Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2022 01 Exécuté par eric (administrateur) sur ERIC_PC (Hewlett-Packard Compaq Presario CQ71 Notebook PC) (21-02-2022 18:07:50) Exécuté depuis C:\Users\eric\Desktop Profils chargés: eric Plate-forme: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (explorer.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (services.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (services.exe ->) (Hewlett-Packard) [Fichier non signé] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\stacsv64.exe (svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [456192 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-107939278-742368977-3345852996-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company) [Fichier non signé] HKU\S-1-5-21-107939278-742368977-3345852996-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2872320 2010-11-20] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-22] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\Windows\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\Windows\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-31] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2009-08-20] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level Startup: C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3050 J610 series.lnk [2013-06-09] Startup: C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk [2015-11-11] ShortcutTarget: OneNote 2007 - Capture d'écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0FA9A20A-6263-4DCB-9D1B-FB0926C9D9F9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {1A8EFE8D-D10B-4C60-B5AE-D417155F2BB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-28] (Google Inc -> Google Inc.) Task: {352B7766-F598-4E88-98C9-50AA446C8E72} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {3AAF6A07-A999-48EA-8D74-7370091F4053} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2009-10-07] (Hewlett-Packard Company -> ) Task: {3D89001E-C5A3-4600-8E3A-253CEFB96DCB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {5EDB7200-A3A9-4956-BEF4-D69D216692E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) Task: {64AEB785-5166-4BFB-8833-7734C2FCB1BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {991C69EE-E9B5-4EF5-8236-41C44EB19E9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-28] (Google Inc -> Google Inc.) Task: {9BBC9019-1FC7-4BA7-8FC7-D3D267F4FF71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier) Task: {A2B676F4-9E62-4603-8835-DB5EB403A743} - System32\Tasks\{FF189BE4-83A6-4CA4-AA44-6CC4009114E8} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/fr/abandoninstall?page=tsWLM Task: {A7DF08F7-A337-4E8D-ADCC-7295154C5A9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [37176 2019-01-23] (Hewlett-Packard Company -> Microsoft) Task: {AD350BDB-8353-436C-A1BF-F15CC1F0D151} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe) Task: {B1162BFB-9455-47F8-9B1C-E8DA13740DEE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-22] (Avast Software s.r.o. -> Avast Software) Task: {BF8C760A-A089-4940-9503-69EF17F6F891} - System32\Tasks\{042D82FB-F7AA-4027-89C9-35382B8D9011} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/fr/abandoninstall?page=tsWLM Task: {F1B75191-0F3C-44C4-BA90-66EC53BCCE47} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1367816 2009-09-24] (Hewlett-Packard -> Hewlett-Packard) Task: {F8068DE7-0C5A-401D-BF9D-E1F8D53A542F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [12344 2018-07-03] (Hewlett-Packard Company -> Microsoft) Task: {F8297C2C-CC8C-405F-B1E7-BE7F2BEDF894} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1367816 2009-09-24] (Hewlett-Packard -> Hewlett-Packard) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{FED2843B-422E-4859-A2E8-0CD3DD430009}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF DefaultProfile: 6l8qzgsu.default-1608479401285 FF ProfilePath: C:\Users\eric\AppData\Roaming\Mozilla\Firefox\Profiles\6l8qzgsu.default-1608479401285 [2022-02-21] FF Homepage: Mozilla\Firefox\Profiles\6l8qzgsu.default-1608479401285 -> hxxps://www.google.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.) [Fichier non signé] FF Plugin-x32: @agconcept/oskab3dcuisine -> C:\Program Files (x86)\OSKAB\Cuisine\\Oskab3D.Cuisine.NP.dll [Pas de fichier] FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_38 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-12-26] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-12-26] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-107939278-742368977-3345852996-1001: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\eric\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll [2015-04-16] (3DVIA SAS -> SquareClock SAS) [Fichier non signé] Chrome: ======= CHR Profile: C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default [2022-02-20] CHR Notifications: Default -> hxxps://mail.google.com; hxxps://promos.mcafee.com; hxxps://sora1.personal-video.live; hxxps://toisey.com; hxxps://www.alibaba.com; hxxps://www.bons-plans-astuces.com; hxxps://www.facebook.com; hxxps://www.floryday.com; hxxps://www.laredoute.fr; hxxps://www.lightinthebox.com; hxxps://www.marmiton.org; hxxps://www.plages.tv; hxxps://www.promocatalogues.fr; hxxps://www.toupargel.fr; hxxps://www.youtube.com CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR NewTab: Default -> Not-active:"chrome-extension://ffkkhnmhakkikpkabfmoejhlohnceknd/newtabproduct.html", Not-active:"chrome-extension://feogidoaffagmakabgaanfljlolgobdi/productnewtab.html" CHR Extension: (Slides) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-25] CHR Extension: (Docs) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25] CHR Extension: (Google Drive) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26] CHR Extension: (YouTube) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-28] CHR Extension: (WL advertising) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpcomjhopbgnhmkmlhopeblobdlefokm [2020-12-07] CHR Extension: (Recherche Google) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28] CHR Extension: (Protect AD) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjipeidelbcikioiealmcbjgbddnfl [2020-01-04] CHR Extension: (Quotient Retraite - Offres shopping) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\djogenmojhickodfnjmejabdjbicfgmn [2017-12-31] CHR Extension: (Cast with MkChromecast) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\edeepcccaejnnodlpmcoackkdgaijakg [2018-10-21] CHR Extension: (Ask Web Search) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed [2020-08-18] CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-01-04] CHR Extension: (Sheets) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-25] CHR Extension: (ProductivityBoss) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\feogidoaffagmakabgaanfljlolgobdi [2020-06-11] CHR Extension: (File Send Suite (BETA)) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkkhnmhakkikpkabfmoejhlohnceknd [2021-04-28] CHR Extension: (Google Docs hors connexion) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-04] CHR Extension: (Avast Online Security & Privacy) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-01-17] CHR Extension: (Stop for ADS) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\heioibjdfpgbpjpeolpjabbfojcnibfb [2020-09-12] CHR Extension: (Ask Web Search) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp [2020-08-28] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Gmail) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26] CHR Profile: C:\Users\eric\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-14] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [89600 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) R2 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation) R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Software AS -> EasyBits Sofware AS) [Fichier non signé] R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [Fichier non signé] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [Fichier non signé] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] (CyberLink -> ) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe [240640 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1484800 2009-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) S3 MpKsl6aadc71a; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D5EEF3AD-C8AC-4655-BAF8-0D1B1394E760}\MpKslDrv.sys [49424 2022-02-21] (Microsoft Windows -> Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [487936 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 ALSysIO; \??\C:\Users\eric\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-02-21 18:07 - 2022-02-21 18:11 - 000023872 _____ C:\Users\eric\Desktop\FRST.txt 2022-02-21 17:48 - 2022-02-21 17:49 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2022-02-21 17:48 - 2022-02-21 17:48 - 000001747 _____ C:\Users\eric\Desktop\CrystalDiskInfo.lnk 2022-02-21 17:48 - 2022-02-21 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2022-02-21 17:43 - 2022-02-21 17:43 - 004628000 _____ (Crystal Dew World ) C:\Users\eric\Downloads\CrystalDiskInfo8_15_2.exe 2022-02-21 17:18 - 2022-02-21 17:19 - 000000000 ____D C:\Program Files\Core Temp 2022-02-21 17:18 - 2022-02-21 17:18 - 000000908 _____ C:\Users\eric\Desktop\Core Temp.lnk 2022-02-21 17:18 - 2022-02-21 17:18 - 000000165 _____ C:\Users\eric\Desktop\Goodgame Empire.url 2022-02-21 17:18 - 2022-02-21 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp 2022-02-21 17:14 - 2022-02-21 17:14 - 001279688 _____ (ALCPU ) C:\Users\eric\Downloads\Core-Temp-setup.exe 2022-02-21 17:09 - 2022-02-21 17:28 - 000031004 _____ C:\Users\eric\Downloads\Addition.txt 2022-02-21 16:23 - 2022-02-21 17:38 - 000025411 _____ C:\Users\eric\Downloads\FRST.txt 2022-02-21 16:21 - 2022-02-21 18:09 - 000000000 ____D C:\FRST 2022-02-21 16:19 - 2022-02-21 16:20 - 002312192 _____ (Farbar) C:\Users\eric\Desktop\FRST64.exe 2022-02-21 16:06 - 2022-02-21 16:09 - 012574144 _____ (AVAST Software) C:\Users\eric\Downloads\avastclear.exe 2022-02-21 15:55 - 2022-02-21 18:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-02-21 15:54 - 2022-02-21 15:56 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-02-20 18:49 - 2022-02-21 18:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-02-20 17:29 - 2022-02-20 17:29 - 000126488 _____ C:\Windows\ntbtlog.txt ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-02-21 18:07 - 2016-11-17 11:49 - 000000000 ____D C:\Users\eric\AppData\LocalLow\Mozilla 2022-02-21 18:05 - 2012-12-26 16:26 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-21 18:03 - 2013-07-29 18:23 - 000000505 _____ C:\ProgramData\HPWALog.txt 2022-02-21 18:02 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-02-21 18:01 - 2018-04-12 07:25 - 000000000 ____D C:\Users\eric\AppData\Local\AVAST Software 2022-02-21 18:01 - 2014-03-23 17:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-02-21 18:01 - 2012-12-26 16:25 - 000000000 ____D C:\ProgramData\AVAST Software 2022-02-21 17:10 - 2015-11-28 06:24 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-02-21 17:10 - 2015-11-28 06:24 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-02-21 16:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2022-02-21 16:02 - 2009-07-14 05:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-02-21 16:02 - 2009-07-14 05:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-02-21 15:55 - 2014-03-23 17:02 - 000000000 ____D C:\ProgramData\Mozilla 2022-02-20 18:07 - 2012-12-26 15:51 - 000083760 _____ C:\Users\eric\AppData\Local\GDIPFONTCACHEV1.DAT 2022-02-20 17:55 - 2009-07-14 05:45 - 000349768 _____ C:\Windows\system32\FNTCACHE.DAT 2022-02-20 17:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-02-20 17:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism 2022-02-20 17:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-02-20 17:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat ==================== Fichiers à la racine de certains dossiers ======== 2013-04-26 21:23 - 2013-04-27 23:34 - 000000004 _____ () C:\Users\eric\AppData\Roaming\skype.ini 2017-11-16 11:45 - 2017-11-16 11:45 - 000017530 _____ () C:\Users\eric\AppData\Roaming\UserTile.png 2012-12-26 15:53 - 2012-12-26 15:53 - 000000000 _____ () C:\Users\eric\AppData\Local\AtStart.txt 2012-12-26 15:53 - 2012-12-26 15:53 - 000000000 _____ () C:\Users\eric\AppData\Local\DSwitch.txt 2012-12-26 15:53 - 2012-12-26 15:53 - 000000000 _____ () C:\Users\eric\AppData\Local\QSwitch.txt 2015-04-16 17:40 - 2015-04-16 17:40 - 000353118 _____ () C:\Users\eric\AppData\Local\SquareClock.Production_HBMV1Icon.ico 2019-09-25 17:52 - 2019-09-25 17:52 - 000000000 _____ () C:\Users\eric\AppData\Local\{02B28B4E-0937-4341-BBB2-0AE2014C5AB2} 2016-05-08 07:10 - 2016-05-08 07:10 - 000000000 _____ () C:\Users\eric\AppData\Local\{25AD0003-6F04-4DFF-BDB3-07BBF90C0693} 2019-09-25 11:34 - 2019-09-25 11:34 - 000000000 _____ () C:\Users\eric\AppData\Local\{F487484B-FBB9-4FA5-8C8B-BEA9E4B61B68} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2021-04-12 16:46 ==================== Fin de FRST.txt ========================