Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022 Exécuté par Robert (administrateur) sur ROBERT-ACER (Acer Aspire X1430) (30-04-2022 15:30:54) Exécuté depuis C:\Users\Robert\OneDrive\Bureau Profils chargés: Robert Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1682 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2> (C:\Program Files\CyberGhost 8\Dashboard.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files\CyberGhost 8\Data\Cef\x64\CefSharp.BrowserSubprocess.exe <2> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (cmd.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe (explorer.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15> (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (services.exe ->) (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-21] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371376 2022-04-26] (CyberGhost S.R.L. -> CyberGhost S.R.L.) HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\...\Run: [MicrosoftEdgeAutoLaunch_A9F6DCE4ABADF4F51CF45CD7129E3C6C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547040 2022-04-28] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Acer.scr [456224 2010-07-29] (Acer Incorporated -> ) HKLM\...\Print\Monitors\EPSON XP-215 217 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLGE.DLL [179712 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2016-02-17] (Broadcom Corporation -> Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2022-04-10] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0249278E-A61E-422A-A48E-EE578D20A06C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {06A42C1A-5945-4356-94C4-773DF312075B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier) Task: {0D0216F3-9C0C-492C-AC73-F81012A65E1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier) Task: {18E0C6F6-0045-486D-89D1-78A68221B6ED} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier) Task: {1987D8E7-0064-4AB8-BA03-FD22B309BF21} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier) Task: {1C288A01-EDC4-4412-9200-8D3C618E4B57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier) Task: {22A50078-02BD-4B18-BB75-A08287FE683C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2DB3AEB3-1A29-4138-892A-D8F2831177B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier) Task: {3B69DAF6-1C2E-4024-B449-7630D0C6AACC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier) Task: {407F4E46-2E2D-479D-B77A-6BF98CC46F24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4C55C723-00FE-4DE9-9750-1D67843C9DEE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier) Task: {51DD3B2E-23B1-4769-83D0-6C3601CDFEB4} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Robert\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-04-08] (ESET, spol. s r.o. -> ESET) Task: {528C85AA-21CE-4574-8DF1-35B6D19B4201} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier) Task: {5B35F671-F090-4790-8870-177477B107AA} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5D07BA15-2C33-41C3-92E2-AA17E4B38151} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [816520 2011-09-05] (Acer Incorporated -> Acer) Task: {64CAB033-2757-4B6D-A710-524F34C1BA54} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier) Task: {6B0AD61A-F68D-42D2-87E7-9CC5B01C91B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6CF63865-5D18-4C6F-9690-5CFDA687127F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {7282DAEE-565F-4B4D-BC6B-41FD18A137C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {785C91B9-1ADA-4B9A-AD76-EF28BFE60F0E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier) Task: {818F95BC-7427-4F75-A04D-A0E5AF940677} - System32\Tasks\EPSON XP-215 217 Series Update {C1E869D5-6678-43DF-A941-4A82B87407D7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Task: {963019B6-B044-4B92-9104-264BB8E83BA8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier) Task: {96A9367E-170F-4C3B-A377-A58FE4F00B6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier) Task: {9AD8B5FE-8C0F-452E-A324-DC8988CBEF42} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {9C21A7A3-86A5-4FC0-A34F-389A2E782A22} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier) Task: {A6A83176-C9E8-4DD8-9FAE-C152D031AC96} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier) Task: {A891FCE6-1B9D-4523-8FA9-B5F5D2D30A98} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B4119AF8-E7DF-4BD0-BE1C-457DDA122656} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {B773F56C-3206-4B0B-A91B-1198FAF92F4A} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {B7E85E91-F02B-40AA-AAB4-D284D4DFB50A} - System32\Tasks\EPSON XP-215 217 Series Invitation {C1E869D5-6678-43DF-A941-4A82B87407D7} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Task: {B9F69C68-B9B7-4A1E-9928-307A7D2286F5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier) Task: {BABDED53-51F9-4359-8F5D-BEA9F9BC82F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CB27705F-79BF-4EEE-8BB4-2CBB39B1A03F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier) Task: {D5331609-20BC-4896-BC69-F728FC23412D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier) Task: {E4105C8F-077C-4365-9365-3568A0FD2EA8} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Pas de fichier) Task: {E97DAA29-2FFC-4A31-8A06-8AC889CAA8F9} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Robert\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-04-08] (ESET, spol. s r.o. -> ESET) Task: {EE7D9E33-8A0F-4424-A8CB-58E587BE4788} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {EFA90DE4-1EF3-4D11-875D-04335F192E2E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {F0C88F9B-C354-456D-B30C-FDAC35F7E59A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier) Task: {F496671F-BF30-49FA-996C-CC780B454C48} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Pas de fichier) Task: {F6672383-A5DA-4F3B-A87C-EA427CD7805C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier) Task: {FA9F6EFC-50F6-4B3E-A493-23D6BD5A02FE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier) Task: {FD1DB8E5-96DE-4CBC-83C6-5F7DC21E863B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {C1E869D5-6678-43DF-A941-4A82B87407D7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {C1E869D5-6678-43DF-A941-4A82B87407D7}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{C1E869D5-6678-43DF-A941-4A82B87407D7} /F:UpdateWORKGROUP\ROBERT-ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{21c72cc1-0221-4e05-af91-a9b181fe938c}: [NameServer] 208.67.220.222,208.67.220.123 Tcpip\..\Interfaces\{21c72cc1-0221-4e05-af91-a9b181fe938c}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-30] Edge Extension: (IBM Security Rapport) - C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2022-04-15] Edge Extension: (Microsoft Outlook) - C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkpalkknhlklpbflpcpkepmmbnmfailf [2022-04-22] Edge Extension: (AdGuard AdBlocker) - C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-04-23] Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]