Posté le 16 octobre
Télécharger | Reposter | Largeur fixe

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Exécuté par Norbert (administrateur) sur LAPTOP-ICSHLCC8 (HP HP Notebook) (16-10-2023 09:39:03)
Exécuté depuis C:\Users\Norbert\Downloads\FRST64.exe
Profils chargés: Norbert
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3448 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21624.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3562_none_7e0523f67c93b82a\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [181553176 2023-10-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1452522101-1509686165-2112368975-1001\...\Run: [4Z181OQ7TN] => wscript.exe //B "C:\ProgramData\4Z181OQ7TN.vbs" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-21-1452522101-1509686165-2112368975-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Norbert\AppData\Local\Microsoft\Teams\Update.exe [2588856 2023-09-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1452522101-1509686165-2112368975-1001\...\Run: [MicrosoftEdgeAutoLaunch_0B83F470B7EBC1E84C2330A3C2869116] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4131264 2023-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1452522101-1509686165-2112368975-1001\...\MountPoints2: {8f5207c8-ba3f-11eb-9a05-30e171260e5c} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\EPSON XP-2100 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBWFE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\HP 7212 Status Monitor: C:\WINDOWS\system32\hpinksts7212LM.dll [336904 2014-07-16] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-01-04]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [Fichier non signé]

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {9EDA305B-0377-4B5E-B140-B7875D164F40} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {94CDB8E3-D17B-487D-97D9-0415369EDB22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {3C91FB83-F427-412D-9806-D5D3E0C09889} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {D2D2ED61-E110-425D-A45F-56FB21832FEE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-29] (Adobe Inc. -> Adobe)
Task: {95E410EA-AC85-4467-9852-8D6FE9509AE8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Pas de fichier)
Task: {8BB61B35-B049-4486-AA88-9CB33CE09822} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {E70349B2-D3F6-4862-87B9-AC1233F20DF6} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5311304 2023-09-17] (Microsoft Windows -> Microsoft Corporation)
Task: {924384B5-9A71-4B2E-A81B-9F69D6A2281E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {63E4D9D9-E65D-4B5F-A004-2EFE15F4E7D6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {569F29C5-9423-4241-B303-EEFE9AB2F279} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3CC33682-2E60-4202-8C53-B86EB45C292A} - System32\Tasks\EPSON XP-2100 Series Update {3D126062-E809-4FDE-B5D7-D441C2D7A1AB} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWFE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {E42F3A4D-F2FF-4ACA-A6BB-310B5B93B9C0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier)
Task: {457CCE0A-24AB-408F-8D37-F4AE381599DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Update Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /CriticalUpdate (Pas de fichier)
Task: {61916D3D-F85B-4D96-8C13-1922280D766C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {40C1E93E-A7CF-4A84-B72F-6485A38149BA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe /show (Pas de fichier)
Task: {89E45DDF-9D6A-4A22-992A-E3903601B1C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-09-15] (HP Inc. -> HP Inc.)
Task: {ADAD73BE-EBBF-4BE1-80FB-74AF065667B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (Pas de fichier)
Task: {11AAB38C-A601-4BA6-B43D-7D0A2DD0BA15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m (Pas de fichier)
Task: {AC269647-7425-465A-93D4-30D65F7F9779} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
Task: {B2281CCF-FD94-4306-B7D3-504B8E3C82AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {FB57913D-D514-427C-9E61-E23912CD6D33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {7F631915-DB6D-4D74-8A0E-5B1C927474E1} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {87474586-C20A-4283-ABFB-5EE8E000FC70} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26977976 2023-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {61F67583-6C2F-4CDA-9E39-04DB316CC458} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26977976 2023-10-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3752C4F-4B73-4EF6-8BB7-4F0068269E01} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [125992 2023-10-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD28FD0F-8420-46CE-9734-D6AE07B30E98} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [125992 2023-10-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1223A60A-8FDA-43BD-81E1-2C764B35C767} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {C8638B7F-DBB7-48EC-B2E5-66EC5EB9ACAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62FBAEC0-89C3-4925-A282-9A7C7F5EA4D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {759B1428-C409-4AAA-86B5-1A014B84FF54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0777E9C-1145-4FE3-9AEA-61306BF8C79C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2EE03021-F32D-4E80-8208-98ECA7CDFBA5} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676768 2023-09-29] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {80CB37EA-12DA-4E78-BBF7-89B48E6CB73E} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {FC8220AE-8EF3-455D-B5CE-0471F6A839AF} - System32\Tasks\Skype => C:\Users\Norbert\AppData\Roaming\Colis-1.vbs (Pas de fichier) <==== ATTENTION
Task: {2DF67724-70B6-4F92-9EC1-4D2615C81346} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-12-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-2100 Series Update {3D126062-E809-4FDE-B5D7-D441C2D7A1AB}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWFE.EXE:/EXE:{3D126062-E809-4FDE-B5D7-D441C2D7A1AB} /F:UpdateWORKGROUP\LAPTOP-ICSHLCC8$&#266;Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Pas de fichier
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Pas de fichier
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Pas de fichier
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Pas de fichier
Tcpip\Parameters: [DhcpNameServer] 192.168.78.11 192.168.78.1
Tcpip\..\Interfaces\{3ffdb4b5-ed23-4b50-a1af-97de6ce1d040}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45e1723f-31ab-444f-b955-6da5d8fa5e44}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{524c9b46-1519-4956-b55f-e667e1887f16}: [DhcpNameServer] 192.168.78.11 192.168.78.1

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Norbert\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-16]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Google Docs hors connexion) - C:\Users\Norbert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-02]
Edge Extension: (Edge relevant text changes) - C:\Users\Norbert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-17]

FireFox:
========
FF DefaultProfile: dkbd1iwo.default-1547357551907
FF ProfilePath: C:\Users\Norbert\AppData\Roaming\Mozilla\Firefox\Profiles\dkbd1iwo.default-1547357551907 [2023-10-13]
FF Notifications: Mozilla\Firefox\Profiles\dkbd1iwo.default-1547357551907 -> hxxps://www.facebook.com
FF Extension: (True Key™ by McAfee) - C:\Users\Norbert\AppData\Roaming\Mozilla\Firefox\Profiles\dkbd1iwo.default-1547357551907\Extensions\@true-key.xpi [2022-10-12] [UpdateUrl:hxxps://downloads.truekey.com/firefox/update.json]
FF Extension: (Download d'image) - C:\Users\Norbert\AppData\Roaming\Mozilla\Firefox\Profiles\dkbd1iwo.default-1547357551907\Extensions\extension@plgfrdownlnewfr.xpi [2019-02-04]
FF Extension: (McAfee® Recherche sécurisée) - C:\Users\Norbert\AppData\Roaming\Mozilla\Firefox\Profiles\dkbd1iwo.default-1547357551907\Extensions\{DFC8025B-FC38-42B1-9E3A-DFA474F33D93}.xpi [2023-09-11] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/searchextension/update.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]

Chrome:
=======
CHR HKU\S-1-5-21-1452522101-1509686165-2112368975-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-12-28] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-29] (Adobe Inc. -> Adobe)
S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12860928 2023-10-07] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-12-02] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-07-04] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888360 2023-09-15] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [886824 2023-09-15] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883136 2023-09-15] (HP Inc. -> HP Inc.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [886824 2023-09-15] (HP Inc. -> HP Inc.)
S4 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2016-10-11] (AVAST Software a.s. -> The OpenVPN Project)
S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-10-16 09:07 - 2023-10-16 09:07 - 000000000 ___HD C:\$WinREAgent
2023-10-13 18:36 - 2023-10-13 18:36 - 000003660 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2023-10-13 17:53 - 2023-10-13 17:53 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-LAPTOP-ICSHLCC8-Windows-10-Home-(64-bit).dat
2023-10-13 17:53 - 2023-10-13 17:53 - 000000000 ____D C:\RegBackup
2023-10-13 17:17 - 2023-10-16 09:40 - 000025244 _____ C:\Users\Norbert\Downloads\FRST.txt
2023-10-13 17:17 - 2023-10-16 09:40 - 000000000 ____D C:\FRST
2023-10-13 17:17 - 2023-10-13 17:17 - 002383360 _____ (Farbar) C:\Users\Norbert\Downloads\FRST64.exe
2023-10-13 11:50 - 2023-10-13 11:50 - 000000000 ____D C:\ProgramData\PLUG
2023-10-13 09:08 - 2023-10-13 09:09 - 003343520 _____ (Nicolas Coolman) C:\Users\Norbert\Downloads\ZHPCleaner (3).exe
2023-10-12 16:57 - 2023-10-12 16:57 - 008791352 _____ (Malwarebytes) C:\Users\Norbert\Downloads\adwcleaner.exe
2023-10-10 14:15 - 2023-10-10 14:15 - 000000000 ____D C:\Users\Norbert\Documents\FeedbackHub
2023-09-29 15:09 - 2023-09-29 15:09 - 002829194 _____ C:\Users\Norbert\Documents\contrat de mariage20230929_15093753.pdf
2023-09-29 14:34 - 2023-09-29 14:34 - 000003805 _____ C:\Users\Norbert\Downloads\lettre_accompagnement_procuration.pdf
2023-09-29 14:23 - 2023-09-29 14:23 - 000215607 _____ C:\Users\Norbert\Documents\CI maman sept20230929_14231777.pdf
2023-09-29 13:56 - 2023-09-29 13:56 - 000428195 _____ C:\Users\Norbert\Documents\contrat mariage20230929_13560566.pdf
2023-09-29 13:50 - 2023-09-29 13:50 - 000115540 _____ C:\Users\Norbert\Documents\CI maman 20230929_13504459.pdf
2023-09-29 11:44 - 2023-09-29 11:44 - 000255166 _____ C:\Users\Norbert\Downloads\Facture edf août.pdf
2023-09-29 11:33 - 2023-09-29 11:33 - 000255166 _____ C:\Users\Norbert\Documents\Facture edf août.pdf
2023-09-28 10:26 - 2023-09-28 10:26 - 002003108 _____ C:\Users\Norbert\Downloads\winmail.dat
2023-09-21 14:35 - 2023-09-21 14:35 - 000040521 _____ C:\Users\Norbert\Documents\crédit mutuel20230921_14354311.pdf
2023-09-21 14:28 - 2023-09-21 14:28 - 000333933 _____ C:\Users\Norbert\Documents\crédit mutuel20230921_14285935.pdf
2023-09-17 09:15 - 2023-09-17 09:16 - 000206395 _____ C:\Users\Norbert\Downloads\C3091600713_20230916_CRPPDF.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-10-16 09:39 - 2021-04-08 18:35 - 000000000 ____D C:\Users\defaultuser0
2023-10-16 09:38 - 2021-04-08 18:50 - 001756382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-16 09:38 - 2019-12-07 16:49 - 000761630 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-16 09:38 - 2019-12-07 16:49 - 000158474 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-16 09:38 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-16 09:37 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-16 09:37 - 2017-12-03 10:33 - 000000000 ____D C:\Users\Norbert\AppData\Local\Packages
2023-10-16 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-16 09:33 - 2021-04-08 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-16 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-16 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-16 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-16 09:33 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-10-16 09:33 - 2017-07-10 17:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-10-16 09:32 - 2021-04-08 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-16 09:12 - 2021-04-08 19:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2023-10-16 09:11 - 2021-04-08 18:24 - 000433824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-16 09:08 - 2021-04-08 19:12 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5D29C771-3575-4B4F-97A9-19869DBB8CC6}
2023-10-16 09:07 - 2020-06-24 00:14 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-16 09:07 - 2020-06-24 00:14 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-10-13 18:57 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-13 18:54 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-13 18:35 - 2017-03-22 19:44 - 000000000 ____D C:\Users\Norbert\Documents\SAUV ANCIEN PC
2023-10-13 17:32 - 2016-09-29 07:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-10-13 17:25 - 2023-03-27 15:28 - 000002434 _____ C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-13 17:25 - 2021-12-15 21:23 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1452522101-1509686165-2112368975-1001
2023-10-13 17:25 - 2021-04-08 19:12 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1452522101-1509686165-2112368975-1001
2023-10-13 11:53 - 2021-12-03 11:37 - 000000000 ____D C:\Users\Norbert\AppData\Local\CrashDumps
2023-10-13 10:47 - 2017-04-03 17:13 - 000000000 ____D C:\Users\Norbert\AppData\Roaming\ZHP
2023-10-13 09:34 - 2017-03-24 22:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-13 09:23 - 2016-09-29 07:19 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-10-13 09:22 - 2017-03-24 22:04 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-13 09:17 - 2022-03-02 14:37 - 000000000 ____D C:\Program Files\RUXIM
2023-10-13 09:09 - 2017-04-03 17:13 - 000000000 ____D C:\Users\Norbert\AppData\Local\ZHP
2023-10-12 18:02 - 2018-06-12 02:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-12 17:46 - 2021-04-08 18:34 - 000000000 ____D C:\Users\Norbert
2023-10-12 17:44 - 2017-03-22 19:03 - 000000000 ____D C:\Users\Norbert\AppData\Roaming\Hewlett-Packard
2023-10-12 17:44 - 2016-09-29 07:18 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-10-12 17:02 - 2017-04-04 13:55 - 000918960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-12 16:48 - 2021-11-01 17:36 - 000000000 ____D C:\Users\Norbert\AppData\Local\Avast Software
2023-10-12 16:48 - 2017-03-22 20:16 - 000000000 ____D C:\Users\Norbert\AppData\Roaming\AVAST Software
2023-10-12 16:30 - 2017-03-22 19:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-10-12 16:27 - 2017-03-22 20:02 - 000000000 ____D C:\ProgramData\AVAST Software
2023-10-12 16:23 - 2020-07-09 21:30 - 000000000 ____D C:\Users\Norbert\AppData\Roaming\Microsoft\Teams
2023-10-12 16:21 - 2021-11-01 17:30 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-10-11 13:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-10-10 14:31 - 2022-04-12 15:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-10 14:25 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-29 11:50 - 2022-12-26 19:11 - 000002154 _____ C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-26 14:37 - 2016-09-29 07:19 - 000000000 ____D C:\Program Files\HP
2023-09-26 14:18 - 2018-06-21 17:55 - 000000000 ____D C:\ProgramData\Packages
2023-09-21 14:29 - 2017-03-22 19:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-19 22:58 - 2021-04-08 19:12 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-19 22:57 - 2022-10-16 14:01 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-09-19 22:57 - 2022-10-16 14:01 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-09-17 12:17 - 2016-09-29 07:22 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-09-17 12:17 - 2016-09-29 07:22 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-09-17 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-17 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-17 12:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-17 12:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-17 12:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-17 12:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-17 12:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-17 12:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-17 11:41 - 2021-04-08 18:29 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-17 09:48 - 2020-07-10 22:55 - 000002385 _____ C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-09-17 09:00 - 2021-04-08 19:12 - 000004286 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-09-17 09:00 - 2021-04-08 19:12 - 000004054 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore

==================== Fichiers à la racine de certains dossiers ========

2017-07-23 18:15 - 2017-07-23 18:15 - 002832256 _____ () C:\Users\Norbert\ZHPCleaner.exe
2020-01-30 18:48 - 2020-01-30 18:48 - 000000732 _____ () C:\Program Files (x86)\LMIR0F76D001.tmp.bat
2020-01-30 18:48 - 2020-01-30 18:48 - 000000534 _____ () C:\Program Files (x86)\LMIR0F76D001.tmp_r.bat
2017-03-22 18:58 - 2020-01-31 01:43 - 006431127 ____N () C:\Users\Norbert\AppData\Local\BTServer.log
2020-01-31 01:43 - 2020-01-31 01:43 - 000000740 ____N () C:\Users\Norbert\AppData\Local\LMIR0F74F001.tmp.bat
2020-01-31 01:43 - 2020-01-31 01:43 - 000000542 ____N () C:\Users\Norbert\AppData\Local\LMIR0F74F001.tmp_r.bat
2017-10-17 02:30 - 2017-10-17 02:30 - 000000000 ____N () C:\Users\Norbert\AppData\Local\{24451932-D313-4A4C-9432-0F5AB8CCE582}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.