Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2019 01
Exécuté par tacoo (administrateur) sur MARJO-ET-LOLO (16-09-2022 20:19:53)
Exécuté depuis C:\Users\tacoo\OneDrive\Bureau
Profils chargés: tacoo (Profils disponibles: tacoo)
Platform: Windows 10 Home Version 2009 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(CyberLink) C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(Lenovo(beijing) Limited) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
() C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
() C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
() C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
(Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(Farbar) C:\Users\tacoo\OneDrive\Bureau\FRST64-2.1.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-26] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4231392 2021-04-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\...\Run: [MicrosoftEdgeAutoLaunch_CFB042DFBB39CD88E03512BF440B03F2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [3827128 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.82\Installer\chrmstp.exe [2022-08-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.54\Installer\setup.exe [2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
ShellServiceObjects: OneDrive network states cache SSO -> {78DE489B-7931-4f14-83B4-C56D38AC9FFA} => C:\Windows\System32\Windows.FileExplorer.Common.dll [2022-06-21] (Microsoft Windows -> Microsoft Corporation)
ShellServiceObjects-x32: OneDrive network states cache SSO -> {78DE489B-7931-4f14-83B4-C56D38AC9FFA} => C:\Windows\SysWOW64\Windows.FileExplorer.Common.dll [2022-03-15] (Microsoft Windows -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0266a3cd-ae85-4011-92d6-5a6638ebeab3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0f9dce3f-c441-44b2-95a3-1298b37ca48b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b394c8fc-7b78-4f19-a21b-c1dcb7742557}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2306363327-680675223-2352291500-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-2306363327-680675223-2352291500-1001 -> DefaultScope {D2BAE049-1997-461D-97FD-92699381E07D} URL =
SearchScopes: HKU\S-1-5-21-2306363327-680675223-2352291500-1001 -> {D2BAE049-1997-461D-97FD-92699381E07D} URL =
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.54\BHO\ie_to_edge_bho_64.dll [2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.54\BHO\ie_to_edge_bho.dll [2022-08-11] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2306363327-680675223-2352291500-1001 -> hxxp://www.google.fr/
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\tacoo\AppData\Local\Google\Chrome\User Data\Default [2022-09-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\tacoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\tacoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [461824 2022-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 AarSvc; C:\WINDOWS\SysWOW64\AarSvc.dll [352256 2022-08-15] (Microsoft Windows -> Microsoft Corporation)
S4 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe [2350112 2021-04-26] (Intel Corporation -> Intel Corporation)
S4 ApHidMonitorService; C:\WINDOWS\system32\Alps\GlidePoint\HidMonitorSvc.exe [345384 2020-04-08] (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
S4 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [114176 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S4 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [21312 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S4 COMSysApp; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [19256 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S4 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [3274432 2021-04-10] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S4 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33984 2021-04-19] (Check Point Software Technologies Ltd. -> )
S4 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33984 2021-04-19] (Check Point Software Technologies Ltd. -> )
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [382696 2021-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_31243; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [382696 2021-09-20] (Microsoft Windows -> Microsoft Corporation)
S4 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc32.exe [104232 2021-09-06] (Conexant Systems LLC -> Conexant Systems, Inc.)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [250000 2022-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [195240 2022-08-15] (Microsoft Windows -> Microsoft Corporation)
S4 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [379392 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S4 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602544 2018-10-02] (Dolby Laboratories, Inc. -> )
S4 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-08-15] (Microsoft Corporation -> Microsoft Corporation)
S4 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-08-15] (Microsoft Corporation -> Microsoft Corporation)
S4 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1855976 2018-05-25] (Intel Corporation -> Intel Corporation)
S4 FMAPOService; C:\WINDOWS\System32\FMService64.exe [360320 2019-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-11-16] (HP Inc. -> HP Inc.)
S4 igccservice; C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_7177cf092021a5b2\OneApp.IGCC.WinService.exe [36720 2020-04-07] (Intel(R) pGFX -> )
S4 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe [785240 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
S4 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe [729944 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
S4 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe [628616 2021-06-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S4 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
S4 LMS; C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe [4064384 2021-09-02] (Intel Corporation -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-08-23] (Malwarebytes Inc -> Malwarebytes)
S4 McpManagementService; C:\WINDOWS\System32\McpManagementService.dll [258048 2022-07-23] (Microsoft Windows -> Microsoft Corporation)
S4 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.54\elevation_service.exe [1705912 2022-08-11] (Microsoft Corporation -> Microsoft Corporation)
S4 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [134768 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S4 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [104824 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S4 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2019-06-26] () [Fichier non signé]
S4 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18624 2021-03-29] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S4 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [137920 2021-04-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S4 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [487936 2022-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 UdkUserSvc; C:\WINDOWS\System32\windowsudk.shellcommon.dll [2240000 2022-06-21] (Microsoft Windows -> Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [346448 2022-03-23] (Microsoft Windows -> Microsoft Corporation)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [570368 2022-08-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WLSetupSvc; C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation) [Fichier non signé]
S4 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2021-04-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [694272 2022-02-13] (Microsoft Windows -> Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [45568 2019-12-07] (Microsoft Windows -> Advanced Micro Devices, Inc)
R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidFiltr.sys [285456 2020-04-08] (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [93696 2022-05-27] (Microsoft Windows -> )
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [153040 2021-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78680 2018-05-01] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2018-05-01] (Intel Corporation -> Intel Corporation)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [402264 2018-05-01] (Intel Corporation -> Intel Corporation)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [23040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98864 2018-07-11] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [207384 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [56184 2021-01-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2022-04-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-08-23] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_e9ffe3f2557dd9e9\x64\TeeDriverW10x64.sys [300040 2020-10-12] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MpKsl8f4220d6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC1AEF44-E6F7-4EDF-8E20-CA586CD86744}\MpKslDrv.sys [141576 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322376 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8720384 2019-08-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1138000 2018-08-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [434000 2018-08-02] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [40368 2019-01-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26608 2021-03-22] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys [110608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys [32056 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys [29496 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)

==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-09-16 20:19 - 2022-09-16 20:19 - 000000000 ____D C:\FRST
2022-09-15 20:57 - 2015-08-03 07:17 - 004628248 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2022-09-15 20:57 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2022-09-15 20:56 - 2022-09-15 20:57 - 000000000 ____D C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
2022-09-15 20:56 - 2022-09-15 20:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-09-15 20:56 - 2015-06-23 13:46 - 000456560 _____ (Realtek) C:\WINDOWS\SwUSB.exe
2022-09-15 20:56 - 2014-12-12 17:24 - 000044760 _____ () C:\WINDOWS\runSW.exe
2022-09-15 20:56 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll
2022-09-15 20:56 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2022-08-22 21:10 - 2022-08-22 21:36 - 010483256 _____ C:\WINDOWS\cpepmon.mlf
2022-08-21 15:20 - 2022-08-21 15:20 - 000000000 ___HD C:\$SysReset
2022-08-21 14:42 - 2022-08-21 14:43 - 000000000 ____D C:\WINDOWS\pss

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-09-16 20:24 - 2019-05-19 13:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-16 20:15 - 2021-03-22 04:53 - 000000000 ____D C:\Users\tacoo
2022-09-16 20:14 - 2021-03-22 06:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-16 20:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-16 20:13 - 2021-03-22 04:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-15 22:46 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-02 20:48 - 2019-06-06 12:53 - 000000000 ____D C:\Users\tacoo\AppData\Local\ElevatedDiagnostics
2022-08-27 07:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-27 07:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-22 21:34 - 2019-07-23 16:05 - 000000000 ___RD C:\Users\tacoo\iCloudDrive
2022-08-21 16:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-21 14:28 - 2019-05-17 20:41 - 000000000 __SHD C:\Users\tacoo\IntelGraphicsProfiles
2022-08-21 14:24 - 2021-03-22 04:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-21 14:24 - 2020-09-19 16:54 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2022-08-21 08:27 - 2022-07-23 09:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2022-08-20 19:34 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-20 19:24 - 2021-03-22 05:07 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-20 19:24 - 2019-12-07 16:49 - 000757852 _____ C:\WINDOWS\system32\perfh00C.dat
2022-08-20 19:24 - 2019-12-07 16:49 - 000142606 _____ C:\WINDOWS\system32\perfc00C.dat
2022-08-20 19:18 - 2021-03-22 04:38 - 000267384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-20 19:12 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-20 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr

==================== Fichiers à la racine de certains dossiers =======

2020-05-08 21:42 - 2020-05-08 21:42 - 000000017 _____ () C:\Users\tacoo\AppData\Local\resmon.resmoncfg
2022-05-26 19:24 - 2022-05-26 19:24 - 000000000 _____ () C:\Users\tacoo\AppData\Local\{3B039FFA-B418-4AAB-AF17-8664A3E141D2}

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dllhost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

==================== Fin de FRST.txt ============================