cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-05-2020
Exécuté par cecile (administrateur) sur DESKTOP-5J75UH8 (ASUSTeK COMPUTER INC. X540LJ) (30-05-2020 14:08:55)
Exécuté depuis C:\Users\cecile\Downloads
Profils chargés: cecile
Platform: Windows 10 Home Version 1909 18363.720 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cecile\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] (ASUS Cloud Corporation -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-20] (Google LLC -> Google LLC)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0B64764F-752C-452E-B07A-823C47AF4A0D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {1BFE48EA-6DAD-4416-99A4-034747434AF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B291E16-801B-4C02-B794-96AFD1F6DAAD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-18] (ASUSTeK Computer Inc. -> AsusTek)
Task: {2D6BC3BA-6D50-46D4-A2BC-06091F2273B3} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {39CD21EB-35CB-4512-AA79-269F27FC6E2F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4086980F-DA95-4EF8-B16F-6D0AD25EA46B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {40C16C89-5B22-4B8C-9C81-473B802B8152} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {414540BC-F51C-48B8-8450-7A50C21B5CBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-30] (Google LLC -> Google LLC)
Task: {4A902D51-F670-45A5-8CE8-1B17F2A178E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5132F68D-8226-4087-A579-5A475740CA05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5365D1B5-E050-4D5E-B386-8A29115A0649} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [481128 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {56676CA2-4340-4146-9960-1AAC07BC7E79} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {62A28B00-9CEE-4F3B-9322-F0A3C1177B7B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1616160 2016-01-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {72E14D79-6B0A-44DB-B0D7-FA6A76EFBC91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {751032FB-518B-42B1-84EC-DAFF4695A73D} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [514408 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A0FE319D-DAFE-4C1C-8256-0222416CE0F3} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {A1FA427D-8AA1-4812-A476-128C1A04F92E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391104 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {ABB1147B-CF8E-41CC-928C-FE7AB51A02EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-30] (Google LLC -> Google LLC)
Task: {B2CB21DB-BF9E-4392-8519-E68CC5D9EA45} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B428AFEC-902D-4472-A5CE-649E2EE47438} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B7B13D44-FFD0-4F0C-A791-3EB79ADA658B} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {C9B39C8C-6C69-4835-858F-F3AD91B71F3C} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1353776 2019-12-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {F35B0551-3580-4740-9535-5266DF8B45FA} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F807455D-15A5-4D17-9BAC-A518676A6DD8} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2015-12-02] (ASUS) [Fichier non signé]

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3cb2c5cf-d1c9-4f93-a0d2-e3245e3f1bfa}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1402812104-3907612393-950872263-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-1402812104-3907612393-950872263-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-13] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] (WildTangent Inc -> )

Chrome:
=======
CHR Profile: C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default [2020-05-30]
CHR Extension: (Slides) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-30]
CHR Extension: (Docs) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-30]
CHR Extension: (Google Drive) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-30]
CHR Extension: (YouTube) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-30]
CHR Extension: (Sheets) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-30]
CHR Extension: (Google Docs hors connexion) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-30]
CHR Extension: (Gmail) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-30]
CHR Extension: (Chrome Media Router) - C:\Users\cecile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-21]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [121560 2015-07-20] (Realtek Semiconductor Corp -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-12-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel(R) Software -> Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent Inc -> WildTangent)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806344 2018-11-01] (ICEpower a/s -> ICEpower)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [767472 2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] (Microsoft Windows -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [140032 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-15] (Microsoft Corporation) [Fichier non signé]
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel(R) Software -> Intel Corporation)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-12-10] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 iaLPSS_I2C; C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys [132360 2015-06-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 iaLPSS_SPI; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-03] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel(R) Software -> Intel Corporation)
R1 MpKsld0779027; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{95A24271-1507-4B4F-8B75-B95F080B1A26}\MpKsld0779027.sys [43232 2020-05-29] (Microsoft Windows -> Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [17213616 2018-10-15] (NVIDIA Corporation -> NVIDIA Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-05-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ===================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-05-30 14:08 - 2020-05-30 14:10 - 000025996 _____ C:\Users\cecile\Downloads\FRST.txt
2020-05-30 14:08 - 2020-05-30 14:09 - 000000000 ____D C:\FRST
2020-05-30 14:05 - 2020-05-30 14:05 - 002289152 _____ (Farbar) C:\Users\cecile\Downloads\FRST64.exe
2020-05-29 23:27 - 2020-05-29 23:27 - 000180461 _____ C:\Users\cecile\Downloads\Unidialog_3781106 (5).pdf
2020-05-29 20:23 - 2020-05-29 20:23 - 000261965 _____ C:\Users\cecile\Desktop\ZHPDiag.txt
2020-05-29 20:09 - 2020-05-29 20:23 - 000000000 ____D C:\Users\cecile\AppData\Roaming\ZHP
2020-05-29 20:09 - 2020-05-29 20:09 - 000000868 _____ C:\Users\cecile\Desktop\ZHPSuite.lnk
2020-05-29 20:09 - 2020-05-29 20:09 - 000000000 ____D C:\Users\cecile\AppData\Local\ZHP
2020-05-29 20:06 - 2020-05-29 20:06 - 003438464 _____ (Nicolas Coolman) C:\Users\cecile\Downloads\ZHPSuite.exe
2020-05-29 20:06 - 2020-05-29 20:06 - 000000000 ____D C:\Users\cecile\AppData\Local\D3DSCache
2020-05-29 19:51 - 2020-05-29 19:51 - 000178775 _____ C:\Users\cecile\Downloads\CV Gomis Martine.pdf
2020-05-29 18:51 - 2020-05-29 18:51 - 000000000 ____D C:\Program Files\UNP
2020-05-22 21:41 - 2020-05-22 21:41 - 000212238 _____ C:\Users\cecile\Documents\Temporis Consulting -aide comptable.pdf
2020-05-22 21:38 - 2020-05-22 21:38 - 000183633 _____ C:\Users\cecile\Documents\ITGA aide comptable.pdf
2020-05-22 21:37 - 2020-05-22 21:37 - 001204193 _____ C:\Users\cecile\Documents\aber propreté- aide comptable.pdf
2020-05-22 19:10 - 2020-05-22 19:10 - 000236500 _____ C:\Users\cecile\Documents\RBT CARTE MAMAN.pdf
2020-05-20 15:36 - 2020-05-20 15:36 - 000000000 _____ C:\Users\cecile\Downloads\ue-en-foad-.pdf
2020-05-20 15:17 - 2020-05-20 15:17 - 000470393 _____ C:\Users\cecile\Downloads\Tarifs individuels CCP 2019-2020.pdf
2020-05-20 14:11 - 2020-05-20 14:11 - 002620107 _____ C:\Users\cecile\Downloads\mesure vet.pdf
2020-05-13 20:59 - 2020-05-13 20:59 - 000005078 _____ C:\Users\cecile\Downloads\RLV_20134010473_010120_310120.pdf
2020-05-13 20:50 - 2020-03-17 05:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-05-13 20:50 - 2020-03-17 05:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-05-13 20:02 - 2020-05-13 20:02 - 002202153 _____ C:\Users\cecile\Downloads\AVO.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-05-30 14:08 - 2019-12-20 23:07 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-30 14:05 - 2019-12-20 23:12 - 000794662 _____ C:\WINDOWS\system32\perfh00C.dat
2020-05-30 14:05 - 2019-12-20 23:12 - 000150678 _____ C:\WINDOWS\system32\perfc00C.dat
2020-05-30 14:05 - 2019-12-20 23:04 - 000000000 ____D C:\WINDOWS\INF
2020-05-30 14:05 - 2016-03-24 13:50 - 001771410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-30 14:00 - 2019-12-21 01:02 - 000000184 _____ C:\Users\cecile\AppData\Roaming\sp_data.sys
2020-05-30 00:38 - 2019-12-20 23:43 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-05-30 00:38 - 2017-10-27 23:42 - 000000000 __SHD C:\Users\cecile\IntelGraphicsProfiles
2020-05-30 00:37 - 2019-12-21 01:01 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2020-05-30 00:37 - 2019-12-21 00:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-30 00:37 - 2019-12-20 23:42 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-30 00:37 - 2019-12-20 23:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-30 00:36 - 2019-12-21 00:08 - 000000000 ____D C:\Users\cecile
2020-05-29 22:31 - 2019-12-20 22:56 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-29 22:22 - 2019-12-20 23:07 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-29 22:22 - 2019-12-20 23:07 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-29 22:21 - 2019-12-21 01:01 - 000000000 ____D C:\Users\cecile\AppData\Local\Packages
2020-05-29 19:14 - 2019-12-21 01:16 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1402812104-3907612393-950872263-1001
2020-05-29 19:14 - 2019-12-21 00:08 - 000002406 _____ C:\Users\cecile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-29 19:14 - 2017-10-27 23:47 - 000000000 ___RD C:\Users\cecile\OneDrive
2020-05-22 20:26 - 2016-03-24 14:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-05-20 13:39 - 2019-12-30 16:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-20 13:39 - 2019-12-30 16:44 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-14 14:28 - 2020-03-22 00:54 - 000000000 ____D C:\Users\cecile\AppData\Local\ElevatedDiagnostics
2020-05-13 21:17 - 2019-12-20 22:51 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-13 21:16 - 2019-12-20 23:42 - 000000000 ____D C:\ProgramData\Realtek
2020-05-13 21:13 - 2020-03-02 13:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-13 21:09 - 2020-03-02 13:22 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-09 13:53 - 2019-12-21 00:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Fichiers à la racine de certains dossiers ========

2019-12-21 01:02 - 2020-05-30 14:00 - 000000184 _____ () C:\Users\cecile\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité