Édité le 20 juillet 2022
Télécharger | Reposter | Largeur fixe

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2022
Exécuté par Papillon (administrateur) sur DESKTOP-VUBA9MI (ASUSTeK COMPUTER INC. X540LJ) (20-07-2022 14:17:22)
Exécuté depuis C:\Users\Papillon\Downloads
Profils chargés: Papillon
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1766 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTek Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTek Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <15>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1790_none_7df2aec07ca10e81\TiWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT-KB890830.exe [133315992 2018-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3624106685-2148480355-3158119356-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\Windows\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\91.1.10672.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6960.198\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\Papillon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 2540 series (Copie 1).lnk [2022-01-10]
BootExecute: autocheck autochk * icarus_rvrt.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {14DB6467-74FD-4E28-94BE-9825ED62B891} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18352 2019-08-19] (ASUSTek Computer Inc. -> AsusTek)
Task: {1ED8D1FC-8037-4002-8170-789D6D0F4D41} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {3A1DDDA2-5225-488B-B093-E9A12E45624F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {43CE0E49-664F-44F7-811A-D9BEE3E277EE} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {77DD84C5-72AE-4D46-A2CB-3B4C0AB5FA7F} - System32\Tasks\ASUS GIFTBOX Update Messenger => C:\Users\Papillon\AppData\Local\ASUS GIFTBOX Update Messenger\UpdateMessenger.exe [13984624 2022-05-03] (SweetLabs Inc -> SweetLabs, Inc)
Task: {96D9382F-CC6A-447F-B162-D7D2ACDC8166} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-03] (Google Inc -> Google Inc.)
Task: {A28E0E2B-B075-4E36-9B1D-CDEF9690BE7C} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {A5C62861-CE3F-40BE-8A1A-18C0C9D0DE75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {A9978BB9-2C0C-4AA4-A628-3A6E3FE38903} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {B0B2F7BE-58A1-4E09-8DF0-7ABE90D6F45C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {C264A35B-86C9-44E4-A9A9-D43890C6DA51} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {C2F6AE8B-9857-47BA-831C-5A0195595AAF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CE7A02D2-8E41-4A35-941D-6B113468E0FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-03] (Google Inc -> Google Inc.)
Task: {CF8844DE-822E-4DDA-A8EF-9652EC3CC6BF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {D2B0E3C4-3716-46C9-B07C-7295C23CE095} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {EA5DCC07-3208-4F90-B13C-8CB5169DE95D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [Fichier non signé]
Task: {EEAED544-E76C-4E1A-A3D1-9D5151E3EFCD} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{30f6c23b-ea79-40c9-805f-0812f974855e}: [DhcpNameServer] 172.16.0.11
Tcpip\..\Interfaces\{e587485e-d655-4c0e-b92c-1136ebecd043}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-3624106685-2148480355-3158119356-1001 -> hxxp://www.mylucky123.com/?type=hp&ts=1476278545&z=c460a0b81b9f1acbc5ff21bg6z9m3qfo9m6bdwezdo&from=che0812&uid=TOSHIBAXMQ01ABD100_35DCPI4BTXX35DCPI4BT
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Papillon\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-25]
Edge HomePage: Default -> hxxp://www.mylucky123.com/?type=hp&ts=1476278545&z=c460a0b81b9f1acbc5ff21bg6z9m3qfo9m6bdwezdo&from=che0812&uid=TOSHIBAXMQ01ABD100_35DCPI4BTXX35DCPI4BT
Edge StartupUrls: Default -> "hxxp://www.mylucky123.com/?type=hp&ts=1476278545&z=c460a0b81b9f1acbc5ff21bg6z9m3qfo9m6bdwezdo&from=che0812&uid=TOSHIBAXMQ01ABD100_35DCPI4BTXX35DCPI4BT"

FireFox:
========
FF DefaultProfile: 15hcd15y.default
FF ProfilePath: C:\Users\Papillon\AppData\Roaming\Mozilla\Firefox\Profiles\15hcd15y.default [2022-07-20]
FF Extension: (Avast Online Security) - C:\Users\Papillon\AppData\Roaming\Mozilla\Firefox\Profiles\15hcd15y.default\Extensions\wrc@avast.com.xpi [2020-04-17] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [Fichier non signé]

Chrome:
=======
CHR Profile: C:\Users\Papillon\AppData\Local\Google\Chrome\User Data\Default [2022-07-18]
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1475911478&from=fb081008&uid=toshibaxmq01abd100_35dcpi4btxx35dcpi4bt&z=7fe1f4819e24fe27e1a642ag7z1mcwbt5gag7z4m8z
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1475911478&from=fb081008&uid=toshibaxmq01abd100_35dcpi4btxx35dcpi4bt&z=7fe1f4819e24fe27e1a642ag7z1mcwbt5gag7z4m8z"
CHR NewTab: Default -> Not-active:"chrome-extension://mabloidgodmbnmnhoenmhlcjkfelomgp/stubby.html"
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds&ts=1475911478&from=fb081008&uid=toshibaxmq01abd100_35dcpi4btxx35dcpi4bt&z=7fe1f4819e24fe27e1a642ag7z1mcwbt5gag7z4m8z&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR Extension: (Avast Online Security & Privacy (BETA)) - C:\Users\Papillon\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2022-07-18]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Papillon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-07-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Papillon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-09]
CHR Extension: (EasyDocMerge) - C:\Users\Papillon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mabloidgodmbnmnhoenmhlcjkfelomgp [2020-06-16]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Papillon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Fichier non signé]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [313488 2015-06-12] (ASUSTeK Computer Inc. -> ASUS) [Fichier non signé]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-09] (HP Inc. -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [140032 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-03-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-07-20 14:13 - 2022-07-20 14:13 - 002369536 _____ (Farbar) C:\Users\Papillon\Downloads\FRST64(1).exe
2022-07-20 12:39 - 2022-07-20 12:39 - 000000000 ___HD C:\$WinREAgent
2022-07-20 11:05 - 2022-07-20 11:05 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-07-20 11:05 - 2022-07-20 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-07-20 11:05 - 2022-07-20 11:05 - 000000000 ____D C:\Program Files\VS Revo Group
2022-07-20 11:01 - 2022-07-20 11:02 - 007521232 _____ (VS Revo Group ) C:\Users\Papillon\Downloads\revosetup.exe
2022-07-20 10:57 - 2022-07-20 10:58 - 009688359 _____ C:\Users\Papillon\Downloads\RevoUninstaller_Portable.zip
2022-07-20 10:54 - 2022-07-20 10:54 - 000040054 _____ C:\Users\Papillon\Downloads\Attestation Vie Privée RAQVAM (dont RC).pdf
2022-07-20 10:53 - 2022-07-20 10:53 - 000068667 _____ C:\Users\Papillon\Downloads\ACCUSE_gites56_2022_5609014_N_1655940531.3707.pdf
2022-07-18 22:57 - 2022-07-18 23:03 - 000002432 _____ C:\Users\Papillon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-18 22:41 - 2022-07-18 22:48 - 000046113 _____ C:\Users\Papillon\Downloads\Addition.txt
2022-07-18 22:32 - 2022-07-20 14:26 - 000023581 _____ C:\Users\Papillon\Downloads\FRST.txt
2022-07-18 22:30 - 2022-07-20 14:24 - 000000000 ____D C:\FRST
2022-07-18 22:26 - 2022-07-18 22:27 - 002369536 _____ (Farbar) C:\Users\Papillon\Downloads\FRST64.exe
2022-07-18 16:39 - 2022-07-18 16:42 - 000000000 ____D C:\Users\Papillon\Downloads\CrystalDiskInfo8_17_4
2022-07-18 16:36 - 2022-07-18 16:37 - 006212021 _____ C:\Users\Papillon\Downloads\CrystalDiskInfo8_17_4.zip
2022-07-18 11:49 - 2022-07-18 11:49 - 000019307 _____ C:\Users\Papillon\Downloads\Gottleib Mark retours doraux Physique.odt
2022-07-16 11:15 - 2022-07-16 11:15 - 000011540 _____ C:\Users\Papillon\Downloads\TP physique bessiere.odt
2022-07-07 15:37 - 2022-07-07 15:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-06-28 15:47 - 2022-06-28 15:47 - 000017866 _____ C:\Users\Papillon\Downloads\Planning TP MPSI-MP-PC 22-23 V0 27_06_22.xlsx
2022-06-28 13:43 - 2022-06-28 13:43 - 000025048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw0c405027fae65223.tmp
2022-06-27 13:33 - 2022-06-27 13:33 - 000601040 _____ C:\Users\Papillon\Downloads\RDV 1er juillet.zip
2022-06-22 16:49 - 2022-06-22 16:49 - 000000000 ____D C:\Users\Papillon\.ms-ad

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-07-20 14:22 - 2016-05-03 19:38 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-20 14:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-20 14:03 - 2022-02-14 15:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-20 14:01 - 2016-11-23 12:03 - 000000000 ____D C:\Users\Papillon\AppData\LocalLow\Mozilla
2022-07-20 14:00 - 2016-07-22 13:48 - 000000000 ____D C:\Program Files\VideoLAN
2022-07-20 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-07-20 13:44 - 2016-05-19 21:06 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-07-20 13:40 - 2020-12-19 11:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-20 13:07 - 2016-07-20 18:22 - 000000000 ____D C:\Program Files (x86)\Steam
2022-07-20 13:01 - 2020-12-19 12:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-07-20 13:01 - 2016-01-11 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2022-07-20 13:01 - 2016-01-11 10:56 - 000000000 ____D C:\ProgramData\AVAST Software
2022-07-20 13:01 - 2016-01-11 10:56 - 000000000 ____D C:\Program Files\AVAST Software
2022-07-20 12:56 - 2020-07-28 17:11 - 000037200 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-07-20 12:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-20 11:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-20 11:56 - 2018-04-05 09:07 - 000000000 ____D C:\Users\Papillon\AppData\Local\AVAST Software
2022-07-20 11:47 - 2016-05-01 18:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-20 11:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-20 11:35 - 2016-05-01 18:09 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-20 10:51 - 2022-03-16 13:49 - 000000000 ____D C:\Users\Papillon\AppData\Local\ASUS GIFTBOX Update Messenger
2022-07-20 10:46 - 2016-05-01 08:32 - 000000165 _____ C:\Users\Papillon\AppData\Roaming\sp_data.sys
2022-07-20 10:36 - 2019-11-07 19:57 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2022-07-20 10:32 - 2016-10-06 19:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-20 10:32 - 2016-05-01 08:32 - 000000000 __SHD C:\Users\Papillon\IntelGraphicsProfiles
2022-07-19 23:26 - 2016-10-06 19:31 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-18 23:03 - 2021-12-14 00:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3624106685-2148480355-3158119356-1001
2022-07-18 23:03 - 2020-12-19 12:28 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3624106685-2148480355-3158119356-1001
2022-07-18 14:51 - 2020-12-19 12:28 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-07-18 14:50 - 2021-11-28 17:49 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-07-18 14:50 - 2021-11-28 17:49 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-07-18 10:04 - 2021-10-11 22:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-18 10:03 - 2016-11-23 12:02 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-16 11:41 - 2020-06-14 14:40 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-16 11:41 - 2020-06-14 14:40 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-16 11:00 - 2020-12-19 12:08 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-16 11:00 - 2019-12-07 16:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2022-07-16 11:00 - 2019-12-07 16:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2022-07-16 11:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-06 17:24 - 2018-06-12 22:36 - 000000000 ____D C:\Users\Papillon\AppData\Local\D3DSCache
2022-07-06 15:57 - 2017-11-13 22:25 - 000000000 ____D C:\Users\Papillon\AppData\Local\GeoGebra_6
2022-07-06 15:42 - 2018-07-03 15:17 - 000000000 ____D C:\Users\Papillon\AppData\Local\CrashDumps
2022-07-06 15:42 - 2016-11-23 12:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-25 16:00 - 2018-07-10 10:46 - 000000000 ____D C:\ProgramData\Packages
2022-06-22 16:49 - 2020-12-19 11:53 - 000000000 ____D C:\Users\Papillon
2022-06-22 16:48 - 2016-05-01 18:13 - 000000000 ____D C:\Users\Papillon\Desktop\Françoise
2022-06-21 21:24 - 2016-05-01 18:09 - 000000000 ____D C:\Users\Papillon\Desktop\Luc
2022-06-21 10:29 - 2020-12-19 12:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-21 10:29 - 2020-12-19 11:46 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-21 10:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-06-21 09:40 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-06-20 22:59 - 2020-12-19 11:46 - 000476424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-20 22:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-20 22:53 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing

==================== Fichiers à la racine de certains dossiers ========

2019-08-29 09:06 - 2019-08-29 09:06 - 020775120 _____ (monalbumphoto ) C:\ProgramData\monalbumphoto_setup.exe
2016-05-01 08:32 - 2022-07-20 10:46 - 000000165 _____ () C:\Users\Papillon\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.