Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2021
Exécuté par JEROME (administrateur) sur DESKTOP-1AU29OM (ASUSTeK COMPUTER INC. X751LD) (12-09-2021 19:41:44)
Exécuté depuis C:\Users\JEROME\Downloads
Profils chargés: JEROME
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [Fichier non signé] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 8\activation-service.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 8\architect.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [85928 2020-11-03] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2017-04-05] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3140608 2021-01-29] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3588608 2021-04-02] (Brother Industries, Ltd.) [Fichier non signé]
HKU\S-1-5-21-994322806-2999495729-4015586031-1001\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [4446656 2021-05-03] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-994322806-2999495729-4015586031-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49927816 2021-08-16] (Google LLC -> )
HKU\S-1-5-21-994322806-2999495729-4015586031-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-994322806-2999495729-4015586031-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\JEROME\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-994322806-2999495729-4015586031-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\JEROME\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-994322806-2999495729-4015586031-1001\...\RunOnce: [Uninstall 21.150.0725.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JEROME\AppData\Local\Microsoft\OneDrive\21.150.0725.0001"
HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2021-09-07] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iPSNotifier.lnk [2021-07-08]
ShortcutTarget: iPSNotifier.lnk -> C:\Program Files (x86)\Brother\iPrint&Scan\iPSNotifier.exe (Brother Industries, Ltd.) [Fichier non signé]
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0418AF47-E37C-48BD-871D-37DA6893427D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {05DEC033-B7F7-4682-901E-FF99BD92081F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7177168 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {131F0C59-F651-4876-A7ED-66450F28680C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {18C58A41-AFDD-42F7-9D26-6C3B07CE1DB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-01] (Google LLC -> Google LLC)
Task: {1F8558E4-4D30-48E1-BAC1-9B3468CA27C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3E6204B0-C056-4646-987C-47A70461C22E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {4EA7A394-7DA8-435E-9043-650D7E3DB2B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F42FCAE-59C0-40CD-80FE-476DA9A8F94F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {566CCA5E-01E9-46D4-9858-E02346922F20} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {6F3B556E-EBAF-4BA0-A8DA-5592956494A5} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {845BC00B-7F0F-47EF-A3A8-7B14284B4F40} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6189624 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {859831F5-93D7-4B3B-AC95-8F2A545952FC} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe [3422256 2021-09-02] (pdfforge GmbH -> pdfforge GmbH)
Task: {8967CD21-6A77-4275-83FA-30B0AD2B963D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {B20A8DB2-F412-41DD-80D9-8BDF5697CA92} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {B9B9D336-889D-49AE-BC7C-DD5B609621DB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C317330C-0915-431B-AFDF-906E896ECB39} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [Fichier non signé]
Task: {C5223AD1-7BD7-40A8-8020-3B7D7A9ADBD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D166F024-5D40-4A41-AC77-821207A8D72C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {D9E47B16-19B4-490B-8050-0EA872BAB61B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {E5CA14DE-8C38-4C89-803D-A87503E3C708} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {F2C8F117-F579-478F-A209-03203C1D6944} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-01] (Google LLC -> Google LLC)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2472c8d0-cc05-4cdb-aa6b-0f362bf0eff2}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => chemin non trouvé(e)
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => chemin non trouvé(e)
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => chemin non trouvé(e)
Edge DefaultProfile: Default
Edge Profile: C:\Users\JEROME\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-12]

FireFox:
========
FF DefaultProfile: l1ppori9.default
FF ProfilePath: C:\Users\JEROME\AppData\Roaming\Mozilla\Firefox\Profiles\l1ppori9.default [2021-07-18]
FF ProfilePath: C:\Users\JEROME\AppData\Roaming\Mozilla\Firefox\Profiles\rc07bzss.default-release [2021-09-02]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default [2021-09-12]
CHR Notifications: Default -> hxxps://captchaverifier.top
CHR NewTab: Default -> Active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=chrome&addonversion=3.4.0&method=topbar
CHR DefaultSearchKeyword: Default -> ecosia
CHR DefaultSuggestURL: Default -> hxxps://ac.ecosia.org/?q={searchTerms}&type=list&mkt=fr
CHR Extension: (Slides) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-01]
CHR Extension: (Docs) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-01]
CHR Extension: (Google Drive) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-01]
CHR Extension: (YouTube) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-01]
CHR Extension: (uBlock Origin) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-08-02]
CHR Extension: (Ecosia Search) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2021-09-05]
CHR Extension: (Sheets) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-01]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-07-06]
CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2021-08-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-01]
CHR Extension: (Gmail) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-01]
CHR Extension: (Chrome Media Router) - C:\Users\JEROME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-24]
CHR HKU\S-1-5-21-994322806-2999495729-4015586031-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [325600 2016-05-20] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [320000 2021-01-29] (Brother Industries, Ltd.) [Fichier non signé]
R2 PDF Architect 8; C:\Program Files\PDF Architect 8\activation-service.exe [2666032 2021-09-02] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628272 2021-09-02] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 8 Update Service; C:\Program Files\PDF Architect 8\update-service.exe [381488 2021-09-02] (pdfforge GmbH -> pdfforge GmbH)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14021976 2021-09-02] (ADLICE (ASCOET JULIEN) -> )
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2747312 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4583240 2020-04-26] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-03-01] (Microsoft) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-03-01] (Microsoft) [Fichier non signé]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKsl2a93fd56; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{50B2DB8C-0D11-4920-930C-B18FF2D30DB1}\MpKslDrv.sys [130296 2021-09-12] (Microsoft Windows -> Microsoft Corporation)
U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-09-06] (Adlice -> )
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-09-06] (Adlice -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-12 19:41 - 2021-09-12 19:44 - 000020618 _____ C:\Users\JEROME\Downloads\FRST.txt
2021-09-12 19:41 - 2021-09-12 19:43 - 000000000 ____D C:\FRST
2021-09-12 19:39 - 2021-09-12 19:39 - 002302976 _____ (Farbar) C:\Users\JEROME\Downloads\FRST64.exe
2021-09-07 19:28 - 2021-09-07 19:28 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-09-07 18:13 - 2021-09-07 18:14 - 000000000 ____D C:\Program Files\PDF Architect 8
2021-09-07 18:13 - 2021-09-07 18:13 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 8.lnk
2021-09-07 18:13 - 2021-09-07 18:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\pdfforge GmbH
2021-09-07 18:13 - 2021-09-07 18:13 - 000000000 ____D C:\Users\JEROME\Documents\PDF Architect
2021-09-07 18:13 - 2021-09-07 18:13 - 000000000 ____D C:\Program Files (x86)\PDF Architect 8
2021-09-06 20:33 - 2021-09-06 20:33 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys
2021-09-06 20:32 - 2021-09-06 20:32 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-09-06 20:32 - 2021-09-06 20:32 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-09-06 20:32 - 2021-09-06 20:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-09-06 20:32 - 2021-09-06 20:32 - 000000000 ____D C:\Program Files\RogueKiller
2021-09-06 20:30 - 2021-09-06 20:30 - 041898552 _____ (Adlice Software ) C:\Users\JEROME\Downloads\setup.exe
2021-09-06 20:24 - 2021-09-06 20:55 - 000000000 ____D C:\ProgramData\RogueKiller
2021-09-06 20:23 - 2021-09-06 20:23 - 041898552 _____ (Adlice Software ) C:\Users\JEROME\Downloads\RogueKiller_setup.exe
2021-09-05 07:29 - 2021-09-05 07:29 - 000000000 ____D C:\Users\JEROME\AppData\Roaming\NVIDIA
2021-09-05 07:28 - 2021-09-05 07:28 - 000000000 ____D C:\Users\JEROME\AppData\Roaming\LibreOffice
2021-09-05 07:22 - 2021-09-05 07:22 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 7.1.lnk
2021-09-05 07:22 - 2021-09-05 07:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1
2021-09-05 07:21 - 2021-09-05 07:22 - 000000000 ____D C:\Program Files\LibreOffice
2021-09-05 07:19 - 2021-09-05 07:20 - 329641984 _____ C:\Users\JEROME\Downloads\LibreOffice_7.1.5_Win_x64.msi
2021-09-02 20:09 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20210902-200940.backup
2021-08-29 08:23 - 2021-08-29 08:23 - 000066842 _____ C:\Users\JEROME\Downloads\WEBIR2021_23141_16389.pdf
2021-08-24 16:49 - 2021-08-24 16:49 - 000423394 _____ C:\Users\JEROME\Downloads\#FA1741710 382133.pdf
2021-08-24 07:07 - 2021-08-24 07:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-24 07:07 - 2021-08-24 07:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-24 07:07 - 2021-08-24 07:07 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-24 07:07 - 2021-08-24 07:07 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-24 07:06 - 2021-08-24 07:06 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-24 07:06 - 2021-08-24 07:06 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-24 07:05 - 2021-08-24 07:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-24 06:35 - 2021-08-24 06:35 - 000000000 ___HD C:\$WinREAgent
2021-08-17 09:09 - 2021-08-17 09:09 - 000130933 _____ C:\Users\JEROME\Downloads\G210814372.pdf
2021-08-17 09:09 - 2021-08-17 09:09 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2021-08-16 19:30 - 2021-08-19 15:28 - 000000000 ____D C:\Users\JEROME\AppData\Roaming\molotov
2021-08-16 19:30 - 2021-08-16 19:30 - 000002282 _____ C:\Users\JEROME\Desktop\Molotov.lnk
2021-08-16 19:30 - 2021-08-16 19:30 - 000000000 ____D C:\Users\JEROME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Molotov
2021-08-16 19:30 - 2021-08-16 19:30 - 000000000 ____D C:\Users\JEROME\AppData\Local\SquirrelTemp
2021-08-16 19:30 - 2021-08-16 19:30 - 000000000 ____D C:\Users\JEROME\AppData\Local\molotov
2021-08-16 19:28 - 2021-08-16 19:28 - 082890352 _____ (Molotov) C:\Users\JEROME\Downloads\MolotovSetup-4.4.4.exe

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-09-12 19:40 - 2021-07-01 18:59 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-12 18:49 - 2021-07-07 06:49 - 000000000 ____D C:\Program Files\CCleaner
2021-09-12 18:20 - 2021-07-18 19:44 - 000000000 ____D C:\Users\JEROME\AppData\Roaming\PDF Architect 8
2021-09-12 18:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-12 18:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-12 18:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-12 17:36 - 2021-07-01 19:00 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-12 17:21 - 2021-07-01 15:57 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-12 17:15 - 2021-07-01 16:16 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-994322806-2999495729-4015586031-1001
2021-09-12 17:15 - 2021-07-01 10:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-12 17:14 - 2021-07-01 16:01 - 000002420 _____ C:\Users\JEROME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-12 17:12 - 2021-07-20 21:07 - 000000000 ____D C:\Users\JEROME\AppData\Local\CrashDumps
2021-09-12 17:11 - 2021-07-07 21:09 - 000000164 _____ C:\Users\JEROME\AppData\Roaming\sp_data.sys
2021-09-12 17:11 - 2021-07-06 21:32 - 000000000 ___RD C:\Users\JEROME\Google Drive
2021-09-12 17:10 - 2021-07-01 11:32 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2021-09-12 17:07 - 2021-07-01 11:36 - 000000000 __SHD C:\Users\JEROME\IntelGraphicsProfiles
2021-09-12 17:07 - 2021-07-01 11:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-09-07 19:39 - 2021-07-01 11:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-07 19:25 - 2021-07-01 15:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-07 18:13 - 2021-07-18 19:44 - 000000841 _____ C:\Users\Public\Desktop\PDF Architect 8.lnk
2021-09-07 18:12 - 2021-07-18 19:43 - 000000000 ____D C:\ProgramData\PDF Architect 8
2021-09-05 20:10 - 2021-07-01 11:48 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-05 08:35 - 2021-07-24 09:49 - 000000000 ____D C:\ProgramData\TEMP
2021-09-05 07:28 - 2021-07-01 16:10 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-05 07:28 - 2019-12-07 16:49 - 000757852 _____ C:\WINDOWS\system32\perfh00C.dat
2021-09-05 07:28 - 2019-12-07 16:49 - 000142606 _____ C:\WINDOWS\system32\perfc00C.dat
2021-09-05 07:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-05 07:27 - 2021-07-01 11:39 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-09-05 07:25 - 2021-07-01 15:55 - 000635736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-05 07:24 - 2021-07-08 06:03 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-09-05 07:24 - 2021-07-01 16:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-05 07:24 - 2021-07-01 15:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-05 07:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-05 07:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-05 07:12 - 2021-07-01 20:05 - 000000000 ____D C:\Users\JEROME\AppData\Local\Adobe
2021-09-02 20:07 - 2021-07-08 06:03 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-08-26 17:57 - 2021-07-26 07:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-26 17:48 - 2021-07-01 19:06 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-26 17:46 - 2021-07-01 19:06 - 000000000 ____D C:\Users\JEROME\AppData\LocalLow\Mozilla
2021-08-24 07:34 - 2021-07-01 11:11 - 000000000 ____D C:\Users\JEROME\AppData\Local\Packages
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-24 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-24 07:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-24 07:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-23 07:02 - 2021-07-01 11:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-23 06:53 - 2021-07-01 11:45 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-19 20:38 - 2021-07-07 06:49 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-18 21:39 - 2021-07-01 18:35 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 21:39 - 2021-07-01 18:35 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d76e8265ae733e
2021-08-17 09:10 - 2021-07-06 21:29 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-08-17 09:10 - 2021-07-06 21:29 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-08-17 09:10 - 2021-07-06 21:29 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-08-17 09:10 - 2021-07-06 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-08-17 01:22 - 2021-07-01 11:48 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-17 01:22 - 2021-07-01 11:48 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Fichiers à la racine de certains dossiers ========

2021-07-07 21:09 - 2021-09-12 17:11 - 000000164 _____ () C:\Users\JEROME\AppData\Roaming\sp_data.sys
2021-07-19 19:21 - 2021-07-19 19:21 - 000007604 _____ () C:\Users\JEROME\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================