Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Exécuté par Chantal (administrateur) sur CHANTAL-PC (ASUSTeK Computer Inc. K54L) (07-12-2021 10:07:46)
Exécuté depuis C:\Users\Chantal\Desktop
Profils chargés: Chantal
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1348 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Users\Chantal\AppData\Local\Programs\Opera\81.0.4196.60\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\Chantal\AppData\Local\Programs\Opera\opera.exe <16>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-01-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] () [Fichier non signé]
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\...\Run: [Opera Browser Assistant] => C:\Users\Chantal\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-18] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\...\Run: [MicrosoftEdgeAutoLaunch_4796770476E5E28F5B54BE5ED6E4C9E1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2011-01-10] (ASUSTeK Computer Inc. -> ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-04-13]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2014-08-11]
ShortcutTarget: Microsoft Office.lnk -> C:\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0FC4CD42-16D4-4674-8813-64AB7DE9C17F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1545856 2011-08-31] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {1151D707-9C62-4FF0-A0F8-294432FECC77} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [977024 2011-03-07] (ASUSTeK Computer Inc. -> ASUS)
Task: {16C686BB-011A-4C44-8941-40D2CC2D982F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {19A1D2BC-E1BD-4DD2-B1C6-9B5C985BB861} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {1F11E86F-C01A-443D-806D-AB466BCAF81D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {5255B95F-3C0C-47E5-B8A3-6CAFA9781642} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F5C2D3B-8508-47B2-8E73-BB01BC562E2B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {631BDDA7-2E7B-4E4A-AA01-23B4B62B4567} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
Task: {667DF005-A9C5-4749-8112-45DED258F3AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78823C90-9A38-4B3A-A476-4FD59D7C0A70} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7A856BD7-6CE1-4379-827F-5A06B2328968} - System32\Tasks\{67F50CA2-9039-4D4F-B68F-53AD0A703E76} => C:\double solitaire\Double Solitaire.exe [479232 1999-08-31] (Christopher D Lawson) [Fichier non signé]
Task: {7CE3F3E0-3E4E-47D1-9EDA-BC6D0E9CE54C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {954524F3-F690-4B20-9A0A-85B4F261171B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99ADB0CA-672E-4FEC-86C4-E8DC868BFA5F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {C4DEC2B1-1AA8-4A6E-BA90-3C05072FCE25} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C4FA36D8-BC71-4554-BECF-1E80C1B29891} - System32\Tasks\Opera scheduled Autoupdate 1561734253 => C:\Users\Chantal\AppData\Local\Programs\Opera\launcher.exe [2265296 2021-11-23] (Opera Software AS -> Opera Software)
Task: {D02FCF48-91BA-424B-89AD-30C91DFD2D45} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D591A4DB-9E50-4668-9CFD-313D0FDF014B} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [82944 2011-05-30] (ASUS) [Fichier non signé]
Task: {DC66916D-E8B5-42B9-A543-03BAABD4ED83} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Accès refusé]
Task: {DEFF6973-CDDB-40C5-B766-52F8EEC81326} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-15] (Avast Software s.r.o. -> Avast Software)
Task: {E2C9DB2C-E6DF-4214-9035-617D37295C1D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {EFBC7FDE-91C2-4B6D-987E-D7415E4A8198} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {F1E74402-F571-458B-ABC7-E3F315CB3AB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FDC34CD3-3970-44CF-9B3C-12DE8E84E89D} - System32\Tasks\CCleanerSkipUAC - Chantal => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{ecc3f635-0ed7-4ab2-8383-f46c6954fb02}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{fe9c6223-2284-4f41-b505-d832dae52189}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Chantal\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-07]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation -> Zeon Corporation)
Opera:
=======
OPR Profile: C:\Users\Chantal\AppData\Roaming\Opera Software\Opera Stable [2021-12-07]
OPR Notifications: Opera Stable -> hxxps://nonstoppeople.notification.services; hxxps://www.closermag.fr; hxxps://www.gala.fr; hxxps://www.voici.fr
OPR StartupUrls: Opera Stable -> "hxxp://news.sfr.fr/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Chantal\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-04]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Chantal\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-18]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 MpKsl46d3d4c0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BCDAA809-8A12-48A4-A311-98909697314A}\MpKslDrv.sys [130296 2021-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 10:07 - 2021-12-07 10:09 - 000018124 _____ C:\Users\Chantal\Desktop\FRST.txt
2021-12-07 10:07 - 2021-12-07 10:07 - 000000000 ____D C:\Users\Chantal\Desktop\FRST-OlderVersion
2021-12-07 09:57 - 2021-12-07 09:57 - 000328181 _____ C:\Users\Chantal\Desktop\ZHPDiag.txt
2021-12-06 09:13 - 2021-12-06 10:58 - 000000921 _____ C:\Users\Chantal\Desktop\ZHPCleaner.lnk
2021-12-05 18:04 - 2021-12-05 18:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-12-04 18:31 - 2021-12-04 18:34 - 000039933 _____ C:\Users\Chantal\Downloads\Addition.txt
2021-12-04 18:27 - 2021-12-04 18:34 - 000032326 _____ C:\Users\Chantal\Downloads\FRST.txt
2021-12-04 18:26 - 2021-12-07 10:08 - 000000000 ____D C:\FRST
2021-12-04 18:13 - 2021-12-07 09:57 - 000000000 ____D C:\Users\Chantal\AppData\Roaming\ZHP
2021-12-04 18:13 - 2021-12-06 09:13 - 000000000 ____D C:\Users\Chantal\AppData\Local\ZHP
2021-12-04 18:13 - 2021-12-05 09:57 - 000000917 _____ C:\Users\Chantal\Desktop\ZHPSuite.lnk
2021-12-04 18:11 - 2021-12-04 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-12-04 18:11 - 2021-12-04 18:11 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-12-04 18:09 - 2021-12-04 18:10 - 004707136 _____ (Crystal Dew World ) C:\Users\Chantal\Downloads\CrystalDiskInfo8_11_2.exe
2021-12-04 18:08 - 2021-12-07 10:07 - 002311168 _____ (Farbar) C:\Users\Chantal\Desktop\FRST64.exe
2021-12-04 18:03 - 2021-12-04 18:03 - 003477656 _____ (Nicolas Coolman) C:\Users\Chantal\Downloads\ZHPSuite.exe
2021-11-20 16:07 - 2021-11-20 16:07 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-20 16:07 - 2021-11-20 16:07 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-20 16:06 - 2021-11-20 16:06 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-20 16:06 - 2021-11-20 16:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-20 15:46 - 2021-11-20 15:46 - 000000000 ___HD C:\$WinREAgent
2021-11-20 13:52 - 2021-11-23 20:22 - 000000000 ____D C:\Users\Chantal\AppData\LocalLow\Mozilla
2021-11-20 13:52 - 2021-11-23 20:20 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-20 13:52 - 2021-11-20 13:52 - 000001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-11-20 13:52 - 2021-11-20 13:52 - 000001081 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Users\Chantal\AppData\Roaming\Thunderbird
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Users\Chantal\AppData\Roaming\Mozilla
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Users\Chantal\AppData\Local\Thunderbird
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-11-20 13:51 - 2021-11-20 13:51 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-11-18 13:36 - 2021-11-18 13:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 10:04 - 2020-08-19 12:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-07 09:47 - 2014-08-09 10:32 - 000000000 ____D C:\Users\Chantal\Desktop\Utilitaires
2021-12-07 09:13 - 2017-08-26 09:29 - 000000000 ____D C:\Program Files\CCleaner
2021-12-06 18:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-06 11:22 - 2020-08-19 13:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-06 11:22 - 2020-08-19 12:48 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-06 11:21 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-05 18:04 - 2015-01-07 16:03 - 000000227 _____ C:\WINDOWS\wininit.ini
2021-12-05 17:38 - 2020-08-19 13:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-12-04 18:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-04 10:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-04 10:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-04 10:06 - 2020-08-19 09:05 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-04 10:06 - 2020-08-19 09:05 - 000002318 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-04 10:04 - 2021-03-20 10:00 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1561734253
2021-12-04 10:04 - 2021-03-20 10:00 - 000001459 _____ C:\Users\Chantal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-11-21 11:01 - 2018-10-06 12:57 - 000000000 ____D C:\ProgramData\Packages
2021-11-20 16:35 - 2020-08-19 13:05 - 002004522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-20 16:35 - 2019-12-07 15:49 - 000866554 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-20 16:35 - 2019-12-07 15:49 - 000177868 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-20 16:32 - 2013-04-14 04:21 - 000001386 _____ C:\WINDOWS\system32\ServiceFilter.ini
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-20 16:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-20 16:07 - 2009-07-29 07:03 - 000413754 __RSH C:\bootmgr
2021-11-20 15:46 - 2013-09-03 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-20 15:43 - 2013-04-29 09:48 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-20 13:44 - 2017-08-26 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-20 13:29 - 2021-05-23 10:36 - 000002471 _____ C:\Users\Chantal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-20 13:29 - 2020-08-19 13:23 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2820500366-1899761575-2433297642-1001
2021-11-18 13:34 - 2020-08-19 13:14 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-18 13:34 - 2020-08-19 13:14 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\Chantal\AppData\Local\datos.txt
2013-04-14 09:46 - 2013-04-14 12:46 - 000004608 _____ () C:\Users\Chantal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== FLock ==============================
2017-06-17 13:04 C:\WINDOWS\UpdateAssistant
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Chantal (administrateur) sur CHANTAL-PC (ASUSTeK Computer Inc. K54L) (07-12-2021 10:07:46)
Exécuté depuis C:\Users\Chantal\Desktop
Profils chargés: Chantal
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1348 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Users\Chantal\AppData\Local\Programs\Opera\81.0.4196.60\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\Chantal\AppData\Local\Programs\Opera\opera.exe <16>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-01-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] () [Fichier non signé]
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\...\Run: [Opera Browser Assistant] => C:\Users\Chantal\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-18] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\...\Run: [MicrosoftEdgeAutoLaunch_4796770476E5E28F5B54BE5ED6E4C9E1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2820500366-1899761575-2433297642-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2011-01-10] (ASUSTeK Computer Inc. -> ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-04-13]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2014-08-11]
ShortcutTarget: Microsoft Office.lnk -> C:\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0FC4CD42-16D4-4674-8813-64AB7DE9C17F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1545856 2011-08-31] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {1151D707-9C62-4FF0-A0F8-294432FECC77} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [977024 2011-03-07] (ASUSTeK Computer Inc. -> ASUS)
Task: {16C686BB-011A-4C44-8941-40D2CC2D982F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {19A1D2BC-E1BD-4DD2-B1C6-9B5C985BB861} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {1F11E86F-C01A-443D-806D-AB466BCAF81D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {5255B95F-3C0C-47E5-B8A3-6CAFA9781642} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F5C2D3B-8508-47B2-8E73-BB01BC562E2B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {631BDDA7-2E7B-4E4A-AA01-23B4B62B4567} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
Task: {667DF005-A9C5-4749-8112-45DED258F3AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78823C90-9A38-4B3A-A476-4FD59D7C0A70} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7A856BD7-6CE1-4379-827F-5A06B2328968} - System32\Tasks\{67F50CA2-9039-4D4F-B68F-53AD0A703E76} => C:\double solitaire\Double Solitaire.exe [479232 1999-08-31] (Christopher D Lawson) [Fichier non signé]
Task: {7CE3F3E0-3E4E-47D1-9EDA-BC6D0E9CE54C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {954524F3-F690-4B20-9A0A-85B4F261171B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99ADB0CA-672E-4FEC-86C4-E8DC868BFA5F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {C4DEC2B1-1AA8-4A6E-BA90-3C05072FCE25} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C4FA36D8-BC71-4554-BECF-1E80C1B29891} - System32\Tasks\Opera scheduled Autoupdate 1561734253 => C:\Users\Chantal\AppData\Local\Programs\Opera\launcher.exe [2265296 2021-11-23] (Opera Software AS -> Opera Software)
Task: {D02FCF48-91BA-424B-89AD-30C91DFD2D45} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D591A4DB-9E50-4668-9CFD-313D0FDF014B} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [82944 2011-05-30] (ASUS) [Fichier non signé]
Task: {DC66916D-E8B5-42B9-A543-03BAABD4ED83} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Accès refusé]
Task: {DEFF6973-CDDB-40C5-B766-52F8EEC81326} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-15] (Avast Software s.r.o. -> Avast Software)
Task: {E2C9DB2C-E6DF-4214-9035-617D37295C1D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {EFBC7FDE-91C2-4B6D-987E-D7415E4A8198} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {F1E74402-F571-458B-ABC7-E3F315CB3AB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FDC34CD3-3970-44CF-9B3C-12DE8E84E89D} - System32\Tasks\CCleanerSkipUAC - Chantal => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{ecc3f635-0ed7-4ab2-8383-f46c6954fb02}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{fe9c6223-2284-4f41-b505-d832dae52189}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Chantal\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-07]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension => non trouvé(e)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation -> Zeon Corporation)
Opera:
=======
OPR Profile: C:\Users\Chantal\AppData\Roaming\Opera Software\Opera Stable [2021-12-07]
OPR Notifications: Opera Stable -> hxxps://nonstoppeople.notification.services; hxxps://www.closermag.fr; hxxps://www.gala.fr; hxxps://www.voici.fr
OPR StartupUrls: Opera Stable -> "hxxp://news.sfr.fr/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Chantal\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-04]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Chantal\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-18]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 MpKsl46d3d4c0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BCDAA809-8A12-48A4-A311-98909697314A}\MpKslDrv.sys [130296 2021-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 10:07 - 2021-12-07 10:09 - 000018124 _____ C:\Users\Chantal\Desktop\FRST.txt
2021-12-07 10:07 - 2021-12-07 10:07 - 000000000 ____D C:\Users\Chantal\Desktop\FRST-OlderVersion
2021-12-07 09:57 - 2021-12-07 09:57 - 000328181 _____ C:\Users\Chantal\Desktop\ZHPDiag.txt
2021-12-06 09:13 - 2021-12-06 10:58 - 000000921 _____ C:\Users\Chantal\Desktop\ZHPCleaner.lnk
2021-12-05 18:04 - 2021-12-05 18:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-12-04 18:31 - 2021-12-04 18:34 - 000039933 _____ C:\Users\Chantal\Downloads\Addition.txt
2021-12-04 18:27 - 2021-12-04 18:34 - 000032326 _____ C:\Users\Chantal\Downloads\FRST.txt
2021-12-04 18:26 - 2021-12-07 10:08 - 000000000 ____D C:\FRST
2021-12-04 18:13 - 2021-12-07 09:57 - 000000000 ____D C:\Users\Chantal\AppData\Roaming\ZHP
2021-12-04 18:13 - 2021-12-06 09:13 - 000000000 ____D C:\Users\Chantal\AppData\Local\ZHP
2021-12-04 18:13 - 2021-12-05 09:57 - 000000917 _____ C:\Users\Chantal\Desktop\ZHPSuite.lnk
2021-12-04 18:11 - 2021-12-04 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-12-04 18:11 - 2021-12-04 18:11 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-12-04 18:09 - 2021-12-04 18:10 - 004707136 _____ (Crystal Dew World ) C:\Users\Chantal\Downloads\CrystalDiskInfo8_11_2.exe
2021-12-04 18:08 - 2021-12-07 10:07 - 002311168 _____ (Farbar) C:\Users\Chantal\Desktop\FRST64.exe
2021-12-04 18:03 - 2021-12-04 18:03 - 003477656 _____ (Nicolas Coolman) C:\Users\Chantal\Downloads\ZHPSuite.exe
2021-11-20 16:07 - 2021-11-20 16:07 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-20 16:07 - 2021-11-20 16:07 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-20 16:06 - 2021-11-20 16:06 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-20 16:06 - 2021-11-20 16:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-20 15:46 - 2021-11-20 15:46 - 000000000 ___HD C:\$WinREAgent
2021-11-20 13:52 - 2021-11-23 20:22 - 000000000 ____D C:\Users\Chantal\AppData\LocalLow\Mozilla
2021-11-20 13:52 - 2021-11-23 20:20 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-20 13:52 - 2021-11-20 13:52 - 000001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-11-20 13:52 - 2021-11-20 13:52 - 000001081 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Users\Chantal\AppData\Roaming\Thunderbird
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Users\Chantal\AppData\Roaming\Mozilla
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Users\Chantal\AppData\Local\Thunderbird
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-20 13:52 - 2021-11-20 13:52 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2021-11-20 13:51 - 2021-11-20 13:51 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-11-18 13:36 - 2021-11-18 13:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-07 10:04 - 2020-08-19 12:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-07 09:47 - 2014-08-09 10:32 - 000000000 ____D C:\Users\Chantal\Desktop\Utilitaires
2021-12-07 09:13 - 2017-08-26 09:29 - 000000000 ____D C:\Program Files\CCleaner
2021-12-06 18:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-06 11:22 - 2020-08-19 13:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-06 11:22 - 2020-08-19 12:48 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-06 11:21 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-05 18:04 - 2015-01-07 16:03 - 000000227 _____ C:\WINDOWS\wininit.ini
2021-12-05 17:38 - 2020-08-19 13:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-12-04 18:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-04 10:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-04 10:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-04 10:06 - 2020-08-19 09:05 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-04 10:06 - 2020-08-19 09:05 - 000002318 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-04 10:04 - 2021-03-20 10:00 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1561734253
2021-12-04 10:04 - 2021-03-20 10:00 - 000001459 _____ C:\Users\Chantal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-11-21 11:01 - 2018-10-06 12:57 - 000000000 ____D C:\ProgramData\Packages
2021-11-20 16:35 - 2020-08-19 13:05 - 002004522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-20 16:35 - 2019-12-07 15:49 - 000866554 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-20 16:35 - 2019-12-07 15:49 - 000177868 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-20 16:32 - 2013-04-14 04:21 - 000001386 _____ C:\WINDOWS\system32\ServiceFilter.ini
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-20 16:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-20 16:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-20 16:07 - 2009-07-29 07:03 - 000413754 __RSH C:\bootmgr
2021-11-20 15:46 - 2013-09-03 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-20 15:43 - 2013-04-29 09:48 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-20 13:44 - 2017-08-26 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-11-20 13:29 - 2021-05-23 10:36 - 000002471 _____ C:\Users\Chantal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-20 13:29 - 2020-08-19 13:23 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2820500366-1899761575-2433297642-1001
2021-11-18 13:34 - 2020-08-19 13:14 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-18 13:34 - 2020-08-19 13:14 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\Chantal\AppData\Local\datos.txt
2013-04-14 09:46 - 2013-04-14 12:46 - 000004608 _____ () C:\Users\Chantal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== FLock ==============================
2017-06-17 13:04 C:\WINDOWS\UpdateAssistant
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================