Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2022 Exécuté par jak (administrateur) sur JOSY-PC (Dell Inc. Latitude E5250) (22-05-2022 13:21:42) Exécuté depuis C:\Users\jak\Desktop Profils chargés: jak Plate-forme: Microsoft Windows 7 Professionnel Service Pack 1 (X64) Langue: Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (remotemouse.net) [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (RemoteMouse.net) [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (C:\Users\jak\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\86.0.4363.59\opera_crashreporter.exe (C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11> (explorer.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2> (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) [Fichier non signé] C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel Corporation - Client Components Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Opera Software AS -> Opera Software) C:\Users\jak\AppData\Local\Programs\Opera\opera.exe <18> (services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe (services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (services.exe ->) (Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (services.exe ->) (Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe (services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe (svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [729432 2014-12-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [606296 2014-10-03] (Waves Inc -> Waves Audio Ltd.) [Fichier non signé] HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4876496 2014-10-29] (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-11-04] (Intel Corporation - Client Components Group -> Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare) HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2432512 2022-05-16] (remotemouse.net) [Fichier non signé] HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [Opera Browser Assistant] => C:\Users\jak\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4124416 2022-05-17] (Opera Software AS -> Opera Software) HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\Run: [] => [X] HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {18da1820-d832-11e7-9c90-605718ce5f85} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {18da182c-d832-11e7-9c90-605718ce5f85} - D:\HiSuiteDownLoader.exe HKU\S-1-5-21-1680099599-500473341-1714618867-1123\...\MountPoints2: {eb998086-b673-11e8-be79-605718ce5f85} - D:\HiSuiteDownLoader.exe HKLM\...\Windows x64\Print Processors\hpcpp145: C:\Windows\System32\spool\prtprocs\x64\hpcpp145.dll [580608 2013-02-01] (Hewlett-Packard Corporation) [Fichier non signé] HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1006080 2012-08-09] (CANON INC.) [Fichier non signé] HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Print\Monitors\HPMLM135: C:\Windows\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-20] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Startup: C:\Users\jak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-11-01] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {04E49B92-86BF-4E46-A1BC-2458B3340101} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {19261714-5EE4-4F99-B17F-34D6EB069ADF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> ) Task: {1BA2D082-CC96-4240-9A6B-0A054A8168C7} - System32\Tasks\{3C31785E-744E-4B2A-9279-176D42AD2A7D} => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software) Task: {3A910F9E-8AF7-493D-8428-AB0966D8DCB9} - \Opera scheduled assistant Autoupdate 1607421606 -> Pas de fichier <==== ATTENTION Task: {4637B59B-75AA-475D-B3EE-3EE292A3E097} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-07-15] (Google Inc -> Google Inc.) Task: {4725EDFA-52F5-4330-9185-8D972DA50B31} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> ) Task: {4CAA0975-554D-41F5-A194-8404A561A2D6} - System32\Tasks\{DC39796C-068E-408A-8AD9-8E73FD1C9E03} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier) Task: {4E263677-E46C-41FB-B233-6CF7094874A3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {541B61E1-3786-43A8-8E09-1C908AAFC9FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-07-15] (Google Inc -> Google Inc.) Task: {5C5B4CF3-38AA-4DF4-BA9A-36A3272F0654} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {9B78FFBC-C746-474B-9194-33F8441925AF} - System32\Tasks\Opera scheduled Autoupdate 1607421590 => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software) Task: {A93CBD67-DDEF-48C5-B006-B77CE2CC413F} - System32\Tasks\{77C518AC-9425-41EB-A93B-C0B3B14AF029} => C:\Windows\system32\pcalua.exe -a C:\Users\jak\Desktop\windows-live-essential_16-4-3552.exe -d C:\Users\jak\Desktop Task: {B3AC371D-71B7-4D2B-9CF3-295E5739A076} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-05] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {C257E494-3582-4DCD-B375-B75876C6D94C} - System32\Tasks\{56682A7C-E5C0-48E0-9A21-BFA927A63E37} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier) Task: {D344EF38-9126-4B78-8D5A-5B2432E0E28D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {D554632C-B2FF-4B92-A1E2-EFE8AC50A9F6} - System32\Tasks\{77053123-921C-4B9C-8B6C-96DC84304368} => C:\Users\jak\AppData\Local\Programs\Opera\launcher.exe [2433792 2022-05-10] (Opera Software AS -> Opera Software) Task: {D5CB5161-FCC9-4D36-BC2B-815D65DD5865} - System32\Tasks\{8E5308B9-18C2-44D6-8884-537789238A29} => C:\Windows\system32\pcalua.exe -a C:\Users\jak\Desktop\Windows_movie-maker_12_fr.exe -d C:\Users\jak\Desktop Task: {E25BFEC9-0449-4673-A1F7-0B548B35470C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117136 2022-05-16] (Microsoft Corporation -> Microsoft Corporation) Task: {F0A8EEE7-DD1F-4618-A340-D3122D0AF730} - System32\Tasks\{28E07DBE-2F81-4C2E-8862-378BB6F091D0} => C:\Program Files (x86)\Mouse Server\MouseServer.exe (Pas de fichier) Task: {FC7739BC-E93F-4E5B-8591-357BCB2379E6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117136 2022-05-16] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{06D41FB9-36CF-4216-A0D0-E9FEDC23F4B1}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{1E652BEB-B01A-4083-8BEA-39BE8F63385D}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2E8E22FA-C9FA-4153-80D1-172EC758A384}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{41EE62A1-8876-49E2-85C0-DA1AEBCCB2A1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6BBF1219-976D-4D75-B03E-38DD13714A36}: [DhcpNameServer] 192.168.42.129 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default [2022-05-22] CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://www.facebook.com; hxxps://www.tomsguide.fr CHR NewTab: Default -> Not-active:"chrome-extension://fmgfhejnhlniacgkjnmakangponnkggd/ntp1.html" CHR Extension: (Bookmarks Menu) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2022-05-22] CHR Extension: (Google Docs hors connexion) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-21] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-22] CHR Extension: (Commentez et Envoyez vos Captures d'écran) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2022-05-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-21] CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\jak\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2022-05-22] CHR Profile: C:\Users\jak\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-23] Opera: ======= OPR Profile: C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable [2022-05-22] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-20] OPR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2022-05-20] OPR Extension: (Opera Crypto Wallet) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-05-20] OPR Extension: (Amazon Assistant Promotion) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-18] OPR Extension: (Avira Password Manager) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2022-05-13] OPR Extension: (Avira Phantom VPN gratuit – débloquez des sites) - C:\Users\jak\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-12-08] Brave: ======= BRA Profile: C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-04-23] BRA Extension: (Brave Local Data Files Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-10-29] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-10-29] BRA Extension: (Brave SpeedReader Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-10-29] BRA Extension: (Brave NTP sponsored images) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2020-10-29] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\jak\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-10-29] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-11-07] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139024 2022-05-03] (Microsoft Corporation -> Microsoft Corporation) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) S3 Dell.CommandPowerManager.Service; C:\Windows\SysWOW64\dllhost.exe /Processid:{82F7B1FB-80D1-457A-B98E-462BEFDD1701} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] (Intel® Services Manager -> ) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [Fichier non signé] R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [Fichier non signé] R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2022-05-16] () [Fichier non signé] R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SWIService.exe [1626600 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-03-31] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\jak\AppData\Roaming\Zoom" ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 BCMNFCSCR; C:\Windows\System32\DRIVERS\bcmnfcscr7.sys [41728 2014-10-15] (Broadcom Corporation -> Broadcom Corporation.) R3 bcmnfcusb; C:\Windows\System32\DRIVERS\bcmnfcusb7.sys [44288 2014-10-15] (Broadcom Corporation -> Broadcom Corporation.) S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1565152 2019-12-17] (Intel Corporation -> Motorola Solutions, Inc.) R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2020-03-17] (DEV47 APPS -> Dev47Apps) R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2020-03-17] (DEV47 APPS -> Dev47Apps) S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2014-05-14] (O2Micro -> BayHubTech/O2Micro) S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [39448 2020-10-07] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [22128 2011-07-16] (STMicroelectronics -> ST Microelectronics) R3 swg3kmbb05; C:\Windows\System32\DRIVERS\swg3kmbb05.sys [574032 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless Incorporated) S3 swg3knmea05; C:\Windows\System32\DRIVERS\swg3knmea05.sys [275216 2014-12-29] (Sierra Wireless -> Sierra Wireless Incorporated) R3 swg3kser05; C:\Windows\System32\DRIVERS\swg3kser05.sys [287824 2017-08-30] (Sierra Wireless, Inc -> Sierra Wireless Incorporated) S3 SWUMX20; pas de ImagePath R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider) R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [17632 2014-10-15] (Broadcom Corp -> ) S3 btmaudio; system32\drivers\btmaud.sys [X] S3 btmaux; system32\DRIVERS\btmaux.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-22 13:21 - 2022-05-22 13:22 - 000029284 _____ C:\Users\jak\Desktop\FRST.txt 2022-05-22 13:13 - 2022-05-22 13:22 - 000000000 ____D C:\FRST 2022-05-22 13:11 - 2022-05-22 13:11 - 002366464 _____ (Farbar) C:\Users\jak\Desktop\FRST64.exe 2022-05-22 13:04 - 2022-05-22 13:04 - 000001018 _____ C:\Users\jak\Desktop\MuseScore 3.lnk 2022-05-22 13:04 - 2022-05-22 13:04 - 000000000 ____D C:\Users\jak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3 2022-05-21 21:11 - 2022-05-21 21:11 - 000000000 ___HD C:\$Windows.~WS 2022-05-21 19:09 - 2022-05-21 19:09 - 000000000 ____D C:\$WINDOWS.~BT 2022-05-21 16:50 - 2022-05-21 16:55 - 000000000 ____D C:\ProgramData\PC Cleaner 2022-05-21 16:49 - 2022-05-21 16:49 - 006851152 _____ (PC Helpsoft ) C:\Users\jak\Downloads\PC_Cleaner.exe 2022-05-20 20:25 - 2022-05-20 20:29 - 000000000 ____D C:\Users\jak\Downloads\documents téléchargés 2022-05-20 19:01 - 2022-05-20 19:01 - 000000673 _____ C:\RstHosts.txt 2022-05-20 18:26 - 2022-05-20 18:26 - 000000000 ____D C:\Users\jak\AppData\Local\ZHP 2022-05-20 18:11 - 2022-05-20 18:15 - 000000000 ____D C:\AdwCleaner 2022-05-20 17:14 - 2022-05-20 17:14 - 000000000 ____D C:\Users\jak\AppData\Roaming\2BrightSparks 2022-05-20 17:14 - 2022-05-20 17:14 - 000000000 ____D C:\Users\jak\AppData\Local\2BrightSparks 2022-05-20 17:13 - 2022-05-20 17:13 - 000001223 _____ C:\Users\jak\Desktop\SyncBackFree.lnk 2022-05-20 17:13 - 2022-05-20 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks 2022-05-20 17:13 - 2022-05-20 17:13 - 000000000 ____D C:\Program Files (x86)\2BrightSparks ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-05-22 13:04 - 2020-06-17 16:56 - 000000000 ____D C:\Users\jak\AppData\Roaming\MuseScore 2022-05-22 13:04 - 2020-06-17 16:54 - 000000000 ____D C:\Program Files\MuseScore 3 2022-05-22 12:59 - 2016-06-02 12:56 - 000000000 ____D C:\Users\jak 2022-05-22 12:49 - 2009-07-14 06:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-05-22 12:49 - 2009-07-14 06:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-05-22 12:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2022-05-22 12:44 - 2016-07-15 10:00 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-22 12:39 - 2011-03-01 07:24 - 000737302 _____ C:\Windows\system32\perfh010.dat 2022-05-22 12:39 - 2011-03-01 07:24 - 000148588 _____ C:\Windows\system32\perfc010.dat 2022-05-22 12:39 - 2011-03-01 06:56 - 000694464 _____ C:\Windows\system32\perfh007.dat 2022-05-22 12:39 - 2011-03-01 06:56 - 000150858 _____ C:\Windows\system32\perfc007.dat 2022-05-22 12:39 - 2011-03-01 06:30 - 000740754 _____ C:\Windows\system32\perfh013.dat 2022-05-22 12:39 - 2011-03-01 06:30 - 000154844 _____ C:\Windows\system32\perfc013.dat 2022-05-22 12:39 - 2011-03-01 06:01 - 000752866 _____ C:\Windows\system32\perfh00C.dat 2022-05-22 12:39 - 2011-03-01 06:01 - 000152074 _____ C:\Windows\system32\perfc00C.dat 2022-05-22 12:39 - 2009-07-14 07:13 - 004299304 _____ C:\Windows\system32\PerfStringBackup.INI 2022-05-22 12:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2022-05-22 12:38 - 2016-06-02 11:58 - 000050014 _____ C:\IFRToolLog.txt 2022-05-22 12:33 - 2018-04-30 18:39 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2022-05-22 12:33 - 2016-06-02 13:00 - 000000000 __SHD C:\Users\jak\IntelGraphicsProfiles 2022-05-22 12:33 - 2016-06-02 10:53 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-05-22 12:32 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-05-21 21:11 - 2011-02-10 16:25 - 000000000 ____D C:\Windows\panther 2022-05-21 21:03 - 2009-07-14 06:45 - 000319640 _____ C:\Windows\system32\FNTCACHE.DAT 2022-05-21 20:49 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-05-21 20:22 - 2015-03-31 03:37 - 000000000 ____D C:\Program Files\Intel 2022-05-21 20:21 - 2017-09-09 19:40 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2022-05-21 19:21 - 2016-09-17 18:02 - 000000000 ____D C:\Program Files (x86)\Avira 2022-05-21 18:54 - 2016-09-17 18:02 - 000000000 ____D C:\ProgramData\Avira 2022-05-21 18:53 - 2016-06-13 16:58 - 000000000 ____D C:\Users\jak\AppData\Local\CrashDumps 2022-05-20 21:29 - 2020-11-22 17:18 - 000000000 ____D C:\Users\jak\AppData\Local\WhatsApp 2022-05-20 21:29 - 2020-06-27 13:38 - 000000000 ____D C:\Users\jak\AppData\Roaming\WhatsApp 2022-05-20 18:47 - 2021-04-22 09:53 - 000000000 ____D C:\Users\jak\AppData\Roaming\ZHP 2022-05-20 18:15 - 2016-06-02 12:08 - 000000000 ____D C:\Users\josy\AppData\Local\Dell 2022-05-20 18:15 - 2015-03-31 01:45 - 000000000 ____D C:\ProgramData\Dell 2022-05-20 18:15 - 2015-03-31 01:45 - 000000000 ____D C:\Program Files\Dell 2022-05-20 15:56 - 2020-06-29 14:42 - 000000980 _____ C:\Users\Public\Desktop\Remote Mouse.lnk 2022-05-20 15:56 - 2020-06-29 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse 2022-05-20 15:56 - 2020-06-29 14:42 - 000000000 ____D C:\Program Files (x86)\Remote Mouse 2022-05-16 14:54 - 2015-03-31 02:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-05-13 17:12 - 2022-04-11 18:28 - 000004040 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1607421590 2022-05-12 00:20 - 2016-09-17 16:02 - 000000000 ____D C:\Windows\system32\MRT 2022-05-12 00:13 - 2016-09-17 16:02 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-05-02 18:23 - 2021-10-24 10:56 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-05-02 18:23 - 2021-10-24 10:56 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Fichiers à la racine de certains dossiers ======== 2021-04-23 19:00 - 2021-04-23 19:00 - 000000093 _____ () C:\Users\jak\AppData\Roaming\ARCompanion.log ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2022-05-13 17:24 ==================== Fin de FRST.txt ========================