-21] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-21] (Malwarebytes Inc. -> Malwarebytes) R2 ModemAuthenticatorService; C:\Windows\System32\ModemAuthenticator.exe [1034672 2022-08-25] (Fibocom Wireless Inc. -> Intel) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522080 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé] R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2023-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 IBMPMDRV; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmdrv.sys [56128 2023-06-20] (Lenovo -> Lenovo) R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [234312 2024-04-21] (Malwarebytes Inc. -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-04-21] (Malwarebytes Inc. -> Malwarebytes) R1 PMDRVS; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\pmdrvs.sys [41792 2023-06-20] (Lenovo -> Lenovo) R3 UDE; C:\Windows\System32\drivers\UDE.sys [344496 2022-08-25] (Fibocom Wireless Inc. -> Intel Corporation) R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation) S3 HWiNFO_161; \??\C:\Users\User\AppData\Local\Temp\HWiNFO64A_161.SYS [X] <==== ATTENTION ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-04-22 17:31 - 2024-04-22 17:31 - 000019740 _____ C:\Users\User\Desktop\FRST.txt 2024-04-22 17:31 - 2024-04-22 17:31 - 000000000 ____D C:\FRST 2024-04-22 17:30 - 2024-04-22 17:30 - 002394112 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2024-04-21 11:57 - 2024-04-21 11:57 - 000001535 _____ C:\Users\User\Desktop\Malwarebytes Compte-rendu d'analyse 2024-04-21 095154.txt 2024-04-21 11:51 - 2024-04-22 17:30 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes 2024-04-21 11:51 - 2024-04-21 11:51 - 000234312 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys 2024-04-21 11:51 - 2024-04-21 11:51 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2024-04-21 11:51 - 2024-04-21 11:51 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-04-21 11:50 - 2024-04-21 11:50 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-04-21 11:49 - 2024-04-21 11:50 - 000000000 ____D C:\Program Files\Malwarebytes 2024-04-21 11:48 - 2024-04-21 11:48 - 002589624 _____ (Malwarebytes) C:\Users\User\Desktop\MBSetup.exe 2024-04-20 12:27 - 2024-04-20 12:28 - 000000000 ____D C:\Users\User\Desktop\Documents perso 2024-04-18 11:40 - 2024-04-18 11:40 - 000000000 ____D C:\Users\User\AppData\Local\LenovoServiceBridge 2024-04-10 15:26 - 2024-04-10 15:26 - 000774296 _____ C:\Windows\system32\perfh00C.dat 2024-04-10 15:26 - 2024-04-10 15:26 - 000149372 _____ C:\Windows\system32\perfc00C.dat 2024-04-10 12:32 - 2024-04-10 12:32 - 000000000 ____D C:\Windows\SysWOW64\DDFs 2024-04-10 11:59 - 2024-04-10 11:59 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-04-10 11:58 - 2024-04-10 11:58 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2024-04-10 11:54 - 2024-04-10 11:56 - 000000000 ___HD C:\$WinREAgent 2024-04-08 17:54 - 2024-04-08 17:54 - 005660816 _____ C:\Users\User\Downloads\434c_veynom_ex_user_manuals_gr.pdf 2024-04-08 17:54 - 2024-04-08 17:54 - 004545911 _____ C:\Users\User\Downloads\5e55_veynom_lx_user_manuals_gr.pdf 2024-04-07 12:15 - 2024-04-07 12:15 - 000001188 _____ C:\Users\Public\Desktop\Comptabilité Familiale 2024.lnk 2024-04-07 12:15 - 2024-04-07 12:15 - 000000000 ____D C:\Users\User\AppData\Roaming\Jsoft.fr 2024-04-07 12:15 - 2024-04-07 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comptabilité Familiale 2024 2024-04-07 12:15 - 2024-04-07 12:15 - 000000000 ____D C:\Program Files (x86)\Jsoft.fr 2024-03-29 13:11 - 2024-04-04 15:40 - 000000000 ____D C:\Users\User\Desktop\Films 2024-03-24 19:12 - 2024-03-28 13:09 - 000002855 _____ C:\Users\User\Desktop\Facebook.lnk ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-04-22 17:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness 2024-04-22 17:19 - 2023-07-17 10:17 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles 2024-04-22 17:19 - 2023-06-02 07:23 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-04-21 18:04 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-04-21 12:47 - 2023-08-05 10:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\MMC 2024-04-21 11:51 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp 2024-04-21 11:50 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP 2024-04-21 11:50 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF 2024-04-21 11:38 - 2023-07-17 07:59 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2405130692-3532857895-399146113-1001 2024-04-21 11:38 - 2023-06-02 11:37 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2405130692-3532857895-399146113-1001 2024-04-21 11:38 - 2023-06-02 11:37 - 000002414 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-04-20 12:12 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-04-20 11:40 - 2023-06-02 07:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-04-20 11:40 - 2023-06-02 07:24 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-04-18 13:28 - 2023-07-20 10:32 - 000000000 ____D C:\Users\User\Downloads\Telegram Desktop 2024-04-16 10:32 - 2023-06-02 07:27 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache 2024-04-15 22:33 - 2023-07-17 10:32 - 000000000 ____D C:\Windows\system32\icmsg 2024-04-12 23:18 - 2023-09-26 15:22 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-04-12 23:18 - 2023-09-26 15:22 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-04-12 23:18 - 2023-09-26 15:22 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2024-04-10 15:26 - 2023-06-02 11:38 - 001713458 _____ C:\Windows\system32\PerfStringBackup.INI 2024-04-10 15:21 - 2023-07-17 10:17 - 000000000 ____D C:\Intel 2024-04-10 15:21 - 2023-06-02 07:25 - 000001575 _____ C:\Windows\system32\config\VSMIDK 2024-04-10 15:21 - 2023-06-02 07:23 - 000012288 ___SH C:\DumpStack.log.tmp 2024-04-10 15:21 - 2023-06-02 07:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-04-10 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState 2024-04-10 12:34 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI 2024-04-10 12:33 - 2023-06-02 07:23 - 000295408 _____ C:\Windows\system32\FNTCACHE.DAT 2024-04-10 12:32 - 2023-10-12 11:47 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView 2024-04-10 12:32 - 2022-05-07 12:35 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions 2024-04-10 12:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr 2024-04-10 12:03 - 2023-07-17 10:04 - 000000000 ____D C:\Windows\system32\MRT 2024-04-10 12:01 - 2023-07-17 10:04 - 192651728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-04-10 12:01 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp 2024-04-10 11:59 - 2023-06-02 07:28 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-04-10 00:20 - 2023-06-02 07:23 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-04-04 22:16 - 2023-06-02 07:24 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-04-04 22:16 - 2023-06-02 07:24 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-03-29 13:09 - 2024-03-03 12:51 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc 2024-03-28 13:25 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth 2024-03-24 19:12 - 2023-06-02 07:27 - 000000000 ____D C:\Users\User\AppData\Local\Packages 2024-03-24 18:14 - 2023-07-17 10:01 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder 2024-03-24 18:13 - 2023-10-29 19:00 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================