Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Exécuté par laurence (administrateur) sur LM (TOSHIBA SATELLITE L70-A) (10-01-2021 10:24:16)
Exécuté depuis C:\Users\laurence\Desktop
Profils chargés: UpdatusUser & laurence
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1"
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Windows\SysWOW64\UMonit64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Comodo Security Solutions -> Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <8>
(HP Inc -> HP Inc.) C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16384_x64__8wekyb3d8bbwe\glcnd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\mozd0aeeedd-8e4f-4e0f-adf9-7d93537fa3e6 <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-28] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-12] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Fichier non signé]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-06-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [fst_fr_362] => [X]
HKU\S-1-5-21-1835571751-1143193878-2839388692-1001\...\Run: [] => [X]
HKU\S-1-5-21-1835571751-1143193878-2839388692-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1835571751-1143193878-2839388692-1002\...\Run: [HP ENVY Photo 6200 (NET)] => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-1835571751-1143193878-2839388692-1002\...\Run: [Opera Browser Assistant] => C:\Users\laurence\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0254CE2F-C664-4323-9E0F-952FD75F45AC} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {08324943-433B-4478-82AD-E4645E1FFEF2} - System32\Tasks\NewPlayer_wd => C:\Program Files (x86)\ver3NewPlayer\N0NewPlayerX.exe [157184 2014-08-23] () [Fichier non signé]
Task: {0BCAD034-7EB7-4484-B8E0-1ECEAB4626D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1582720994 => C:\Users\laurence\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-05] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\laurence\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {0F8B954E-809B-48B2-9D64-CF452FD88C82} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1634CE05-C458-47FB-AF13-56D898A7C986} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {1AB12CB0-86A2-49A7-B0A6-4864428A5DB1} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [53248 2013-08-28] () [Fichier non signé]
Task: {1AF629F8-303C-4839-A5B9-91ACC24F1F70} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [471416 2013-07-19] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
Task: {1C77196C-7D19-417F-9804-CB986BEEB717} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {421E7776-0441-4563-B43A-4FBED6DFAC53} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [88064 2013-11-09] (TOSHIBA Corporation) [Fichier non signé]
Task: {54E7BA99-D239-4DB1-A90F-EC28A1AC7FEC} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [655464 2013-07-31] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {5797930A-6E6F-4421-9EB5-4E8BCBCED8BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {5B9F6B97-A8B4-4470-9A29-709033E17077} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {68B9D6D8-EC4D-4E40-8D37-89C9166015A5} - \RocketTab -> Pas de fichier <==== ATTENTION
Task: {8B97ACA4-A522-4B5B-86E8-0209477AA54F} - System32\Tasks\Speedial => C:\Users\laurence\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {935FD2CA-BF3D-4BE5-9631-82200C63079B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {A4475F58-6EDC-46B2-8C00-2888E5CBD760} - System32\Tasks\MySearchDial => C:\Users\laurence\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE
Task: {B5062D1D-8A23-4E6D-81FE-2D36775FAE35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-30] (Google LLC -> Google LLC)
Task: {B98ECBE4-BCB4-47ED-B576-785925782AD3} - System32\Tasks\Opera scheduled Autoupdate 1573136199 => C:\Users\laurence\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-05] (Opera Software AS -> Opera Software)
Task: {C2588073-FBCA-44D7-B8E8-F5F1761C9FBE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-11] (Adobe Inc. -> Adobe)
Task: {C60F1458-5F3C-4412-B3E6-8436E53CCB29} - System32\Tasks\NewPlayer Update => C:\Program Files (x86)\ver3NewPlayer\T3NewPlayerS46.exe
Task: {D9C67E35-DE12-4F6B-BE18-2BDF96E7343B} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [625872 2021-01-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {E5AA5DE9-947B-479C-BF89-0080C90B9622} - System32\Tasks\HPCustParticipation HP ENVY Photo 6200 series => C:\Program Files\HP\HP ENVY Photo 6200 series\Bin\HPCustPartic.exe [6659488 2019-03-18] (HP Inc -> HP Inc.)
Task: {E79CCFCC-8BE4-47B9-829F-320073D61C25} - \RocketTab Update Task -> Pas de fichier <==== ATTENTION
Task: {EAC88A2C-DBC5-4CF3-9BD5-D0F2E6B90735} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EE0E2D77-6CB5-49D4-85B0-FAEEF525EFCE} - System32\Tasks\Advanced~System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe
Task: {FC31D730-9B2A-43E6-B32C-4C769A9A47A4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-12] (Adobe Inc. -> Adobe)
Task: {FEE9B4B1-3460-4E46-ABAE-481898B82702} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-12] (Adobe Inc. -> Adobe)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\laurence\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\NewPlayer Update.job => C:\Program Files (x86)\ver3NewPlayer\T3NewPlayerS46.exe
Task: C:\Windows\Tasks\NewPlayer_wd.job => C:\Program Files (x86)\ver3NewPlayer\N0NewPlayerX.exe
Task: C:\Windows\Tasks\Speedial.job => C:\Users\laurence\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyServer: [S-1-5-21-1835571751-1143193878-2839388692-1002] => http=127.0.0.1:13904;https=127.0.0.1:13904
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0A14D09A-3873-4A72-B105-B38D6B0DA824}: [DhcpNameServer] 30.40.1.1 30.40.1.2
Tcpip\..\Interfaces\{A7992926-80B6-438E-A346-68D01FFDDFB4}: [DhcpNameServer] 192.168.1.1

Edge:
======
Edge Profile: C:\Users\laurence\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-11]

FireFox:
========
FF DefaultProfile: 7awhmxv8.default
FF ProfilePath: C:\Users\laurence\AppData\Roaming\Mozilla\Firefox\Profiles\7awhmxv8.default [2020-04-30]
FF ProfilePath: C:\Users\laurence\AppData\Roaming\Mozilla\Firefox\Profiles\p6u2bylr.default-release [2021-01-10]
FF Notifications: Mozilla\Firefox\Profiles\p6u2bylr.default-release -> hxxps://www.cnetfrance.fr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-11] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\laurence\AppData\Local\Google\Chrome\User Data\Default [2020-12-22]
CHR Extension: (Protection Web Avira) - C:\Users\laurence\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-12-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\laurence\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\laurence\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-22]
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd]
CHR HKU\S-1-5-21-1835571751-1143193878-2839388692-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd]
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera:
=======
OPR Notifications: hxxps://account.hectorkitchen.com; hxxps://daystream.club; hxxps://telecharger-youtube-mp3.com; hxxps://tirsmile.pro; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.mp3hub.com; hxxps://www2.pushworldtool.com
OPR Extension: (Rich Hints Agent) - C:\Users\laurence\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-03]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-12] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] (DTS, Inc. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent Inc -> WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Fichier non signé]
S2 NewPlayer; C:\Program Files (x86)\ver3NewPlayer\e3NewPlayerAw177.exe [185856 2014-08-23] () [Fichier non signé]
S2 RBClientService; C:\Program Files (x86)\Right Backup\RBClientService.exe [48240 2014-07-11] (Right Backup Software Pvt. Ltd. -> Systweak)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 servervo; C:\Users\laurence\AppData\Roaming\VOPackage\VOsrv.exe [X] <==== ATTENTION

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (Genesys Logic,INC. -> GenesysLogic)
R3 MpKslf2d73d4e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C47C7FF1-19BE-43EE-9C45-B5ED2C8F6513}\MpKslDrv.sys [47344 2020-12-24] (Microsoft Windows -> Microsoft Corporation)
R3 QIOMem; C:\Windows\System32\drivers\QIOMem.sys [14000 2013-08-06] (WDKTestCert 1,130202426583431586 -> TOSHIBA)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S1 pgbngddg; \??\C:\Windows\system32\drivers\pgbngddg.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-10 10:26 - 2021-01-10 10:26 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-10 10:21 - 2021-01-10 10:27 - 000022511 _____ C:\Users\laurence\Desktop\FRST.txt
2021-01-10 10:21 - 2021-01-10 10:24 - 000000000 ____D C:\FRST
2021-01-10 10:14 - 2021-01-10 10:15 - 002281472 _____ (Farbar) C:\Users\laurence\Desktop\FRST64.exe
2021-01-09 09:58 - 2021-01-09 09:58 - 000000000 _____ C:\Users\laurence\AppData\Local\{B139C71E-50B2-434B-BED1-F4432F69A14B}
2021-01-05 17:40 - 2021-01-05 17:40 - 000260943 _____ C:\Users\laurence\Desktop\Lettre � Madame et Monsieur Jules MONTMAYEUR.pdf
2021-01-05 17:40 - 2021-01-05 17:40 - 000200274 _____ C:\Users\laurence\Desktop\Honoraire-SCP 20201662.pdf
2021-01-05 16:49 - 2021-01-05 16:49 - 000000000 _____ C:\Users\laurence\AppData\Local\{5C76A3F5-FCAB-4113-BF78-E96ED086A696}
2021-01-03 10:43 - 2021-01-03 10:43 - 000000000 _____ C:\Users\laurence\AppData\Local\{5E8BA983-1AF7-42AC-9CF5-70A4906E9102}
2020-12-28 15:20 - 2020-12-28 15:20 - 000000000 _____ C:\Users\laurence\AppData\Local\{6F826FE6-D85E-4B42-B878-A98A91BDC00A}
2020-12-24 11:12 - 2020-12-24 11:25 - 000025933 _____ C:\Users\laurence\Desktop\Courrier défenseur des droits.odt
2020-12-23 11:26 - 2020-12-23 11:26 - 000000000 ____D C:\Users\laurence\Desktop\Avocat grenoble
2020-12-23 11:17 - 2020-12-23 11:17 - 000021988 _____ C:\HttpProxy_36_3696_1608718653.dmp
2020-12-23 10:44 - 2020-12-23 10:44 - 000023500 _____ C:\HttpProxy_36_2688_1608716673.dmp
2020-12-23 10:11 - 2020-12-23 10:11 - 000023696 _____ C:\HttpProxy_36_5652_1608714693.dmp
2020-12-22 18:36 - 2020-12-22 18:36 - 000001979 _____ C:\Users\laurence\Desktop\HPF631D2 (HP ENVY Photo 6200 series) - Raccourci.lnk
2020-12-22 18:32 - 2020-12-22 18:32 - 000000000 ____D C:\Users\laurence\AppData\Local\ElevatedDiagnostics
2020-12-22 18:18 - 2021-01-10 10:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-12-22 18:12 - 2020-12-22 18:13 - 009716576 _____ C:\Users\laurence\Downloads\HPEasyStart_12_2_5163_01.exe
2020-12-22 18:06 - 2020-12-22 18:06 - 000023832 _____ C:\HttpProxy_36_1176_1608656817.dmp
2020-12-21 16:54 - 2020-12-21 16:54 - 000085543 _____ C:\Users\laurence\Desktop\Avis prélèvement_11_2020.pdf
2020-12-21 16:41 - 2020-12-23 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-12-21 16:38 - 2020-12-21 16:38 - 000025796 _____ C:\HttpProxy_36_1076_1608565101.dmp
2020-12-21 16:00 - 2020-12-21 16:42 - 000000000 ____D C:\Users\laurence\Desktop\thierry
2020-12-21 15:49 - 2020-12-21 15:49 - 000022716 _____ C:\HttpProxy_36_7116_1608562157.dmp
2020-12-21 15:49 - 2020-12-21 15:49 - 000000000 ____H C:\Users\laurence\AppData\Local\BITA2CD.tmp
2020-12-21 15:49 - 2020-12-21 15:49 - 000000000 _____ C:\Users\laurence\AppData\Local\{333D50A1-A1E1-43AF-B1E8-99F83A6D9EB8}
2020-12-18 10:36 - 2020-12-18 10:36 - 000023956 _____ C:\HttpProxy_36_5684_1608284213.dmp
2020-12-18 10:18 - 2020-12-18 10:18 - 000023768 _____ C:\HttpProxy_36_6492_1608283115.dmp
2020-12-17 14:26 - 2020-12-17 14:26 - 000027992 _____ C:\HttpProxy_36_908_1608211585.dmp
2020-12-15 11:29 - 2020-12-15 11:29 - 000024564 _____ C:\HttpProxy_36_416_1608028160.dmp
2020-12-15 11:21 - 2020-12-15 11:21 - 000176759 _____ C:\Users\laurence\Desktop\8R42622084174.pdf
2020-12-15 10:56 - 2020-12-15 10:56 - 000023740 _____ C:\HttpProxy_36_4920_1608026180.dmp
2020-12-15 10:23 - 2020-12-15 10:23 - 000021564 _____ C:\HttpProxy_36_2648_1608024199.dmp
2020-12-13 11:09 - 2020-12-13 11:09 - 000024808 _____ C:\HttpProxy_36_5184_1607854153.dmp
2020-12-13 10:36 - 2020-12-13 10:36 - 000023444 _____ C:\HttpProxy_36_3916_1607852173.dmp
2020-12-12 15:32 - 2020-12-12 15:32 - 000023724 _____ C:\HttpProxy_36_3880_1607783542.dmp
2020-12-12 15:31 - 2020-12-12 15:32 - 000024924 _____ C:\HttpProxy_36_2012_1607783518.dmp
2020-12-12 14:48 - 2020-12-12 14:48 - 000031356 _____ C:\Users\laurence\Desktop\MONT90013470001950_7651 (1).pdf
2020-12-12 14:47 - 2020-12-12 14:47 - 000023768 _____ C:\HttpProxy_36_3036_1607780834.dmp
2020-12-12 14:14 - 2020-12-12 14:14 - 000024448 _____ C:\HttpProxy_36_6180_1607778853.dmp
2020-12-11 11:31 - 2020-12-11 11:31 - 000022048 _____ C:\HttpProxy_36_1868_1607682678.dmp

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-01-10 10:27 - 2019-10-26 09:13 - 000000000 ____D C:\Users\laurence\AppData\LocalLow\Mozilla
2021-01-10 10:27 - 2019-10-26 08:57 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-10 10:26 - 2020-04-30 08:47 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-10 10:21 - 2014-04-26 19:20 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1835571751-1143193878-2839388692-1002
2021-01-10 10:14 - 2014-04-26 19:21 - 000003924 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{2F5E9F47-05D9-4D3C-AB26-A077F493A15C}
2021-01-10 10:11 - 2014-05-17 14:25 - 000000000 ____D C:\Program Files\CCleaner
2021-01-09 10:02 - 2019-11-07 15:16 - 000004068 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1573136199
2021-01-09 10:02 - 2019-11-07 15:16 - 000001364 _____ C:\Users\laurence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-01-05 17:14 - 2020-04-13 16:48 - 000000000 ____D C:\Users\laurence\Desktop\isabelle
2020-12-23 11:44 - 2014-08-23 10:09 - 000000398 _____ C:\Windows\Tasks\NewPlayer_wd.job
2020-12-23 11:28 - 2014-05-17 14:28 - 000000310 _____ C:\Windows\Tasks\Speedial.job
2020-12-23 11:27 - 2019-10-26 09:00 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-12-23 11:27 - 2019-10-26 08:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-23 11:12 - 2014-05-17 14:12 - 000000310 _____ C:\Windows\Tasks\MySearchDial.job
2020-12-23 10:59 - 2014-08-23 10:09 - 000000418 _____ C:\Windows\Tasks\NewPlayer Update.job
2020-12-21 16:58 - 2019-11-08 18:28 - 000000000 ____D C:\Users\laurence\Desktop\CESU
2020-12-18 10:39 - 2020-10-12 15:35 - 000020275 _____ C:\Users\laurence\Desktop\Nouveau Texte OpenDocument (2).odt
2020-12-18 10:29 - 2020-01-14 20:22 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-12-15 10:26 - 2019-10-21 14:53 - 000000000 ____D C:\Users\laurence\Desktop\contrat de travail
2020-12-13 11:23 - 2015-09-09 16:02 - 000000699 _____ C:\Users\laurence\Desktop\Nouveau document texte.txt
2020-12-12 15:27 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-12 15:27 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2020-12-12 15:26 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-12-12 15:23 - 2013-08-22 16:36 - 000000000 ___RD C:\Windows\ToastData
2020-12-12 15:22 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2020-12-12 15:01 - 2014-10-23 11:13 - 000000296 _____ C:\Windows\Tasks\System Speedup_DEFAULT.job
2020-12-12 14:51 - 2013-12-22 22:44 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI
2020-12-12 14:51 - 2013-08-28 16:40 - 000806842 _____ C:\Windows\system32\perfh00C.dat
2020-12-12 14:51 - 2013-08-28 16:40 - 000156662 _____ C:\Windows\system32\perfc00C.dat
2020-12-12 14:23 - 2020-06-10 19:23 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-12-12 14:23 - 2020-06-10 19:23 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-12 14:23 - 2016-08-10 10:16 - 000004592 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-12 14:23 - 2014-05-17 14:30 - 000004460 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-12-12 14:23 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-12-11 11:42 - 2019-04-14 09:08 - 000004586 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-12-11 11:41 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed

==================== Fichiers à la racine de certains dossiers ========

2014-05-17 15:12 - 2014-07-19 09:12 - 000000094 _____ () C:\Users\laurence\AppData\Roaming\WB.CFG
2020-12-21 15:49 - 2020-12-21 15:49 - 000000000 ____H () C:\Users\laurence\AppData\Local\BITA2CD.tmp
2020-12-21 15:49 - 2020-12-21 15:49 - 000000000 _____ () C:\Users\laurence\AppData\Local\{333D50A1-A1E1-43AF-B1E8-99F83A6D9EB8}
2021-01-05 16:49 - 2021-01-05 16:49 - 000000000 _____ () C:\Users\laurence\AppData\Local\{5C76A3F5-FCAB-4113-BF78-E96ED086A696}
2021-01-03 10:43 - 2021-01-03 10:43 - 000000000 _____ () C:\Users\laurence\AppData\Local\{5E8BA983-1AF7-42AC-9CF5-70A4906E9102}
2020-12-28 15:20 - 2020-12-28 15:20 - 000000000 _____ () C:\Users\laurence\AppData\Local\{6F826FE6-D85E-4B42-B878-A98A91BDC00A}
2021-01-09 09:58 - 2021-01-09 09:58 - 000000000 _____ () C:\Users\laurence\AppData\Local\{B139C71E-50B2-434B-BED1-F4432F69A14B}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2020-12-24 09:39
==================== Fin de FRST.txt ========================