Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-08.2024
Exécuté par Arisoa (administrateur) sur MYSISTERSASUS (ASUSTeK COMPUTER INC. X450MJ) (12-08-2024 10:08:12)
Exécuté depuis C:\Users\Arisoa\Desktop\FRST64.exe
Profils chargés: Arisoa
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe <3>
(C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ->) (Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CompatTelRunner.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\A5881638-1328-438E-A97B-E0F45B810DE4\DismHost.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\Arisoa\AppData\Roaming\uTorrent\uTorrent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(explorer.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\XDM\jre\bin\javaw.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(explorer.exe ->) (Webroot) [Fichier non signé] C:\Users\Arisoa\AppData\Roaming\NTSystem\ntlhost.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.20617_none_faf6123cb423a35e\TiWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.4.3.612\ASUSWSLoader.exe [63928 2018-09-28] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe (Pas de fichier)
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui (Pas de fichier)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [418952 2016-02-10] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [700328 2017-01-06] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.) [Fichier non signé]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [uTorrent] => C:\Users\Arisoa\AppData\Roaming\uTorrent\uTorrent.exe [2262024 2024-07-16] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [XDM] => "C:\Program Files (x86)\XDM\jre\bin\javaw.exe" -Xmx1024m -jar "C:\Program Files (x86)\XDM\xdman.jar" -m [1465071 2018-03-04] () [Fichier non signé] [Fichier en cours d'utilisation]
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [CpuOptimizer] => C:\newcpuspeed\Cpufix.exe [937776 2015-09-18] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [Checkcpu] => C:\Windows\system32\cmd.exe /c start C:\newcpuspeed\Cpufix.exe "C:\newcpuspeed\cpuage.tnt" & exit (Pas de fichier)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [NTSystem] => C:\Users\Arisoa\AppData\Roaming\NTSystem\ntlhost.exe [833089320 2023-01-25] (Webroot) [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [ut] => C:\Users\Arisoa\AppData\Roaming\uTorrent\uTorrent.exe [2262024 2024-07-16] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [Microsoft Edge Update] => C:\Users\Arisoa\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateCore.exe [268232 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: []
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\MountPoints2: {728feafc-b8fe-11ec-8285-1c872ca754d5} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\MountPoints2: {82c9683e-3dca-11ef-8294-28c2dd54a930} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2024-08-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{1D88D7CA-E498-40F4-A12D-ABDFFE4CAA4F}] -> C:\Program Files (x86)\WildTangent Games\App\NativeUserProxy.exe [2015-02-09] (WildTangent Inc -> )
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
Startup: C:\Users\Arisoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USBfichier.Vbs [2023-11-06] () [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {A1E9B86D-74B5-4273-A5DD-AEC89C74FDC6} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2997528 2014-11-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CB9A9D1D-FAB5-41AF-A18D-A69E543911F4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2997528 2014-11-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {15BEA9AC-63C3-4746-AD4D-E3FF7BD0FB7C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-12-16] (ASUSTeK Computer Inc. -> AsusTek)
Task: {CC32032E-8791-453D-B2A5-A194E20B408A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [62536 2014-09-11] (ASUSTeK Computer Inc. -> ASUS)
Task: {379E2DD7-F694-476B-85A8-C8E012C9C681} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19853392 2014-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9EE072A7-9208-48CB-9415-2A708510A52B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1606784 2015-03-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {DFB52676-090D-4E82-B5DE-700136EB13C6} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [120632 2014-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {18ED53C2-F4C7-44AA-935A-0564E08A4048} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2024-08-12] (Avast Software s.r.o. -> Avast Software)
Task: {C7609FD0-C204-4507-832C-AA243A7CE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
Task: {A5EBEE17-4946-49BE-8B6A-80A96CC69927} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
Task: {6DA02C99-8DD7-4AA4-BC3A-B6DBF32D8525} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F8D23E2-68C5-4404-AEF8-445610685134} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {708F43CB-ECC9-4123-BA76-229216609929} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5D30629-ACB3-4784-ABDF-BDCD35926B05} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {583C35F6-7D5F-48C2-A972-6227A578281A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168920 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EF872AB-17CA-44AA-8FC1-62F24909A370} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [194135240 2024-08-12] (Microsoft Windows -> Microsoft Corporation) -> C:\Windows\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
Task: {CBB5A485-FE66-48D6-B4A9-D717E974EAA5} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001Core{FC95BB70-4422-4292-954E-9EE46E55507D} => C:\Users\Arisoa\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206280 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8EB8824-95C9-4DC8-90DE-C65927B9FEA8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001UA{C1176DB8-AE9D-484F-83D6-9CD53760EBBF} => C:\Users\Arisoa\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206280 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F04782D4-CE5D-4F4B-9B23-FF2068BB7F28} - System32\Tasks\Opera scheduled assistant Autoupdate 1546954982 => C:\Users\Arisoa\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Arisoa\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1284FDAE-7C8B-4AB8-9D7E-A3F0F39D6D43} - System32\Tasks\Opera scheduled Autoupdate 1546954970 => C:\Users\Arisoa\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {861BFAC6-AABF-47DF-A3D9-F779E75AE552} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13872856 2014-12-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5A6C2A71-FAB7-494F-9B9C-BD420963652F} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [12288 2014-11-03] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 196.192.32.5 41.188.9.130
Tcpip\..\Interfaces\{8AFBA3E1-7750-4D5A-8055-57AE66F79BD8}: [DhcpNameServer] 196.192.32.5 41.188.9.130
Tcpip\..\Interfaces\{BC1BD932-CA6B-4845-8FD6-12002706DBEB}: [DhcpNameServer] 172.50.1.5
Tcpip\..\Interfaces\{BC1BD932-CA6B-4845-8FD6-12002706DBEB}: [DhcpDomain] CSC_Asus_1
Edge:
=======
Edge Profile: C:\Users\Arisoa\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-20]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default [2024-08-12]
CHR Notifications: Default -> hxxps://btp-cours.com; hxxps://hero-wars.com
CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb178?a=6R8CeQJytv&i=26"
CHR NewTab: Default -> Not-active:"chrome-extension://kgmkoajcbbjaobdbmcnhkppmpnejjpkn/redirect.html", Active:"chrome-extension://ifkajkofhfehgooohbbgajkckiljocjk/ntp.html"
CHR DefaultSearchURL: Default -> hxxps://search.medianewpagesearch.com/?src=MediaNewPage_ds&q={searchTerms}
CHR DefaultSearchKeyword: Default -> keyword.MediaNewPage
CHR Extension: (Avast SafePrice) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2024-08-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-11]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-08-11]
CHR Extension: (FreeDirectionsOnline) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifkajkofhfehgooohbbgajkckiljocjk [2019-07-30]
CHR Extension: (MediaNewPage) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmkoajcbbjaobdbmcnhkppmpnejjpkn [2021-04-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-28]
CHR Profile: C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-12]
CHR Extension: (Avast SafePrice) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2024-08-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-12]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-08-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-08-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Opera:
=======
OPR Profile: C:\Users\Arisoa\AppData\Roaming\Opera Software\Opera Stable [2019-01-31]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1290744 2017-01-06] (Autodesk, Inc -> Autodesk Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent Inc -> WildTangent)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-12-16] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; pas de ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-08-12 10:08 - 2024-08-12 10:10 - 000026407 _____ C:\Users\Arisoa\Desktop\FRST.txt
2024-08-12 10:06 - 2024-08-12 10:09 - 000000000 ____D C:\FRST
2024-08-12 10:02 - 2024-08-12 10:04 - 002397184 _____ (Farbar) C:\Users\Arisoa\Desktop\FRST64.exe
2024-08-11 15:49 - 2024-08-11 15:49 - 000000000 ____D C:\Users\Arisoa\AppData\LocalLow\uTorrent.WebView2
2024-08-11 15:47 - 2024-08-11 15:47 - 000003766 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001UA{C1176DB8-AE9D-484F-83D6-9CD53760EBBF}
2024-08-11 15:47 - 2024-08-11 15:47 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001Core{FC95BB70-4422-4292-954E-9EE46E55507D}
2024-08-11 10:19 - 2024-08-11 10:19 - 000002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-08-12 10:12 - 2019-01-08 16:40 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\uTorrent
2024-08-12 09:51 - 2018-12-03 15:32 - 000000000 ____D C:\Program Files (x86)\Google
2024-08-12 09:43 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\NDF
2024-08-12 09:39 - 2018-07-12 13:21 - 000000126 _____ C:\Users\Arisoa\AppData\Roaming\sp_data.sys
2024-08-12 09:36 - 2018-07-12 13:23 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-606715473-1859003447-805624583-1001
2024-08-12 09:35 - 2015-04-11 15:36 - 000791436 _____ C:\Windows\system32\perfh013.dat
2024-08-12 09:35 - 2015-04-11 15:36 - 000159242 _____ C:\Windows\system32\perfc013.dat
2024-08-12 09:35 - 2015-04-11 15:24 - 000787354 _____ C:\Windows\system32\perfh010.dat
2024-08-12 09:35 - 2015-04-11 15:24 - 000153332 _____ C:\Windows\system32\perfc010.dat
2024-08-12 09:35 - 2015-04-11 15:12 - 000806842 _____ C:\Windows\system32\perfh00C.dat
2024-08-12 09:35 - 2015-04-11 15:12 - 000156662 _____ C:\Windows\system32\perfc00C.dat
2024-08-12 09:35 - 2015-04-11 15:00 - 000748044 _____ C:\Windows\system32\perfh007.dat
2024-08-12 09:35 - 2015-04-11 15:00 - 000156138 _____ C:\Windows\system32\perfc007.dat
2024-08-12 09:35 - 2014-11-22 04:01 - 004612652 _____ C:\Windows\system32\PerfStringBackup.INI
2024-08-12 09:35 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf
2024-08-12 09:31 - 2019-01-31 09:36 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-08-12 09:27 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-08-12 09:27 - 2013-08-22 17:44 - 000559544 _____ C:\Windows\system32\FNTCACHE.DAT
2024-08-12 09:24 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ___RD C:\Windows\ToastData
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\setup
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Windows Defender
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\System
2024-08-12 09:19 - 2019-03-14 09:04 - 000000000 ____D C:\Windows\system32\MRT
2024-08-12 09:13 - 2019-03-14 09:03 - 194135240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-08-12 09:13 - 2013-08-22 18:20 - 000000000 ____D C:\Windows\CbsTemp
2024-08-11 17:25 - 2021-04-28 09:43 - 000000000 ____D C:\Users\Arisoa\AppData\Local\BitTorrentHelper
2024-08-11 10:30 - 2021-08-08 21:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-11 10:30 - 2021-08-08 21:33 - 000002208 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-08-11 10:22 - 2019-01-30 20:39 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-11 10:22 - 2013-08-22 18:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-11 10:22 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-08-11 09:59 - 2018-12-11 17:30 - 000003474 _____ C:\Windows\system32\Tasks\ASUS Live Update1
2024-08-11 09:59 - 2015-11-25 21:57 - 000003464 _____ C:\Windows\system32\Tasks\ASUS Live Update2
2024-08-11 09:53 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2024-08-11 09:46 - 2021-08-08 21:32 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-08-11 09:46 - 2021-08-08 21:32 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-08-11 09:46 - 2018-12-03 15:32 - 000003798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2024-08-11 09:46 - 2018-12-03 15:32 - 000003670 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2024-08-11 09:46 - 2018-07-21 21:41 - 000000000 ____D C:\Users\Arisoa\AppData\Local\CrashDumps
2024-08-09 22:40 - 2018-07-12 13:41 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\vlc
2024-08-07 14:00 - 2019-01-30 22:08 - 000000000 ____D C:\Users\Arisoa\AppData\Local\MSfree Inc
2024-08-07 13:59 - 2022-12-26 18:40 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\kmsauto
2024-07-28 18:12 - 2018-07-15 12:06 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\Microsoft\Excel
2024-07-28 18:12 - 2018-07-12 13:17 - 000000000 ____D C:\Users\Arisoa\AppData\Local\Packages
==================== Fichiers à la racine de certains dossiers ========
2023-01-25 18:46 - 2023-01-25 18:46 - 004714280 _____ (Webroot) C:\ProgramData\10892099165880608879.exe
2018-07-12 13:21 - 2024-08-12 09:39 - 000000126 _____ () C:\Users\Arisoa\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2024-04-18 14:11
==================== Fin de FRST.txt ========================
Exécuté par Arisoa (administrateur) sur MYSISTERSASUS (ASUSTeK COMPUTER INC. X450MJ) (12-08-2024 10:08:12)
Exécuté depuis C:\Users\Arisoa\Desktop\FRST64.exe
Profils chargés: Arisoa
Plate-forme: Microsoft Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe <3>
(C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ->) (Qualcomm Atheros -> ) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CompatTelRunner.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\A5881638-1328-438E-A97B-E0F45B810DE4\DismHost.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\Arisoa\AppData\Roaming\uTorrent\uTorrent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(explorer.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\XDM\jre\bin\javaw.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(explorer.exe ->) (Webroot) [Fichier non signé] C:\Users\Arisoa\AppData\Roaming\NTSystem\ntlhost.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Atheros) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(services.exe ->) (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.20617_none_faf6123cb423a35e\TiWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.4.3.612\ASUSWSLoader.exe [63928 2018-09-28] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Pas de fichier)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe (Pas de fichier)
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui (Pas de fichier)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [418952 2016-02-10] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [700328 2017-01-06] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.) [Fichier non signé]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [uTorrent] => C:\Users\Arisoa\AppData\Roaming\uTorrent\uTorrent.exe [2262024 2024-07-16] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [XDM] => "C:\Program Files (x86)\XDM\jre\bin\javaw.exe" -Xmx1024m -jar "C:\Program Files (x86)\XDM\xdman.jar" -m [1465071 2018-03-04] () [Fichier non signé] [Fichier en cours d'utilisation]
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [CpuOptimizer] => C:\newcpuspeed\Cpufix.exe [937776 2015-09-18] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [Checkcpu] => C:\Windows\system32\cmd.exe /c start C:\newcpuspeed\Cpufix.exe "C:\newcpuspeed\cpuage.tnt" & exit (Pas de fichier)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [NTSystem] => C:\Users\Arisoa\AppData\Roaming\NTSystem\ntlhost.exe [833089320 2023-01-25] (Webroot) [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [ut] => C:\Users\Arisoa\AppData\Roaming\uTorrent\uTorrent.exe [2262024 2024-07-16] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Run: [Microsoft Edge Update] => C:\Users\Arisoa\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateCore.exe [268232 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: []
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\MountPoints2: {728feafc-b8fe-11ec-8285-1c872ca754d5} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-606715473-1859003447-805624583-1001\...\MountPoints2: {82c9683e-3dca-11ef-8294-28c2dd54a930} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2024-08-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{1D88D7CA-E498-40F4-A12D-ABDFFE4CAA4F}] -> C:\Program Files (x86)\WildTangent Games\App\NativeUserProxy.exe [2015-02-09] (WildTangent Inc -> )
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
Startup: C:\Users\Arisoa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USBfichier.Vbs [2023-11-06] () [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {A1E9B86D-74B5-4273-A5DD-AEC89C74FDC6} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2997528 2014-11-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CB9A9D1D-FAB5-41AF-A18D-A69E543911F4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2997528 2014-11-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {15BEA9AC-63C3-4746-AD4D-E3FF7BD0FB7C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-12-16] (ASUSTeK Computer Inc. -> AsusTek)
Task: {CC32032E-8791-453D-B2A5-A194E20B408A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [62536 2014-09-11] (ASUSTeK Computer Inc. -> ASUS)
Task: {379E2DD7-F694-476B-85A8-C8E012C9C681} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19853392 2014-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9EE072A7-9208-48CB-9415-2A708510A52B} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1606784 2015-03-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {DFB52676-090D-4E82-B5DE-700136EB13C6} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [120632 2014-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {18ED53C2-F4C7-44AA-935A-0564E08A4048} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2024-08-12] (Avast Software s.r.o. -> Avast Software)
Task: {C7609FD0-C204-4507-832C-AA243A7CE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
Task: {A5EBEE17-4946-49BE-8B6A-80A96CC69927} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
Task: {6DA02C99-8DD7-4AA4-BC3A-B6DBF32D8525} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F8D23E2-68C5-4404-AEF8-445610685134} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {708F43CB-ECC9-4123-BA76-229216609929} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5D30629-ACB3-4784-ABDF-BDCD35926B05} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {583C35F6-7D5F-48C2-A972-6227A578281A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168920 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EF872AB-17CA-44AA-8FC1-62F24909A370} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [194135240 2024-08-12] (Microsoft Windows -> Microsoft Corporation) -> C:\Windows\system32\/EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
Task: {CBB5A485-FE66-48D6-B4A9-D717E974EAA5} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001Core{FC95BB70-4422-4292-954E-9EE46E55507D} => C:\Users\Arisoa\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206280 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8EB8824-95C9-4DC8-90DE-C65927B9FEA8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001UA{C1176DB8-AE9D-484F-83D6-9CD53760EBBF} => C:\Users\Arisoa\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206280 2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F04782D4-CE5D-4F4B-9B23-FF2068BB7F28} - System32\Tasks\Opera scheduled assistant Autoupdate 1546954982 => C:\Users\Arisoa\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Arisoa\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1284FDAE-7C8B-4AB8-9D7E-A3F0F39D6D43} - System32\Tasks\Opera scheduled Autoupdate 1546954970 => C:\Users\Arisoa\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {861BFAC6-AABF-47DF-A3D9-F779E75AE552} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13872856 2014-12-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5A6C2A71-FAB7-494F-9B9C-BD420963652F} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [12288 2014-11-03] () [Fichier non signé]
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 196.192.32.5 41.188.9.130
Tcpip\..\Interfaces\{8AFBA3E1-7750-4D5A-8055-57AE66F79BD8}: [DhcpNameServer] 196.192.32.5 41.188.9.130
Tcpip\..\Interfaces\{BC1BD932-CA6B-4845-8FD6-12002706DBEB}: [DhcpNameServer] 172.50.1.5
Tcpip\..\Interfaces\{BC1BD932-CA6B-4845-8FD6-12002706DBEB}: [DhcpDomain] CSC_Asus_1
Edge:
=======
Edge Profile: C:\Users\Arisoa\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-20]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-08-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default [2024-08-12]
CHR Notifications: Default -> hxxps://btp-cours.com; hxxps://hero-wars.com
CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb178?a=6R8CeQJytv&i=26"
CHR NewTab: Default -> Not-active:"chrome-extension://kgmkoajcbbjaobdbmcnhkppmpnejjpkn/redirect.html", Active:"chrome-extension://ifkajkofhfehgooohbbgajkckiljocjk/ntp.html"
CHR DefaultSearchURL: Default -> hxxps://search.medianewpagesearch.com/?src=MediaNewPage_ds&q={searchTerms}
CHR DefaultSearchKeyword: Default -> keyword.MediaNewPage
CHR Extension: (Avast SafePrice) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2024-08-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-11]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-08-11]
CHR Extension: (FreeDirectionsOnline) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifkajkofhfehgooohbbgajkckiljocjk [2019-07-30]
CHR Extension: (MediaNewPage) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmkoajcbbjaobdbmcnhkppmpnejjpkn [2021-04-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-28]
CHR Profile: C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-12]
CHR Extension: (Avast SafePrice) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2024-08-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-12]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-08-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Arisoa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-08-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Opera:
=======
OPR Profile: C:\Users\Arisoa\AppData\Roaming\Opera Software\Opera Stable [2019-01-31]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1290744 2017-01-06] (Autodesk, Inc -> Autodesk Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent Inc -> WildTangent)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-03] (Google Inc -> Google Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-12-16] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; pas de ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-08-12 10:08 - 2024-08-12 10:10 - 000026407 _____ C:\Users\Arisoa\Desktop\FRST.txt
2024-08-12 10:06 - 2024-08-12 10:09 - 000000000 ____D C:\FRST
2024-08-12 10:02 - 2024-08-12 10:04 - 002397184 _____ (Farbar) C:\Users\Arisoa\Desktop\FRST64.exe
2024-08-11 15:49 - 2024-08-11 15:49 - 000000000 ____D C:\Users\Arisoa\AppData\LocalLow\uTorrent.WebView2
2024-08-11 15:47 - 2024-08-11 15:47 - 000003766 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001UA{C1176DB8-AE9D-484F-83D6-9CD53760EBBF}
2024-08-11 15:47 - 2024-08-11 15:47 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-606715473-1859003447-805624583-1001Core{FC95BB70-4422-4292-954E-9EE46E55507D}
2024-08-11 10:19 - 2024-08-11 10:19 - 000002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-08-12 10:12 - 2019-01-08 16:40 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\uTorrent
2024-08-12 09:51 - 2018-12-03 15:32 - 000000000 ____D C:\Program Files (x86)\Google
2024-08-12 09:43 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\NDF
2024-08-12 09:39 - 2018-07-12 13:21 - 000000126 _____ C:\Users\Arisoa\AppData\Roaming\sp_data.sys
2024-08-12 09:36 - 2018-07-12 13:23 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-606715473-1859003447-805624583-1001
2024-08-12 09:35 - 2015-04-11 15:36 - 000791436 _____ C:\Windows\system32\perfh013.dat
2024-08-12 09:35 - 2015-04-11 15:36 - 000159242 _____ C:\Windows\system32\perfc013.dat
2024-08-12 09:35 - 2015-04-11 15:24 - 000787354 _____ C:\Windows\system32\perfh010.dat
2024-08-12 09:35 - 2015-04-11 15:24 - 000153332 _____ C:\Windows\system32\perfc010.dat
2024-08-12 09:35 - 2015-04-11 15:12 - 000806842 _____ C:\Windows\system32\perfh00C.dat
2024-08-12 09:35 - 2015-04-11 15:12 - 000156662 _____ C:\Windows\system32\perfc00C.dat
2024-08-12 09:35 - 2015-04-11 15:00 - 000748044 _____ C:\Windows\system32\perfh007.dat
2024-08-12 09:35 - 2015-04-11 15:00 - 000156138 _____ C:\Windows\system32\perfc007.dat
2024-08-12 09:35 - 2014-11-22 04:01 - 004612652 _____ C:\Windows\system32\PerfStringBackup.INI
2024-08-12 09:35 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf
2024-08-12 09:31 - 2019-01-31 09:36 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-08-12 09:27 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-08-12 09:27 - 2013-08-22 17:44 - 000559544 _____ C:\Windows\system32\FNTCACHE.DAT
2024-08-12 09:24 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ___RD C:\Windows\ToastData
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\setup
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Windows Defender
2024-08-12 09:20 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\System
2024-08-12 09:19 - 2019-03-14 09:04 - 000000000 ____D C:\Windows\system32\MRT
2024-08-12 09:13 - 2019-03-14 09:03 - 194135240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-08-12 09:13 - 2013-08-22 18:20 - 000000000 ____D C:\Windows\CbsTemp
2024-08-11 17:25 - 2021-04-28 09:43 - 000000000 ____D C:\Users\Arisoa\AppData\Local\BitTorrentHelper
2024-08-11 10:30 - 2021-08-08 21:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-11 10:30 - 2021-08-08 21:33 - 000002208 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-08-11 10:22 - 2019-01-30 20:39 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-11 10:22 - 2013-08-22 18:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-11 10:22 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-08-11 09:59 - 2018-12-11 17:30 - 000003474 _____ C:\Windows\system32\Tasks\ASUS Live Update1
2024-08-11 09:59 - 2015-11-25 21:57 - 000003464 _____ C:\Windows\system32\Tasks\ASUS Live Update2
2024-08-11 09:53 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2024-08-11 09:46 - 2021-08-08 21:32 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-08-11 09:46 - 2021-08-08 21:32 - 000003462 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-08-11 09:46 - 2018-12-03 15:32 - 000003798 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2024-08-11 09:46 - 2018-12-03 15:32 - 000003670 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2024-08-11 09:46 - 2018-07-21 21:41 - 000000000 ____D C:\Users\Arisoa\AppData\Local\CrashDumps
2024-08-09 22:40 - 2018-07-12 13:41 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\vlc
2024-08-07 14:00 - 2019-01-30 22:08 - 000000000 ____D C:\Users\Arisoa\AppData\Local\MSfree Inc
2024-08-07 13:59 - 2022-12-26 18:40 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\kmsauto
2024-07-28 18:12 - 2018-07-15 12:06 - 000000000 ____D C:\Users\Arisoa\AppData\Roaming\Microsoft\Excel
2024-07-28 18:12 - 2018-07-12 13:17 - 000000000 ____D C:\Users\Arisoa\AppData\Local\Packages
==================== Fichiers à la racine de certains dossiers ========
2023-01-25 18:46 - 2023-01-25 18:46 - 004714280 _____ (Webroot) C:\ProgramData\10892099165880608879.exe
2018-07-12 13:21 - 2024-08-12 09:39 - 000000126 _____ () C:\Users\Arisoa\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2024-04-18 14:11
==================== Fin de FRST.txt ========================