Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020 Exécuté par tgril (administrateur) sur LAPTOP-DB3DIJAJ (ASUSTeK COMPUTER INC. ZenBook UX333FA_UX333FA) (24-12-2020 14:25:19) Exécuté depuis C:\Users\tgril\Desktop Profils chargés: tgril Platform: Windows 10 Home Version 1903 18362.1016 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files\Rainlendar2\Rainlendar2.exe (Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe (Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe (ASUSTek Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSOptimization\ASUSOptimization.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSSystemAnalysis\AsusSystemAnalysis.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsMonStartupTask64.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\ATKOSD2.exe (ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.12.0_x86__qmba6cd70vzyy\ATK Package\HControl.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt\IGCC.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxext.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHeciSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7fd3c1076ca83746\Intel_PIE_Service.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2> (McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_1\mcapexe.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\McCSPServiceHost.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Users\tgril\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\commsapps.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12007.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20032.12611.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_671193155b40a7dd\AsusPTPService.exe (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\upfc.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Xooloo) [Fichier non signé] C:\Program Files\Digital Coach\familyagent.exe (Xooloo) [Fichier non signé] C:\Program Files\Digital Coach\familysrv.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKU\S-1-5-21-75917854-1390245204-3623850880-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [3043328 2018-05-25] () [Fichier non signé] HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MX510 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB2.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX510 series: C:\Windows\system32\CNCALB2.DLL [302592 2011-09-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX510 series: C:\Windows\system32\CNMLMB2.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2147072 2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.125\Installer\chrmstp.exe [2020-08-14] (Google LLC -> Google LLC) Startup: C:\Users\tgril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-05-16] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" a été déverrouillé. <==== ATTENTION Task: {14D43FAA-81B9-4131-B41C-B63AFD045AB6} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. -> McAfee, LLC.) Task: {37E4266A-B3B7-4354-A105-7D2E828E2E71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {39712E99-7339-4E48-B3FF-81F8CEB29AD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {488B1C43-D3E7-4C9C-A552-B571C6184D9F} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761424 2020-02-05] (McAfee, LLC. -> McAfee, LLC.) Task: {4C8B5B02-92B9-454A-ABCC-AAE686DA4786} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSSystemAnalysis\AsusSystemAnalysis.exe [1458088 2020-01-16] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) Task: {506C2189-2010-4852-8BB4-4D961FF52FEC} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072312 2020-02-04] (McAfee, LLC. -> McAfee, LLC.) Task: {69088021-92AB-4845-8D3F-36819AD4C4D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7B390A3B-302C-4D7B-A0D6-6B7EA16B61A2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-14] (Microsoft Corporation -> Microsoft Corporation) Task: {863AAE77-2268-4BD3-AF2F-340F73B3739D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC) Task: {9E6BD31A-77BD-4808-9546-5307F9C239B2} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [956704 2019-12-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {B12F5492-267F-4C9B-B00D-EDB236306EB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C0DBF7CB-CF4A-4059-8A29-039E36F48DFD} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.153\DADUpdater.exe [4194704 2020-07-22] (McAfee, Inc. -> McAfee, LLC) Task: {C92A1A58-7AD4-4448-9F43-8C626CC5E6CD} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHotkeyExec64.exe [176064 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {CB0B9534-C261-475B-BDF5-3C26C16793CB} - System32\Tasks\Update Checker => C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSLiveUpdateAgent\UpdateChecker.exe [182184 2020-01-16] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {D1286309-736D-421A-B850-2E424F7FC106} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-14] (Microsoft Corporation -> Microsoft Corporation) Task: {D88168F2-E8BC-4DCD-8541-C8F0AD428283} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4592776 2020-05-15] (McAfee, LLC -> McAfee, LLC) Task: {D90B3035-DADD-4CAA-8CE0-C63D35653EDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819128 2020-07-27] (Microsoft Corporation -> Microsoft Corporation) Task: {DF583BD3-5C1A-4753-8331-7FB9E4E3074F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819128 2020-07-27] (Microsoft Corporation -> Microsoft Corporation) Task: {F32FDD5C-0D37-4489-88A6-5E153FB3C789} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [609592 2018-07-10] (ASUSTek Computer Inc. -> ) Task: {F5BBB9B9-340D-4BFE-888B-844B99075423} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [S-1-5-21-75917854-1390245204-3623850880-1001] => Proxy est activé. ProxyServer: [S-1-5-21-75917854-1390245204-3623850880-1001] => http=127.0.0.1:4040;https=127.0.0.1:4040 Tcpip\Parameters: [DhcpNameServer] 109.0.66.10 109.0.66.20 Tcpip\..\Interfaces\{52efedf6-ed14-43a1-af69-27998c3648cf}: [DhcpNameServer] 109.0.66.10 109.0.66.20 Tcpip\..\Interfaces\{c39271b3-0d39-4d14-8dfa-eae71ef80476}: [DhcpNameServer] 10.66.128.1 ManualProxies: 1http=127.0.0.1:4040;https=127.0.0.1:4040 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\tgril\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-19] FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-08-14] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json] FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-02-05] (McAfee, LLC. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-02-05] (McAfee, LLC. -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-75917854-1390245204-3623850880-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-75917854-1390245204-3623850880-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-75917854-1390245204-3623850880-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\tgril\AppData\Local\Google\Chrome\User Data\Default [2020-08-19] CHR Profile: C:\Users\tgril\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-13] CHR Profile: C:\Users\tgril\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-13] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AsHidService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe [173504 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) R2 ASLDRService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe [227776 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) R2 ASUSLiveUpdateAgent; C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe [271272 2020-01-16] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSOptimization\ASUSOptimization.exe [203496 2020-01-16] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) R2 AsusPTPService; C:\Windows\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_671193155b40a7dd\AsusPTPService.exe [175512 2019-07-15] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSSystemAnalysis\AsusSystemAnalysis.exe [1458088 2020-01-16] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [518040 2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566528 2020-07-22] (Microsoft Corporation -> Microsoft Corporation) R2 FamilySrv; C:\Program Files\Digital Coach\familysrv.exe [303616 2019-01-04] (Xooloo) [Fichier non signé] R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [949960 2020-08-14] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_1\McApExe.exe [758864 2020-02-05] (McAfee, LLC. -> McAfee, LLC) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [458688 2018-11-14] (McAfee, Inc. -> McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\\McCSPServiceHost.exe [2687856 2020-01-25] (McAfee, LLC. -> McAfee, LLC.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-08] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-08] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-08] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1737992 2020-02-06] (McAfee, LLC -> McAfee, LLC.) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1373912 2020-02-04] (McAfee, LLC. -> McAfee, LLC.) R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13580344 2020-08-10] (Adlice -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 MyWiFiDHCPDNS; "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AsusNumpadKbd; C:\Windows\System32\DriverStore\FileRepository\asusdigifilterkbd.inf_amd64_9b5cc622994eb818\AsusDigiFilter.sys [136960 2019-07-15] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R3 AsusNumpadPTP; C:\Windows\System32\DriverStore\FileRepository\asusdigifilter.inf_amd64_671193155b40a7dd\AsusDigiFilter.sys [136960 2019-07-15] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_9fc66d729fd502da\ASUSSystemAnalysis\ASUSSAIO.sys [30632 2020-01-16] (ASUSTek Computer Inc. -> ) R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\atkwmiacpi64.sys [36368 2019-03-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-15] (Microsoft Corporation) [Fichier non signé] R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75896 2020-01-15] (McAfee, Inc. -> McAfee, LLC) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [527272 2020-01-15] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [380840 2020-01-15] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85920 2020-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [521128 2020-01-15] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [997800 2020-01-15] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [594360 2019-12-23] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [107960 2019-12-23] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116856 2020-01-15] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252328 2020-01-15] (McAfee, Inc. -> McAfee, LLC) R1 MpKslf6d8c276; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BCBFBC02-F77C-4031-BBE7-E90816E4E9A8}\MpKslf6d8c276.sys [73952 2020-12-24] (Microsoft Windows -> Microsoft Corporation) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-12-24] (Adlice -> ) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [78216 2020-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [430320 2020-08-14] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-14] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-12-24 14:25 - 2020-12-24 14:25 - 000028296 _____ C:\Users\tgril\Desktop\FRST.txt 2020-12-24 14:25 - 2020-12-24 14:25 - 000000000 ____D C:\FRST 2020-12-24 14:24 - 2021-01-03 00:57 - 002286592 _____ (Farbar) C:\Users\tgril\Desktop\FRST64.exe 2020-12-24 14:24 - 2020-12-24 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-12-24 14:21 - 2020-08-16 14:57 - 000038032 _____ C:\Windows\system32\Drivers\truesight.sys 2020-12-24 14:21 - 2020-05-15 15:29 - 000000000 ____D C:\Users\tgril\.rainlendar2 2020-12-24 14:21 - 2020-04-16 10:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-12-24 14:21 - 2020-01-12 14:52 - 000000000 __SHD C:\Users\tgril\IntelGraphicsProfiles 2020-12-24 14:21 - 2020-01-12 13:32 - 000003746 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 2020-12-24 14:21 - 2019-06-29 10:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-12-24 14:21 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-19 19:19 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2020-12-19 19:19 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI 2020-12-19 19:00 - 2019-06-29 11:09 - 000758242 _____ C:\Windows\system32\perfh00C.dat 2020-12-19 19:00 - 2019-06-29 11:09 - 000142898 _____ C:\Windows\system32\perfc00C.dat 2020-12-19 19:00 - 2019-06-29 10:57 - 001681874 _____ C:\Windows\system32\PerfStringBackup.INI 2020-12-19 19:00 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF 2020-12-19 18:56 - 2020-01-12 14:49 - 000000000 ____D C:\Users\tgril 2020-12-19 18:56 - 2019-06-29 10:49 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-12-19 18:56 - 2019-03-19 05:37 - 000032768 _____ C:\Windows\system32\config\ELAM ==================== Fichiers à la racine de certains dossiers ======== 2020-08-15 23:15 - 2020-08-15 23:15 - 000007609 _____ () C:\Users\tgril\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================