Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2022
Exécuté par jak (administrateur) sur JOSY-PC (Dell Inc. Latitude E5250) (22-05-2022 13:21:42)
Exécuté depuis C:\Users\jak\Desktop
Profils chargés: jak
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (remotemouse.net) [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (RemoteMouse.net) [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Users\jak\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\86.0.4363.59\opera_crashreporter.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) [Fichier non signé] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel Corporation - Client Components Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\opera.exe <18>
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [729432 2014-12-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [606296 2014-10-03] (Waves Inc -> Waves Audio Ltd.) [Fichier non signé]
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4876496 2014-10-29] (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-11-04] (Intel Corporation - Client Components Group -> Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2432512 2022-05-16] (remotemouse.net) [Fichier non signé]
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [Opera Browser Assistant] => C:\Users\jak\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4124416 2022-05-17] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [] => [X]
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {18da1820-d832-11e7-9c90-605718ce5f85} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {18da182c-d832-11e7-9c90-605718ce5f85} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {eb998086-b673-11e8-be79-605718ce5f85} - D:\HiSuiteDownLoader.exe
HKLM\...\Windows x64\Print Processors\hpcpp145: C:\Windows\System32\spool\prtprocs\x64\hpcpp145.dll [580608 2013-02-01] (Hewlett-Packard Corporation) [Fichier non signé]
HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1006080 2012-08-09] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\Windows\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\jak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-11-01]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04E49B92-86BF-4E46-A1BC-2458B3340101} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {19261714-5EE4-4F99-B17F-34D6EB069ADF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> )
Task: {1BA2D082-CC96-4240-9A6B-0A054A8168C7} - System32\Tasks\{3C31785E-744E-4B2A-9279-176D42AD2A7D} => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software)
Task: {3A910F9E-8AF7-493D-8428-AB0966D8DCB9} - \Opera scheduled assistant Autoupdate 1607421606 -> Pas de fichier <==== ATTENTION
Task: {4637B59B-75AA-475D-B3EE-3EE292A3E097} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-07-15] (Google Inc -> Google Inc.)
Task: {4725EDFA-52F5-4330-9185-8D972DA50B31} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> )
Task: {4CAA0975-554D-41F5-A194-8404A561A2D6} - System32\Tasks\{DC39796C-068E-408A-8AD9-8E73FD1C9E03} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier)
Task: {4E263677-E46C-41FB-B233-6CF7094874A3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {541B61E1-3786-43A8-8E09-1C908AAFC9FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-07-15] (Google Inc -> Google Inc.)
Task: {5C5B4CF3-38AA-4DF4-BA9A-36A3272F0654} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {9B78FFBC-C746-474B-9194-33F8441925AF} - System32\Tasks\Opera scheduled Autoupdate 1607421590 => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software)
Task: {A93CBD67-DDEF-48C5-B006-B77CE2CC413F} - System32\Tasks\{77C518AC-9425-41EB-A93B-C0B3B14AF029} => C:\Windows\system32\pcalua.exe -a C:\Users\jak\Desktop\windows-live-essential_16-4-3552.exe -d C:\Users\jak\Desktop
Task: {B3AC371D-71B7-4D2B-9CF3-295E5739A076} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C257E494-3582-4DCD-B375-B75876C6D94C} - System32\Tasks\{56682A7C-E5C0-48E0-9A21-BFA927A63E37} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier)
Task: {D344EF38-9126-4B78-8D5A-5B2432E0E28D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D554632C-B2FF-4B92-A1E2-EFE8AC50A9F6} - System32\Tasks\{77053123-921C-4B9C-8B6C-96DC84304368} => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software)
Task: {D5CB5161-FCC9-4D36-BC2B-815D65DD5865} - System32\Tasks\{8E5308B9-18C2-44D6-8884-537789238A29} => C:\Windows\system32\pcalua.exe -a C:\Users\jak\Desktop\Windows_movie-maker_12_fr.exe -d C:\Users\jak\Desktop
Task: {E25BFEC9-0449-4673-A1F7-0B548B35470C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117136 2022-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0A8EEE7-DD1F-4618-A340-D3122D0AF730} - System32\Tasks\{28E07DBE-2F81-4C2E-8862-378BB6F091D0} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier)
Task: {FC7739BC-E93F-4E5B-8591-357BCB2379E6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117136 2022-05-16] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{06D41FB9-36CF-4216-A0D0-E9FEDC23F4B1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{1E652BEB-B01A-4083-8BEA-39BE8F63385D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E8E22FA-C9FA-4153-80D1-172EC758A384}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{41EE62A1-8876-49E2-85C0-DA1AEBCCB2A1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6BBF1219-976D-4D75-B03E-38DD13714A36}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default [2022-05-22]
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://www.facebook.com; hxxps://www.tomsguide.fr
CHR NewTab: Default -> Not-active:"chrome-extension://fmgfhejnhlniacgkjnmakangponnkggd/ntp1.html"
CHR Extension: (Bookmarks Menu) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2022-05-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-21]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-22]
CHR Extension: (Commentez et Envoyez vos Captures d'écran) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2022-05-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-21]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2022-05-22]
CHR Profile: C:\Users\jak\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-23]
Opera:
=======
OPR Profile: C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable [2022-05-22]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-20]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2022-05-20]
OPR Extension: (Opera Crypto Wallet) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-05-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-18]
OPR Extension: (Avira Password Manager) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2022-05-13]
OPR Extension: (Avira Phantom VPN gratuit – débloquez des sites) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-12-08]
Brave:
=======
BRA Profile: C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-04-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-10-29]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-10-29]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-10-29]
BRA Extension: (Brave NTP sponsored images) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2020-10-29]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-10-29]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-11-07] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139024 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\SysWOW64\dllhost.exe /Processid:{82F7B1FB-80D1-457A-B98E-462BEFDD1701} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> )
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [Fichier non signé]
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [Fichier non signé]
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2022-05-16] () [Fichier non signé]
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SWIService.exe [1626600 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-03-31] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\jak\AppData\Roaming\Zoom"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BCMNFCSCR; C:\Windows\System32\DRIVERS\bcmnfcscr7.sys [41728 2014-10-15] (Broadcom Corporation -> Broadcom Corporation.)
R3 bcmnfcusb; C:\Windows\System32\DRIVERS\bcmnfcusb7.sys [44288 2014-10-15] (Broadcom Corporation -> Broadcom Corporation.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1565152 2019-12-17] (Intel Corporation -> Motorola Solutions, Inc.)
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2020-03-17] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2020-03-17] (DEV47 APPS -> Dev47Apps)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2014-05-14] (O2Micro -> BayHubTech/O2Micro)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2020-10-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [22128 2011-07-16] (STMicroelectronics -> ST Microelectronics)
R3 swg3kmbb05; C:\Windows\System32\DRIVERS\swg3kmbb05.sys [574032 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
S3 swg3knmea05; C:\Windows\System32\DRIVERS\swg3knmea05.sys [275216 2014-12-29] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swg3kser05; C:\Windows\System32\DRIVERS\swg3kser05.sys [287824 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
S3 SWUMX20; pas de ImagePath
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [17632 2014-10-15] (Broadcom Corp -> )
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-22 13:21 - 2022-05-22 13:22 - 000029284 _____ C:\Users\jak\Desktop\FRST.txt
2022-05-22 13:13 - 2022-05-22 13:22 - 000000000 ____D C:\FRST
2022-05-22 13:11 - 2022-05-22 13:11 - 002366464 _____ (Farbar) C:\Users\jak\Desktop\FRST64.exe
2022-05-22 13:04 - 2022-05-22 13:04 - 000001018 _____ C:\Users\jak\Desktop\MuseScore 3.lnk
2022-05-22 13:04 - 2022-05-22 13:04 - 000000000 ____D C:\Users\jak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2022-05-21 21:11 - 2022-05-21 21:11 - 000000000 ___HD C:\$Windows.~WS
2022-05-21 19:09 - 2022-05-21 19:09 - 000000000 ____D C:\$WINDOWS.~BT
2022-05-21 16:50 - 2022-05-21 16:55 - 000000000 ____D C:\ProgramData\PC Cleaner
2022-05-21 16:49 - 2022-05-21 16:49 - 006851152 _____ (PC Helpsoft ) C:\Users\jak\Downloads\PC_Cleaner.exe
2022-05-20 20:25 - 2022-05-20 20:29 - 000000000 ____D C:\Users\jak\Downloads\documents téléchargés
2022-05-20 19:01 - 2022-05-20 19:01 - 000000673 _____ C:\RstHosts.txt
2022-05-20 18:26 - 2022-05-20 18:26 - 000000000 ____D C:\Users\jak\AppData\Local\ZHP
2022-05-20 18:11 - 2022-05-20 18:15 - 000000000 ____D C:\AdwCleaner
2022-05-20 17:14 - 2022-05-20 17:14 - 000000000 ____D C:\Users\jak\AppData\Roaming\2BrightSparks
2022-05-20 17:14 - 2022-05-20 17:14 - 000000000 ____D C:\Users\jak\AppData\Local\2BrightSparks
2022-05-20 17:13 - 2022-05-20 17:13 - 000001223 _____ C:\Users\jak\Desktop\SyncBackFree.lnk
2022-05-20 17:13 - 2022-05-20 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks
2022-05-20 17:13 - 2022-05-20 17:13 - 000000000 ____D C:\Program Files (x86)\2BrightSparks
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-22 13:04 - 2020-06-17 16:56 - 000000000 ____D C:\Users\jak\AppData\Roaming\MuseScore
2022-05-22 13:04 - 2020-06-17 16:54 - 000000000 ____D C:\Program Files\MuseScore 3
2022-05-22 12:59 - 2016-06-02 12:56 - 000000000 ____D C:\Users\jak
2022-05-22 12:49 - 2009-07-14 06:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-05-22 12:49 - 2009-07-14 06:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-05-22 12:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2022-05-22 12:44 - 2016-07-15 10:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-22 12:39 - 2011-03-01 07:24 - 000737302 _____ C:\Windows\system32\perfh010.dat
2022-05-22 12:39 - 2011-03-01 07:24 - 000148588 _____ C:\Windows\system32\perfc010.dat
2022-05-22 12:39 - 2011-03-01 06:56 - 000694464 _____ C:\Windows\system32\perfh007.dat
2022-05-22 12:39 - 2011-03-01 06:56 - 000150858 _____ C:\Windows\system32\perfc007.dat
2022-05-22 12:39 - 2011-03-01 06:30 - 000740754 _____ C:\Windows\system32\perfh013.dat
2022-05-22 12:39 - 2011-03-01 06:30 - 000154844 _____ C:\Windows\system32\perfc013.dat
2022-05-22 12:39 - 2011-03-01 06:01 - 000752866 _____ C:\Windows\system32\perfh00C.dat
2022-05-22 12:39 - 2011-03-01 06:01 - 000152074 _____ C:\Windows\system32\perfc00C.dat
2022-05-22 12:39 - 2009-07-14 07:13 - 004299304 _____ C:\Windows\system32\PerfStringBackup.INI
2022-05-22 12:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-05-22 12:38 - 2016-06-02 11:58 - 000050014 _____ C:\IFRToolLog.txt
2022-05-22 12:33 - 2018-04-30 18:39 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2022-05-22 12:33 - 2016-06-02 13:00 - 000000000 __SHD C:\Users\jak\IntelGraphicsProfiles
2022-05-22 12:33 - 2016-06-02 10:53 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-05-22 12:32 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-05-21 21:11 - 2011-02-10 16:25 - 000000000 ____D C:\Windows\panther
2022-05-21 21:03 - 2009-07-14 06:45 - 000319640 _____ C:\Windows\system32\FNTCACHE.DAT
2022-05-21 20:49 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-05-21 20:22 - 2015-03-31 03:37 - 000000000 ____D C:\Program Files\Intel
2022-05-21 20:21 - 2017-09-09 19:40 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2022-05-21 19:21 - 2016-09-17 18:02 - 000000000 ____D C:\Program Files (x86)\Avira
2022-05-21 18:54 - 2016-09-17 18:02 - 000000000 ____D C:\ProgramData\Avira
2022-05-21 18:53 - 2016-06-13 16:58 - 000000000 ____D C:\Users\jak\AppData\Local\CrashDumps
2022-05-20 21:29 - 2020-11-22 17:18 - 000000000 ____D C:\Users\jak\AppData\Local\WhatsApp
2022-05-20 21:29 - 2020-06-27 13:38 - 000000000 ____D C:\Users\jak\AppData\Roaming\WhatsApp
2022-05-20 18:47 - 2021-04-22 09:53 - 000000000 ____D C:\Users\jak\AppData\Roaming\ZHP
2022-05-20 18:15 - 2016-06-02 12:08 - 000000000 ____D C:\Users\josy\AppData\Local\Dell
2022-05-20 18:15 - 2015-03-31 01:45 - 000000000 ____D C:\ProgramData\Dell
2022-05-20 18:15 - 2015-03-31 01:45 - 000000000 ____D C:\Program Files\Dell
2022-05-20 15:56 - 2020-06-29 14:42 - 000000980 _____ C:\Users\Public\Desktop\Remote Mouse.lnk
2022-05-20 15:56 - 2020-06-29 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2022-05-20 15:56 - 2020-06-29 14:42 - 000000000 ____D C:\Program Files (x86)\Remote Mouse
2022-05-16 14:54 - 2015-03-31 02:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-05-13 17:12 - 2022-04-11 18:28 - 000004040 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1607421590
2022-05-12 00:20 - 2016-09-17 16:02 - 000000000 ____D C:\Windows\system32\MRT
2022-05-12 00:13 - 2016-09-17 16:02 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-05-02 18:23 - 2021-10-24 10:56 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-02 18:23 - 2021-10-24 10:56 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-04-23 19:00 - 2021-04-23 19:00 - 000000093 _____ () C:\Users\jak\AppData\Roaming\ARCompanion.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-05-13 17:24
==================== Fin de FRST.txt ========================
Exécuté par jak (administrateur) sur JOSY-PC (Dell Inc. Latitude E5250) (22-05-2022 13:21:42)
Exécuté depuis C:\Users\jak\Desktop
Profils chargés: jak
Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (remotemouse.net) [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (RemoteMouse.net) [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Users\jak\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\86.0.4363.59\opera_crashreporter.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) [Fichier non signé] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel Corporation - Client Components Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\opera.exe <18>
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [729432 2014-12-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [606296 2014-10-03] (Waves Inc -> Waves Audio Ltd.) [Fichier non signé]
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4876496 2014-10-29] (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-11-04] (Intel Corporation - Client Components Group -> Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2432512 2022-05-16] (remotemouse.net) [Fichier non signé]
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [Opera Browser Assistant] => C:\Users\jak\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4124416 2022-05-17] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [] => [X]
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {18da1820-d832-11e7-9c90-605718ce5f85} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {18da182c-d832-11e7-9c90-605718ce5f85} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {eb998086-b673-11e8-be79-605718ce5f85} - D:\HiSuiteDownLoader.exe
HKLM\...\Windows x64\Print Processors\hpcpp145: C:\Windows\System32\spool\prtprocs\x64\hpcpp145.dll [580608 2013-02-01] (Hewlett-Packard Corporation) [Fichier non signé]
HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1006080 2012-08-09] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\Windows\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\jak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-11-01]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {04E49B92-86BF-4E46-A1BC-2458B3340101} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {19261714-5EE4-4F99-B17F-34D6EB069ADF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> )
Task: {1BA2D082-CC96-4240-9A6B-0A054A8168C7} - System32\Tasks\{3C31785E-744E-4B2A-9279-176D42AD2A7D} => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software)
Task: {3A910F9E-8AF7-493D-8428-AB0966D8DCB9} - \Opera scheduled assistant Autoupdate 1607421606 -> Pas de fichier <==== ATTENTION
Task: {4637B59B-75AA-475D-B3EE-3EE292A3E097} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-07-15] (Google Inc -> Google Inc.)
Task: {4725EDFA-52F5-4330-9185-8D972DA50B31} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> )
Task: {4CAA0975-554D-41F5-A194-8404A561A2D6} - System32\Tasks\{DC39796C-068E-408A-8AD9-8E73FD1C9E03} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier)
Task: {4E263677-E46C-41FB-B233-6CF7094874A3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {541B61E1-3786-43A8-8E09-1C908AAFC9FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-07-15] (Google Inc -> Google Inc.)
Task: {5C5B4CF3-38AA-4DF4-BA9A-36A3272F0654} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {9B78FFBC-C746-474B-9194-33F8441925AF} - System32\Tasks\Opera scheduled Autoupdate 1607421590 => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software)
Task: {A93CBD67-DDEF-48C5-B006-B77CE2CC413F} - System32\Tasks\{77C518AC-9425-41EB-A93B-C0B3B14AF029} => C:\Windows\system32\pcalua.exe -a C:\Users\jak\Desktop\windows-live-essential_16-4-3552.exe -d C:\Users\jak\Desktop
Task: {B3AC371D-71B7-4D2B-9CF3-295E5739A076} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C257E494-3582-4DCD-B375-B75876C6D94C} - System32\Tasks\{56682A7C-E5C0-48E0-9A21-BFA927A63E37} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier)
Task: {D344EF38-9126-4B78-8D5A-5B2432E0E28D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D554632C-B2FF-4B92-A1E2-EFE8AC50A9F6} - System32\Tasks\{77053123-921C-4B9C-8B6C-96DC84304368} => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software)
Task: {D5CB5161-FCC9-4D36-BC2B-815D65DD5865} - System32\Tasks\{8E5308B9-18C2-44D6-8884-537789238A29} => C:\Windows\system32\pcalua.exe -a C:\Users\jak\Desktop\Windows_movie-maker_12_fr.exe -d C:\Users\jak\Desktop
Task: {E25BFEC9-0449-4673-A1F7-0B548B35470C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117136 2022-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0A8EEE7-DD1F-4618-A340-D3122D0AF730} - System32\Tasks\{28E07DBE-2F81-4C2E-8862-378BB6F091D0} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier)
Task: {FC7739BC-E93F-4E5B-8591-357BCB2379E6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117136 2022-05-16] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{06D41FB9-36CF-4216-A0D0-E9FEDC23F4B1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{1E652BEB-B01A-4083-8BEA-39BE8F63385D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E8E22FA-C9FA-4153-80D1-172EC758A384}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{41EE62A1-8876-49E2-85C0-DA1AEBCCB2A1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6BBF1219-976D-4D75-B03E-38DD13714A36}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default [2022-05-22]
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://www.facebook.com; hxxps://www.tomsguide.fr
CHR NewTab: Default -> Not-active:"chrome-extension://fmgfhejnhlniacgkjnmakangponnkggd/ntp1.html"
CHR Extension: (Bookmarks Menu) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2022-05-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-21]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-22]
CHR Extension: (Commentez et Envoyez vos Captures d'écran) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2022-05-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-21]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2022-05-22]
CHR Profile: C:\Users\jak\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-23]
Opera:
=======
OPR Profile: C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable [2022-05-22]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-20]
OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2022-05-20]
OPR Extension: (Opera Crypto Wallet) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-05-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-18]
OPR Extension: (Avira Password Manager) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2022-05-13]
OPR Extension: (Avira Phantom VPN gratuit – débloquez des sites) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-12-08]
Brave:
=======
BRA Profile: C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-04-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-10-29]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-10-29]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-10-29]
BRA Extension: (Brave NTP sponsored images) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2020-10-29]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-10-29]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-11-07] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139024 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\SysWOW64\dllhost.exe /Processid:{82F7B1FB-80D1-457A-B98E-462BEFDD1701} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> )
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [Fichier non signé]
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [Fichier non signé]
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2022-05-16] () [Fichier non signé]
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SWIService.exe [1626600 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-03-31] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\jak\AppData\Roaming\Zoom"
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 BCMNFCSCR; C:\Windows\System32\DRIVERS\bcmnfcscr7.sys [41728 2014-10-15] (Broadcom Corporation -> Broadcom Corporation.)
R3 bcmnfcusb; C:\Windows\System32\DRIVERS\bcmnfcusb7.sys [44288 2014-10-15] (Broadcom Corporation -> Broadcom Corporation.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1565152 2019-12-17] (Intel Corporation -> Motorola Solutions, Inc.)
R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2020-03-17] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2020-03-17] (DEV47 APPS -> Dev47Apps)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2014-05-14] (O2Micro -> BayHubTech/O2Micro)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2020-10-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [22128 2011-07-16] (STMicroelectronics -> ST Microelectronics)
R3 swg3kmbb05; C:\Windows\System32\DRIVERS\swg3kmbb05.sys [574032 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
S3 swg3knmea05; C:\Windows\System32\DRIVERS\swg3knmea05.sys [275216 2014-12-29] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swg3kser05; C:\Windows\System32\DRIVERS\swg3kser05.sys [287824 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless Incorporated)
S3 SWUMX20; pas de ImagePath
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [17632 2014-10-15] (Broadcom Corp -> )
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 btmaux; system32\DRIVERS\btmaux.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-22 13:21 - 2022-05-22 13:22 - 000029284 _____ C:\Users\jak\Desktop\FRST.txt
2022-05-22 13:13 - 2022-05-22 13:22 - 000000000 ____D C:\FRST
2022-05-22 13:11 - 2022-05-22 13:11 - 002366464 _____ (Farbar) C:\Users\jak\Desktop\FRST64.exe
2022-05-22 13:04 - 2022-05-22 13:04 - 000001018 _____ C:\Users\jak\Desktop\MuseScore 3.lnk
2022-05-22 13:04 - 2022-05-22 13:04 - 000000000 ____D C:\Users\jak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2022-05-21 21:11 - 2022-05-21 21:11 - 000000000 ___HD C:\$Windows.~WS
2022-05-21 19:09 - 2022-05-21 19:09 - 000000000 ____D C:\$WINDOWS.~BT
2022-05-21 16:50 - 2022-05-21 16:55 - 000000000 ____D C:\ProgramData\PC Cleaner
2022-05-21 16:49 - 2022-05-21 16:49 - 006851152 _____ (PC Helpsoft ) C:\Users\jak\Downloads\PC_Cleaner.exe
2022-05-20 20:25 - 2022-05-20 20:29 - 000000000 ____D C:\Users\jak\Downloads\documents téléchargés
2022-05-20 19:01 - 2022-05-20 19:01 - 000000673 _____ C:\RstHosts.txt
2022-05-20 18:26 - 2022-05-20 18:26 - 000000000 ____D C:\Users\jak\AppData\Local\ZHP
2022-05-20 18:11 - 2022-05-20 18:15 - 000000000 ____D C:\AdwCleaner
2022-05-20 17:14 - 2022-05-20 17:14 - 000000000 ____D C:\Users\jak\AppData\Roaming\2BrightSparks
2022-05-20 17:14 - 2022-05-20 17:14 - 000000000 ____D C:\Users\jak\AppData\Local\2BrightSparks
2022-05-20 17:13 - 2022-05-20 17:13 - 000001223 _____ C:\Users\jak\Desktop\SyncBackFree.lnk
2022-05-20 17:13 - 2022-05-20 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks
2022-05-20 17:13 - 2022-05-20 17:13 - 000000000 ____D C:\Program Files (x86)\2BrightSparks
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-05-22 13:04 - 2020-06-17 16:56 - 000000000 ____D C:\Users\jak\AppData\Roaming\MuseScore
2022-05-22 13:04 - 2020-06-17 16:54 - 000000000 ____D C:\Program Files\MuseScore 3
2022-05-22 12:59 - 2016-06-02 12:56 - 000000000 ____D C:\Users\jak
2022-05-22 12:49 - 2009-07-14 06:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-05-22 12:49 - 2009-07-14 06:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-05-22 12:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2022-05-22 12:44 - 2016-07-15 10:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-05-22 12:39 - 2011-03-01 07:24 - 000737302 _____ C:\Windows\system32\perfh010.dat
2022-05-22 12:39 - 2011-03-01 07:24 - 000148588 _____ C:\Windows\system32\perfc010.dat
2022-05-22 12:39 - 2011-03-01 06:56 - 000694464 _____ C:\Windows\system32\perfh007.dat
2022-05-22 12:39 - 2011-03-01 06:56 - 000150858 _____ C:\Windows\system32\perfc007.dat
2022-05-22 12:39 - 2011-03-01 06:30 - 000740754 _____ C:\Windows\system32\perfh013.dat
2022-05-22 12:39 - 2011-03-01 06:30 - 000154844 _____ C:\Windows\system32\perfc013.dat
2022-05-22 12:39 - 2011-03-01 06:01 - 000752866 _____ C:\Windows\system32\perfh00C.dat
2022-05-22 12:39 - 2011-03-01 06:01 - 000152074 _____ C:\Windows\system32\perfc00C.dat
2022-05-22 12:39 - 2009-07-14 07:13 - 004299304 _____ C:\Windows\system32\PerfStringBackup.INI
2022-05-22 12:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-05-22 12:38 - 2016-06-02 11:58 - 000050014 _____ C:\IFRToolLog.txt
2022-05-22 12:33 - 2018-04-30 18:39 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2022-05-22 12:33 - 2016-06-02 13:00 - 000000000 __SHD C:\Users\jak\IntelGraphicsProfiles
2022-05-22 12:33 - 2016-06-02 10:53 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-05-22 12:32 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-05-21 21:11 - 2011-02-10 16:25 - 000000000 ____D C:\Windows\panther
2022-05-21 21:03 - 2009-07-14 06:45 - 000319640 _____ C:\Windows\system32\FNTCACHE.DAT
2022-05-21 20:49 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-05-21 20:22 - 2015-03-31 03:37 - 000000000 ____D C:\Program Files\Intel
2022-05-21 20:21 - 2017-09-09 19:40 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2022-05-21 19:21 - 2016-09-17 18:02 - 000000000 ____D C:\Program Files (x86)\Avira
2022-05-21 18:54 - 2016-09-17 18:02 - 000000000 ____D C:\ProgramData\Avira
2022-05-21 18:53 - 2016-06-13 16:58 - 000000000 ____D C:\Users\jak\AppData\Local\CrashDumps
2022-05-20 21:29 - 2020-11-22 17:18 - 000000000 ____D C:\Users\jak\AppData\Local\WhatsApp
2022-05-20 21:29 - 2020-06-27 13:38 - 000000000 ____D C:\Users\jak\AppData\Roaming\WhatsApp
2022-05-20 18:47 - 2021-04-22 09:53 - 000000000 ____D C:\Users\jak\AppData\Roaming\ZHP
2022-05-20 18:15 - 2016-06-02 12:08 - 000000000 ____D C:\Users\josy\AppData\Local\Dell
2022-05-20 18:15 - 2015-03-31 01:45 - 000000000 ____D C:\ProgramData\Dell
2022-05-20 18:15 - 2015-03-31 01:45 - 000000000 ____D C:\Program Files\Dell
2022-05-20 15:56 - 2020-06-29 14:42 - 000000980 _____ C:\Users\Public\Desktop\Remote Mouse.lnk
2022-05-20 15:56 - 2020-06-29 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2022-05-20 15:56 - 2020-06-29 14:42 - 000000000 ____D C:\Program Files (x86)\Remote Mouse
2022-05-16 14:54 - 2015-03-31 02:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-05-13 17:12 - 2022-04-11 18:28 - 000004040 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1607421590
2022-05-12 00:20 - 2016-09-17 16:02 - 000000000 ____D C:\Windows\system32\MRT
2022-05-12 00:13 - 2016-09-17 16:02 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-05-02 18:23 - 2021-10-24 10:56 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-05-02 18:23 - 2021-10-24 10:56 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-04-23 19:00 - 2021-04-23 19:00 - 000000093 _____ () C:\Users\jak\AppData\Roaming\ARCompanion.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-05-13 17:24
==================== Fin de FRST.txt ========================