Adware et clés de registre jouant avec les navigateurs Web – Resoudre les problemes d’un serveur MineCraft
Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020
Géré par Eric (administrateur) sur ERIC-PC (Hewlett-Packard p6710f) (11-05-2020 16:50:09)
Exécution à partir de C: Users Eric Downloads
Profils chargés: Eric
Plateforme: Windows 7 Home Premium Service Pack 1 (X64) Langue: anglais (États-Unis)
Internet Explorer version 11 (navigateur par défaut: Chrome)
Mode de démarrage: Normal
==================== Processus (liste blanche) =================
(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)
((HuskyCahya -> LevelInc Ltd) [File not signed]) [File is in use ] C: Program Files (x86) AlphacomAccentpolyN AlphacomAccentpolyN.exe
(Advanced Micro Devices Inc.) [File not signed] C: Program Files (x86) ATI Technologies ATI.ACE Core-Static MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C: Program Files (x86) ATI Technologies ATI.ACE Core-Static MMLoadDrv.exe
(ATI Technologies Inc.) [File not signed] C: Program Files (x86) ATI Technologies ATI.ACE Core-Static CCC.exe
(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe <20>
(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler.exe
(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe
(Logitech, Inc. -> Logitech Inc.) C: Program Files (x86) Common Files logishrd LVMVFM UMVPFSrv.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office Office12 POWERPNT.EXE
(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office Office12 WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows System32 WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C: Program Files Windows Media Player wmprph.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wisptis.exe
(Éditeur de compatibilité matérielle Microsoft Windows -> AMD) C: Windows System32 atieclxx.exe
(Éditeur de compatibilité matérielle Microsoft Windows -> AMD) C: Windows System32 atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C: Program Files (x86) Common Files Java Java Update jusched.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) EPSON Software Event Manager EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) EPSON Software FAX Utility FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) EPSON Software FAX Utility FUFAXSTM.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Program Files Fichiers communs EPSON EPW! 3 SSRP E_S60RPB.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files EPSON EpsonCustomerResearchParticipation EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C: Windows System32 escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Windows System32 spool drivers x64 3 E_YATIKDE.EXE
(Spotify AB -> Spotify Ltd) C: Users Eric AppData Roaming Spotify SpotifyWebHelper.exe
(Valve -> Valve Corporation) C: Program Files (x86) Common Files Steam SteamService.exe
(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe <7>
(Valve -> Valve Corporation) C: Program Files (x86) Steam steam.exe
==================== Registre (liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM … Run: [MSC] => c: Program Files Microsoft Security Client msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM … Run: [Logitech Download Assistant] => C: Windows System32 LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM-x32 … Exécuter: [StartCCC] => C: Program Files (x86) ATI Technologies ATI.ACE Core-Static CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32 … Exécuter: [FUFAXRCV] => C: Program Files (x86) Epson Software FAX Utility FUFAXRCV.exe [669664 2019-10-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32 … Exécuter: [FUFAXSTM] => C: Program Files (x86) Epson Software FAX Utility FUFAXSTM.exe [894944 2019-10-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32 … Exécuter: [EEventManager] => C: Program Files (x86) Epson Software Event Manager EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Fichiers communs Java Java Update jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Run: [Steam] => C: Program Files (x86) Steam steam.exe [3372832 2020-04-27] (Valve -> Valve Corporation)
HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Run: [Spotify Web Helper] => C: Users Eric AppData Roaming Spotify SpotifyWebHelper.exe [780688 2018-02-03] (Spotify AB -> Spotify Ltd)
HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Run: [EPLTargetP0000000000000000] => C: Windows system32 spool DRIVERS x64 3 E_YATIKDE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … MountPoints2: 35585837-01c4-11e8-a9b3-78acc0bd2160 – I: LaunchU3.exe -a
HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 81.0.4044.138 Installer chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [73FA19D0-2D75-11D2-995D-00C04F98BBC9] ->
==================== Tâches planifiées (liste blanche) ============
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
Tâche: 04ADAC4D-FD7D-482E-98CB-3D8434C5E02C – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Tâche: 0826AEF9-AF74-4CEE-82B9-4EF5C91AC8E3 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_DeviceScan => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Tâche: 20F0E2AD-625E-42DB-9ED2-46534EA8A212 – System32 Tasks Hewlett-Packard HP Active Health HP Active Health Scan (HPSA) => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPActiveHealth ActiveHealth.exe [25128 2017-11-22] (HP Inc. ->)
Tâche: 2836BDC8-DF82-47B5-8931-BCED9D5B422B – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Tâche: 30CA388E-AE58-4F84-A0CF-36CA3D229C60 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater – Resources => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Tâche: 373989EF-24AB-497B-8A66-0215090362A0 – System32 Tasks EPSON WF-3640 Series Invitation 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 => C: Windows system32 spool DRIVERS x64 3 E_YTSKDE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: 3E544D74-2EBD-462C-834C-218F3B1EDF8C – System32 Tasks Adobe Flash Player PPAPI Notifier => C: Windows SysWOW64 Macromed Flash FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-19] (Adobe Inc. -> Adobe)
Tâche: 3E826E79-292A-45A7-B26A-7EE4A55546B5 – System32 Tasks HPCeeScheduleForEric => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Tâche: 5EE35B28-5C9A-4072-B372-DA6114A8FCC3 – System32 Tasks Microsoft Microsoft Antimalware Microsoft Antimalware Scheduled Scan => c: Program Files Microsoft Security Client \ MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 6E0B010D-59C6-4BE2-83A5-FE7F0E829FD1 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Assistant Quick Start => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Tâche: 8076B937-F816-4ADA-B868-A67EE92D2D17 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Tâche: 82A89C05-9A94-4DCE-80A9-1FA41A20ED6D – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Report => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Tâche: 8E62185D-1405-4F38-8764-ECB0929F5DD0 – System32 Tasks Hewlett-Packard HP Support Assistant Product Configurator => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources ProductConfig .EXE [320856 2020-04-23] (HP Inc. -> HP Inc.)
Tâche: 9B896994-6A2A-4EBA-8885-C06853239A9F – Mise à jour de la série System32 Tasks EPSON WF-3640 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 => C: Windows system32 spool DRIVERS 3 E_YTSKDE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Tâche: AAF9D068-144C-4B6C-A436-61E400CF1CD2 – System32 Tasks Adobe Flash Player Updater => C: Windows SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2020-04-19] (Adobe Inc. -> Adobe)
Tâche: C059C297-977E-430E-9402-85D9D9F758C6 – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)
Tâche: C1E84BF3-5507-43AF-946A-EB68AEC9546F – System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Tâche: FDF66B07-3C2E-4BB6-B79A-6A7DE2F842C8 – System32 Tasks Mozilla Firefox Default Browser Agent E7CF176E110C211B => C: Program Files (x86) Mozilla Firefox default-browser-agent.exe [126152 2020-04-23] (Mozilla Corporation -> Fondation Mozilla)
(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Tâche: C: Windows Tasks EPSON WF-3640 Series Invitation 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKDE.EXE
Tâche: C: Windows Tasks EPSON WF-3640 Series Update 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKDE.EXE: / EXE: 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour. Thi
Tâche: C: Windows Tasks HPCeeScheduleForEric.job => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe
==================== Internet (liste blanche) ====================
(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)
Tcpip Paramètres: [DhcpNameServer] 75,75,75,75 75,75,76,76
Tcpip .. Interfaces 6C3A6ED6-459B-45F6-AACF-451FA97646B7: [DhcpNameServer] 75,75,75,75 75,75,76,76
Tcpip .. Interfaces 9FB95EF1-6FAC-490A-814F-F993017A7EA6: [DhcpNameServer] 192.168.1.252
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKLM-x32 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKU S-1-5-21-3312487288-1977858865-3294966506-1000 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
BHO: Java ™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C: Program Files Java jre1.8.0_251 bin ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java ™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C: Program Files Java jre1.8.0_251 bin jp2ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
FireFox:
========
FF DefaultProfile: dnln6rwd.default
FF ProfilePath: C: Users Eric AppData Roaming Mozilla Firefox Profiles dnln6rwd.default [2020-05-11]
FF Page d'accueil: Mozilla Firefox Profiles dnln6rwd.default -> hxxps: //links.malwarebytes.com/link/restorebrowser lic = essai & product = MBAM-Cparam1 = y6bdVFVIsvuYsgEClQfz8KTL4HLBF1wBOkVfCJhNXY7GpZ9gA4TzjU20% 2B6Ll2pqWrRu5OXo1IhGWbkvP9Yv7ezBHXh% 2FBmaPh81bgd% 2Bd0HAN0N7% 2B7Ahh844DyIYjY1j4Vfy4piK5029QWh9WyAwA4qgf% 2By1h2HjT% 2FzwE4IpieTsNJKbAenpaE2GeEKEcjRDpG87QsAwuCvuyN%? 2FIt1seE7NClIzNz5% 2Fpx34ZHv3FAX17aRighSlYXPOiHV% 2B8M80IPHlpJCUQRwcvbICA4Cvr9zOQPosnTzdyCW7ag96lQqETU% 3D
FF SearchPlugin: C: Users Eric AppData Roaming Mozilla Firefox Profiles dnln6rwd.default searchplugins Yahoo powered search.xml [2020-05-11]
Plugin FF: @ java.com / DTPlugin, version = 11.251.2 -> C: Program Files Java jre1.8.0_251 bin dtplugin npDeployJava1.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF: @ java.com / JavaPlugin, version = 11.251.2 -> C: Program Files Java jre1.8.0_251 bin plugin2 npjp2.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF: @ microsoft.com / GENUINE -> désactivé [No File]
FF Plugin-x32: @ microsoft.com / GENUINE -> désactivé [No File]
Chrome:
=======
Profil CHR: C: Users Eric AppData Local Google Chrome User Data Default [2020-05-11]
Notifications CHR: Par défaut -> hxxps: //play.pokemonshowdown.com; hxxps: //www.facebook.com; hxxps: //www.rabb.it; hxxps: //www.twitch.tv; hxxps: //www.youtube.com
CHR HomePage: Par défaut -> hxxps: //us.search.yahoo.com/yhs/web hspart = & OMR hsimp = YHS-001 & type = 863152190 & param1 = y6bdVFVIsvuYsgEClQfz8KTL4HLBF1wBOkVfCJhNXY7GpZ9gA4TzjU20% 2B6Ll2pqWQ1FYFWZKveC% 2BqGgReLPKLsj% 2BcbF1vkG% 2BkY7oy5hfv3m8cwR32utrecEBuV3aT3Xzih80AoH0LbPgEsVazXoyUkK1% 2BFzLfjImFUq5IT3gwlBd5bQCrIkZh0FhqY617yDwjN4JCOnh4DcKIeWbO8b58loVWTt3YLdVMLNdy4ueARDmAgMsuCP8aFP4iGYfMVk6moqwrsSqQXFVUxBLIqg% 2F2% 2BnjKcUltJDa7HcC1yaNw88% 3D
CHR StartupUrls: Par défaut ->? "Hxxps: //www.google.com/", "hxxps: //us.search.yahoo.com/yhs/web hspart = & OMR hsimp = YHS-001 & type = 863152190 & param1 = y6bdVFVIsvuYsgEClQfz8KTL4HLBF1wBOkVfCJhNXY7GpZ9gA4TzjU20% 2B6Ll2pqWNPCfuIXzPSGzwGX% 2B5vJi% 2B% 2Fb4EFpoTu% 2BaR22PaorcQojc3D2r2yNIAzqSH% 2BGqzeT% 2B% 2BMPORGKwmkOLHWkAPVs6oOJe5RnNHgXbd99% 2FcuKC% 2FPXcRFRW8bU% 2FxKPQO7cOgdXzJs8bQCMUaXJA4oubmyh3E3SI4eLjEdcST9YdFJt2PrPKNwnQM% 2B1EipVYA17LdeUbAVU1u5Pp6Q% 2BLxlNQN0z% 2BEs2x5hLDfAlBI2XbehFngHs% 3D »
CHR DefaultSearchURL: Default -> hxxps: //www.bing.com/search? Q = searchTerms & PC = U316 & FORM = CHROMN
CHR DefaultSearchKeyword: Par défaut -> bing.com
CHR DefaultNewTabURL: Par défaut -> hxxps: //www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Par défaut -> hxxps: //www.bing.com/osjson.aspx? Query = searchTerms & language = language & PC = U316
Extension CHR: (diapositives) – C: Users Eric AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
Extension CHR: (Docs) – C: Users Eric AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2017-10-12]
Extension CHR: (Google Drive) – C: Users Eric AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2017-07-13]
Extension CHR: (YouTube) – C: Users Eric AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-13]
Extension CHR: (Watch2Gether) – C: Users Eric AppData Local Google Chrome User Data Default Extensions cimpffimgeipdhnhjohpbehjkcdpjolg [2020-04-24]
Extension CHR: (Sheets) – C: Users Eric AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
Extension CHR: (Google Docs hors ligne) – C: Users Eric AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
Extension CHR: (partage d'écran Discord) – C: Users Eric AppData Local Google Chrome User Data Default Extensions lcbhdgefieegnkbopmgklhlpjjdgmbog [2017-11-14]
Extension CHR: (Paiements Chrome Web Store) – C: Users Eric AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
Extension CHR: (Gmail) – C: Users Eric AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
Extension CHR: (Chrome Media Router) – C: Users Eric AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]
==================== Services (liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
R2 AlphacomAccentpolyN; C: Program Files (x86) AlphacomAccentpolyN AlphacomAccentpolyN.exe [2026088 2020-05-02] ((HuskyCahya -> LevelInc Ltd) [File not signed]) [File is in use ]
R2 AMD External Events Utility; C: Windows system32 atiesrxx.exe [236544 2012-06-07] (Éditeur de compatibilité matérielle Microsoft Windows -> AMD)
R2 EpsonCustomerResearchParticipation; C: Program Files EPSON EpsonCustomerResearchParticipation EPCP.exe [677880 2017-04-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C: Windows system32 EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C: Program Files Fichiers communs EPSON EPW! 3 SSRP E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 hpqcaslwmiex; C: Program Files (x86) HP Shared hpqwmiex.exe [1031704 2016-06-03] (Société Hewlett-Packard -> HP)
R2 HPSupportSolutionsFrameworkService; C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 MBAMService; C: Program Files Malwarebytes Anti-Malware MBAMService.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c: Program Files Microsoft Security Client MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c: Program Files Microsoft Security Client NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C: Program Files Windows Defender mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C: Windows system32 WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (sur liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
R3 amdkmdag; C: Windows System32 DRIVERS atikmdag.sys [11172864 2012-06-07] (Éditeur de compatibilité matérielle Microsoft Windows -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C: Windows System32 DRIVERS atikmpag.sys [339456 2012-06-07] (Éditeur de compatibilité matérielle Microsoft Windows -> Advanced Micro Devices, Inc.)
R0 AtiPcie; C: Windows System32 DRIVERS AtiPcie.sys [16440 2009-05-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R1 ESProtectionDriver; C: Windows system32 drivers mbae64.sys [153312 2020-04-17] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C: Windows System32 Drivers MbamChameleon.sys [214496 2020-05-10] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C: Windows System32 DRIVERS farflt.sys [195432 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C: Windows system32 DRIVERS mbam.sys [73368 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C: Windows System32 Drivers mbamswissarmy.sys [248968 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C: Windows System32 DRIVERS mwac.sys [112752 2020-05-11] (Malwarebytes Inc -> Malwarebytes)
R0 MpFilter; C: Windows System32 DRIVERS MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 netr28x; C: Windows System32 DRIVERS netr28x.sys [2473616 2014-12-10] (MEDIATEK INC. -> MediaTek Inc.)
R3 NisDrv; C: Windows System32 DRIVERS NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 usbfilter; C: Windows System32 DRIVERS usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
==================== NetSvcs (liste blanche) ====================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
==================== Un mois (créé) ===================
(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)
2020-05-11 16:50 – 2020-05-11 16:51 – 000022444 _____ C: Users Eric Downloads FRST.txt
2020-05-11 16:49 – 2020-05-11 16:50 – 000000000 ____D C: FRST
2020-05-11 16:46 – 2020-05-11 16:47 – 002285568 _____ (Farbar) C: Users Eric Downloads FRST64.exe
2020-05-11 15:17 – 2020-05-11 15:18 – 297211380 _____ C: Users Eric Documents Registry Backup.reg
2020-05-11 14:24 – 2020-05-11 14:24 – 000195432 _____ (Malwarebytes) C: Windows system32 Drivers farflt.sys
2020-05-11 14:24 – 2020-05-11 14:24 – 000112752 _____ (Malwarebytes) C: Windows system32 Drivers mwac.sys
2020-05-11 14:24 – 2020-05-11 14:24 – 000073368 _____ (Malwarebytes) C: Windows system32 Drivers mbam.sys
2020-05-11 14:24 – 2020-05-11 14:24 – 000000000 ____D C: Users Eric AppData LocalLow IGDump
2020-05-11 14:23 – 2020-05-11 14:23 – 000005835 _____ C: Users Eric Documents MBAM 5th log.txt
2020-05-11 11:34 – 2020-05-11 11:34 – 000248968 _____ (Malwarebytes) C: Windows system32 Drivers mbamswissarmy.sys
2020-05-11 02:57 – 2020-05-11 02:57 – 000005672 _____ C: Users Eric Documents MBAM 4th log.txt
2020-05-10 21:08 – 2020-05-10 21:08 – 000005346 _____ C: Users Eric Documents MBAM 3rd log.txt
2020-05-10 21:08 – 2020-05-10 21:08 – 000005346 _____ C: Users Eric Documents MBAM 2nd log.txt
2020-05-10 21:07 – 2020-05-10 21:07 – 000006945 _____ C: Users Eric Documents MBAM 1st log.txt
2020-05-10 20:35 – 2020-05-10 20:35 – 000005516 _____ C: Users Eric Documents MBAM réessayez 1 5102020.txt
2020-05-10 12:42 – 2020-05-10 12:42 – 000251947 _____ C: Users Eric Downloads DanycardMomin.pdf
2020-05-10 12:27 – 2020-05-10 12:27 – 000214496 _____ (Malwarebytes) C: Windows system32 Drivers MbamChameleon.sys
2020-05-10 02:54 – 2020-05-10 02:54 – 001801666 _____ C: Users Eric Downloads DanycardMom.pdf
2020-05-10 02:52 – 2020-05-10 02:52 – 000001054 _____ C: Users Eric Downloads MothersDayCardInstructions.txt
2020-05-09 17:47 – 2020-05-09 17:47 – 003048387 _____ C: Users Eric Downloads Wynntils-1.5.1_638-MC1.12.2.jar
2020-05-09 17:36 – 2020-05-09 17:36 – 004953534 _____ C: Users Eric Downloads forge-1.12.2-14.23.5.2768-installer-win (1) .exe
2020-05-09 17:35 – 2020-05-09 17:35 – 004953534 _____ C: Users Eric Downloads forge-1.12.2-14.23.5.2768-installer-win.exe
2020-05-09 17:35 – 2020-05-09 17:35 – 000000000 ____D C: Program Files (x86) OneMellifluousUpdater
2020-05-09 17:34 – 2020-05-09 17:34 – 000286604 _____ C: Users Eric AppData Roaming tb7_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2020-05-09 17:34 – 2020-05-09 17:34 – 000000000 ____D C: Windows SysWOW64 vd7v
2020-05-09 17:33 – 2020-05-09 17:33 – 000000000 ____D C: ProgramData SProvide
2020-05-09 17:33 – 2020-05-09 17:33 – 000000000 ____D C: Program Files (x86) AlphacomAccentpolyN
2020-05-09 17:32 – 2020-05-09 17:35 – 000000000 ____D C: Program Files (x86) GemingaDirectory
2020-05-09 17:32 – 2020-05-09 17:33 – 000000000 ____D C: Users Eric AppData Roaming SetupReconcile
2020-05-09 17:32 – 2020-05-09 17:32 – 001794048 _____ C: Users Eric Downloads SetupMY.msi
2020-04-25 17:35 – 2020-04-25 17:35 – 000000000 ____D C: Windows system32 Tasks Mozilla
2020-04-23 15:45 – 2020-04-26 12:07 – 000000000 ____D C: Program Files (x86) Mozilla Firefox
2020-04-15 15:46 – 2020-04-15 18:20 – 000157413 _____ C: Users Eric .babel.7.8.4.production.json
==================== Un mois (modifié) ==================
(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)
2020-05-11 16:42 – 2017-07-01 20:42 – 000000000 ____D C: Users Eric Documents MCC_Stuff
2020-05-11 16:33 – 2018-10-07 14:33 – 000000911 _____ C: Windows Tasks EPSON WF-3640 Series Update 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job
2020-05-11 16:33 – 2018-10-07 14:33 – 000000725 _____ C: Windows Tasks EPSON WF-3640 Series Invitation 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job
2020-05-11 16:27 – 01-07-2017 23:24 – 000000000 ____D C: Users Eric Documents Minecraft Stuff
2020-05-11 15:47 – 2009-07-14 01:13 – 000781790 _____ C: Windows system32 PerfStringBackup.INI
2020-05-11 15:47 – 2009-07-13 23:20 – 000000000 ____D C: Windows inf
2020-05-11 14:49 – 2009-07-14 00:45 – 000022064 ____H C: Windows system32 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-11 14:49 – 2009-07-14 00:45 – 000022064 ____H C: Windows system32 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-11 14:24 – 2017-07-14 20:56 – 000000000 ____D C: Program Files (x86) Steam
2020-05-11 14:23 – 2009-07-14 01:08 – 000000006 ____H C: Windows Tasks SA.DAT
2020-05-11 14:00 – 2017-07-03 17:22 – 000000000 ____D C: Users Eric AppData Roaming .minecraft
2020-05-10 16:05 – 2017-06-27 17:19 – 000000000 ____D C: Users Eric AppData LocalLow Mozilla
2020-05-07 22:48 – 2017-07-13 01:26 – 000002224 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Google Chrome.lnk
2020-05-07 22:48 – 2017-07-13 01:26 – 000002183 _____ C: Users Public Desktop Google Chrome.lnk
2020-05-07 22:48 – 2017-07-13 01:26 – 000002183 _____ C: ProgramData Desktop Google Chrome.lnk
2020-05-07 17:30 – 2017-06-27 17:46 – 000003180 _____ C: Windows system32 Tasks HPCeeScheduleForEric
2020-05-07 17:30 – 2017-06-27 17:46 – 000000328 _____ C: Windows Tasks HPCeeScheduleForEric.job
2020-05-05 13:24 – 2018-08-17 16:24 – 000000000 ____D C: Users Eric Documents SNHU stuff
2020-04-30 23:16 – 01-07-2017 20:48 – 000000000 ____D C: Users Eric Documents Only_Poetry
2020-04-28 03:16 – 2019-05-01 00:39 – 000000000 ____D C: Users Eric Documents Alpha
2020-04-26 12:07 – 2017-06-27 17:18 – 000000000 ____D C: Program Files (x86) Mozilla Maintenance Service
2020-04-23 13:06 – 2019-12-20 17:18 – 000000000 ____D C: Users Eric Documents Terrariastuff
2020-04-19 10:54 – 2017-11-10 17:53 – 000000000 ____D C: Users Eric AppData Local Adobe
2020-04-19 10:53 – 2017-11-10 17:54 – 000842296 _____ (Adobe) C: Windows SysWOW64 FlashPlayerApp.exe
2020-04-19 10:53 – 2017-11-10 17:54 – 000175160 _____ (Adobe) C: Windows SysWOW64 FlashPlayerCPLApp.cpl
2020-04-19 10:53 – 2017-11-10 17:54 – 000004470 _____ C: Windows system32 Tasks Adobe Flash Player PPAPI Notifier
2020-04-19 10:53 – 2017-11-10 17:54 – 000004324 _____ C: Windows system32 Tasks Adobe Flash Player Updater
2020-04-19 10:53 – 2017-11-10 17:54 – 000000000 ____D C: Windows SysWOW64 Macromed
2020-04-19 10:53 – 2017-11-10 17:54 – 000000000 ____D C: Windows system32 Macromed
2020-04-17 20:18 – 2019-07-03 13:14 – 000153312 _____ (Malwarebytes) C: Windows system32 Drivers mbae64.sys
2020-04-15 18:20 – 2019-08-05 23:17 – 000000000 ____D C: Users Eric AppData Roaming Kast
2020-04-15 15:46 – 2019-08-05 23:17 – 000002241 _____ C: Users Eric Desktop Kast.lnk
2020-04-15 15:46 – 2017-06-27 15:46 – 000000000 ____D C: Users Eric
2020-04-14 16:53 – 2017-07-03 01:01 – 000000000 ____D C: ProgramData Microsoft Windows Start Menu Programs Java
2020-04-14 16:53 – 2017-07-03 01:00 – 000000000 ____D C: Program Files Java
2020-04-14 16:52 – 2017-07-03 01:01 – 000129192 _____ (Oracle Corporation) C: Windows system32 WindowsAccessBridge-64.dll
==================== Fichiers à la racine de certains répertoires ========
2020-05-09 17:34 – 2020-05-09 17:34 – 000286604 _____ () C: Users Eric AppData Roaming tb7_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-05-10 22:22 – 2018-05-10 22:22 – 000013312 _____ () C: Users Eric AppData Local DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-02 00:41 – 2017-07-02 00:41 – 000007597 _____ () C: Users Eric AppData Local Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correctif automatique pour les fichiers qui ne passent pas la vérification.)
LastRegBack: 2020-05-07 03:27
Résultat d'analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 11-05-2020
Ran par Eric (11-05-2020 16:52:06)
Exécution à partir de C: Users Eric Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2017-06-27 19:46:56)
Mode de démarrage: Normal
================================================== ========
==================== Comptes: ============================ =
Administrateur (S-1-5-21-3312487288-1977858865-3294966506-500 – Administrateur – désactivé)
Eric (S-1-5-21-3312487288-1977858865-3294966506-1000 – Administrateur – Activé) => C: Users Eric
Invité (S-1-5-21-3312487288-1977858865-3294966506-501 – limité – désactivé)
Groupe résidentielUtilisateur $ (S-1-5-21-3312487288-1977858865-3294966506-1002 – limité – activé)
==================== Security Center ========================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée.)
AV: Microsoft Security Essentials (activé – à jour) 71A27EC9-3DA6-45FC-60A7-004F623C6189
AS: Microsoft Security Essentials (activé – à jour) CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34
AS: Windows Defender (désactivé – à jour) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
==================== Programmes installés ======================
(Seuls les programmes publicitaires avec le drapeau "Caché" peuvent être ajoutés à la liste de correctifs pour les afficher. Les programmes publicitaires doivent être désinstallés manuellement.)
Adobe Flash Player 32 PPAPI (HKLM-x32 … Adobe Flash Player PPAPI) (Version: 32.0.0.363 – Adobe)
Gestionnaire d'installation ATI Catalyst (HKLM … BCC01139-903A-6FC7-3358-85B0AE332601) (Version: 3.0.829.0 – ATI Technologies, Inc.)
Discord (HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Discord) (Version: 0.0.306 – Discord Inc.)
EPSON Connect version 1.0 (HKLM-x32 … EPSON Connect_is1) (Version: 1.0 – Epson America Inc.)
Participation à la recherche client Epson (HKLM … B26449A6-6007-4460-B4FE-C4776115BCEA) (Version: 1.82.0000 – Seiko Epson Corporation)
Epson Event Manager (HKLM-x32 … 9F205E94-9E42-4486-A92A-DF3F6CB85444) (Version: 3.10.0061 – Seiko Epson Corporation)
Utilitaire Epson FAX (HKLM-x32 … 0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A) (Version: 3.02.00 – Seiko Epson Corporation)
Pilote Epson PC-FAX (Pilote HKLM-x32 … EPSON PC-FAX 2) (Version: – Seiko Epson Corporation)
EPSON Scan (HKLM-x32 … EPSON Scanner) (Version: – Seiko Epson Corporation)
Programme de mise à jour du logiciel Epson (HKLM-x32 … 0854CD22-DF5E-4587-B977-6FC9DB57B63D) (Version: 4.5.0 – Seiko Epson Corporation)
Désinstallation de l'imprimante EPSON WF-3640 Series (HKLM … EPSON WF-3640 Series) (Version: – SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32 … 3E31400D-274E-4647-916C-2CACC3741799) (Version: 2.6.0 – SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32 … Google Chrome) (Version: 81.0.4044.138 – Google LLC)
Aide à la mise à jour Google (HKLM-x32 … 60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Masqué
Assistant de support HP (HKLM-x32 … 05F81C27-62A5-4A0C-8519-60CB66CF87C6) (Version: 8.8.24.33 – HP Inc.)
HP Support Solutions Framework (HKLM-x32…183BD477-774B-4700-B40B-EE43886E74D2) (Version: 12.15.14.3 – HP Inc.)
HP Touchpoint Analytics Client (HKLM…E5FB98E0-0784-44F0-8CEC-95CD4690C43F) (Version: 4.0.2.1439 – HP Inc.)
Java 8 Update 251 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180251F0) (Version: 8.0.2510.8 – Oracle Corporation)
Kast 2.8.1 (HKUS-1-5-21-3312487288-1977858865-3294966506-1000…d06bcc57-f338-548b-9321-2ecf1ddd47ff) (Version: 2.8.1 – Evasyst, Inc.)
Malwarebytes version 4.1.0.56 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.1.0.56 – Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.8.03761 – Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32…91120000-00CA-0000-0000-0000000FF1CE_SMALLBUSINESSR_6E107EB7-8B55-48BF-ACCB-199F86A2CD93) (Version: – Microsoft)
Microsoft Office Small Business 2007 (HKLM-x32…SMALLBUSINESSR) (Version: 12.0.6612.1000 – Microsoft Corporation)
Microsoft Security Essentials (HKLM…Microsoft Security Client) (Version: 4.10.209.0 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…